Date
May 13, 2025, 12:07 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 21.562556] ================================================================== [ 21.562892] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 21.562968] Write of size 8 at addr fff00000c4035148 by task kunit_try_catch/261 [ 21.563066] [ 21.563106] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT [ 21.563330] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.563363] Hardware name: linux,dummy-virt (DT) [ 21.563402] Call trace: [ 21.563463] show_stack+0x20/0x38 (C) [ 21.563577] dump_stack_lvl+0x8c/0xd0 [ 21.563644] print_report+0x118/0x608 [ 21.563759] kasan_report+0xdc/0x128 [ 21.563862] kasan_check_range+0x100/0x1a8 [ 21.563998] __kasan_check_write+0x20/0x30 [ 21.564056] kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 21.564114] kasan_bitops_generic+0x110/0x1c8 [ 21.564531] kunit_try_run_case+0x170/0x3f0 [ 21.564593] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.564953] kthread+0x328/0x630 [ 21.565067] ret_from_fork+0x10/0x20 [ 21.565193] [ 21.565234] Allocated by task 261: [ 21.565276] kasan_save_stack+0x3c/0x68 [ 21.565412] kasan_save_track+0x20/0x40 [ 21.565461] kasan_save_alloc_info+0x40/0x58 [ 21.565507] __kasan_kmalloc+0xd4/0xd8 [ 21.565551] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.565598] kasan_bitops_generic+0xa0/0x1c8 [ 21.565645] kunit_try_run_case+0x170/0x3f0 [ 21.565706] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.565760] kthread+0x328/0x630 [ 21.565823] ret_from_fork+0x10/0x20 [ 21.565902] [ 21.565933] The buggy address belongs to the object at fff00000c4035140 [ 21.565933] which belongs to the cache kmalloc-16 of size 16 [ 21.566021] The buggy address is located 8 bytes inside of [ 21.566021] allocated 9-byte region [fff00000c4035140, fff00000c4035149) [ 21.566094] [ 21.566121] The buggy address belongs to the physical page: [ 21.566160] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104035 [ 21.566492] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.566568] page_type: f5(slab) [ 21.567555] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.568145] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.568225] page dumped because: kasan: bad access detected [ 21.568269] [ 21.568311] Memory state around the buggy address: [ 21.568364] fff00000c4035000: 00 02 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 21.568432] fff00000c4035080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.568484] >fff00000c4035100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.568528] ^ [ 21.568572] fff00000c4035180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.568628] fff00000c4035200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.568672] ================================================================== [ 21.569740] ================================================================== [ 21.569838] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 21.569921] Read of size 8 at addr fff00000c4035148 by task kunit_try_catch/261 [ 21.570177] [ 21.570474] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT [ 21.570871] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.570912] Hardware name: linux,dummy-virt (DT) [ 21.571079] Call trace: [ 21.571128] show_stack+0x20/0x38 (C) [ 21.571202] dump_stack_lvl+0x8c/0xd0 [ 21.571258] print_report+0x118/0x608 [ 21.571314] kasan_report+0xdc/0x128 [ 21.571809] __asan_report_load8_noabort+0x20/0x30 [ 21.571996] kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 21.572170] kasan_bitops_generic+0x110/0x1c8 [ 21.572377] kunit_try_run_case+0x170/0x3f0 [ 21.572573] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.572645] kthread+0x328/0x630 [ 21.572864] ret_from_fork+0x10/0x20 [ 21.573164] [ 21.573258] Allocated by task 261: [ 21.573394] kasan_save_stack+0x3c/0x68 [ 21.573606] kasan_save_track+0x20/0x40 [ 21.573667] kasan_save_alloc_info+0x40/0x58 [ 21.574087] __kasan_kmalloc+0xd4/0xd8 [ 21.574267] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.574339] kasan_bitops_generic+0xa0/0x1c8 [ 21.574543] kunit_try_run_case+0x170/0x3f0 [ 21.574606] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.574849] kthread+0x328/0x630 [ 21.574949] ret_from_fork+0x10/0x20 [ 21.575103] [ 21.575131] The buggy address belongs to the object at fff00000c4035140 [ 21.575131] which belongs to the cache kmalloc-16 of size 16 [ 21.575201] The buggy address is located 8 bytes inside of [ 21.575201] allocated 9-byte region [fff00000c4035140, fff00000c4035149) [ 21.575432] [ 21.575468] The buggy address belongs to the physical page: [ 21.575727] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104035 [ 21.575941] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.576168] page_type: f5(slab) [ 21.576253] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.576317] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.576669] page dumped because: kasan: bad access detected [ 21.576978] [ 21.577016] Memory state around the buggy address: [ 21.577071] fff00000c4035000: 00 02 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 21.577312] fff00000c4035080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.577585] >fff00000c4035100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.577693] ^ [ 21.577754] fff00000c4035180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.578027] fff00000c4035200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.578206] ================================================================== [ 21.535510] ================================================================== [ 21.535592] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 21.535668] Write of size 8 at addr fff00000c4035148 by task kunit_try_catch/261 [ 21.535727] [ 21.535771] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT [ 21.535870] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.535902] Hardware name: linux,dummy-virt (DT) [ 21.535941] Call trace: [ 21.535987] show_stack+0x20/0x38 (C) [ 21.536053] dump_stack_lvl+0x8c/0xd0 [ 21.536111] print_report+0x118/0x608 [ 21.536164] kasan_report+0xdc/0x128 [ 21.536217] kasan_check_range+0x100/0x1a8 [ 21.536270] __kasan_check_write+0x20/0x30 [ 21.536326] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 21.536385] kasan_bitops_generic+0x110/0x1c8 [ 21.536439] kunit_try_run_case+0x170/0x3f0 [ 21.536488] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.536544] kthread+0x328/0x630 [ 21.536594] ret_from_fork+0x10/0x20 [ 21.536648] [ 21.536671] Allocated by task 261: [ 21.536705] kasan_save_stack+0x3c/0x68 [ 21.536754] kasan_save_track+0x20/0x40 [ 21.536796] kasan_save_alloc_info+0x40/0x58 [ 21.537379] __kasan_kmalloc+0xd4/0xd8 [ 21.537507] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.537617] kasan_bitops_generic+0xa0/0x1c8 [ 21.537748] kunit_try_run_case+0x170/0x3f0 [ 21.537929] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.538038] kthread+0x328/0x630 [ 21.538155] ret_from_fork+0x10/0x20 [ 21.538270] [ 21.538343] The buggy address belongs to the object at fff00000c4035140 [ 21.538343] which belongs to the cache kmalloc-16 of size 16 [ 21.538663] The buggy address is located 8 bytes inside of [ 21.538663] allocated 9-byte region [fff00000c4035140, fff00000c4035149) [ 21.538775] [ 21.538806] The buggy address belongs to the physical page: [ 21.538848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104035 [ 21.539225] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.539486] page_type: f5(slab) [ 21.539564] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.539630] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.539866] page dumped because: kasan: bad access detected [ 21.539963] [ 21.540059] Memory state around the buggy address: [ 21.540114] fff00000c4035000: 00 02 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 21.540218] fff00000c4035080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.540306] >fff00000c4035100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.540356] ^ [ 21.540402] fff00000c4035180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.540742] fff00000c4035200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.540821] ================================================================== [ 21.485671] ================================================================== [ 21.485997] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 21.486242] Write of size 8 at addr fff00000c4035148 by task kunit_try_catch/261 [ 21.486307] [ 21.486415] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT [ 21.486526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.486897] Hardware name: linux,dummy-virt (DT) [ 21.486948] Call trace: [ 21.487054] show_stack+0x20/0x38 (C) [ 21.487130] dump_stack_lvl+0x8c/0xd0 [ 21.487191] print_report+0x118/0x608 [ 21.487259] kasan_report+0xdc/0x128 [ 21.487314] kasan_check_range+0x100/0x1a8 [ 21.487371] __kasan_check_write+0x20/0x30 [ 21.488107] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 21.488295] kasan_bitops_generic+0x110/0x1c8 [ 21.488400] kunit_try_run_case+0x170/0x3f0 [ 21.488758] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.488842] kthread+0x328/0x630 [ 21.488936] ret_from_fork+0x10/0x20 [ 21.489025] [ 21.489072] Allocated by task 261: [ 21.489305] kasan_save_stack+0x3c/0x68 [ 21.489582] kasan_save_track+0x20/0x40 [ 21.489951] kasan_save_alloc_info+0x40/0x58 [ 21.490116] __kasan_kmalloc+0xd4/0xd8 [ 21.490252] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.490314] kasan_bitops_generic+0xa0/0x1c8 [ 21.490633] kunit_try_run_case+0x170/0x3f0 [ 21.490759] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.490827] kthread+0x328/0x630 [ 21.490934] ret_from_fork+0x10/0x20 [ 21.490993] [ 21.491024] The buggy address belongs to the object at fff00000c4035140 [ 21.491024] which belongs to the cache kmalloc-16 of size 16 [ 21.491344] The buggy address is located 8 bytes inside of [ 21.491344] allocated 9-byte region [fff00000c4035140, fff00000c4035149) [ 21.491545] [ 21.491598] The buggy address belongs to the physical page: [ 21.491884] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104035 [ 21.492069] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.492136] page_type: f5(slab) [ 21.492346] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.493299] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.493412] page dumped because: kasan: bad access detected [ 21.493455] [ 21.493499] Memory state around the buggy address: [ 21.493546] fff00000c4035000: 00 02 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 21.493614] fff00000c4035080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.493823] >fff00000c4035100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.493960] ^ [ 21.494024] fff00000c4035180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.494080] fff00000c4035200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.494322] ================================================================== [ 21.553925] ================================================================== [ 21.554012] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 21.554086] Write of size 8 at addr fff00000c4035148 by task kunit_try_catch/261 [ 21.554152] [ 21.554236] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT [ 21.554427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.555005] Hardware name: linux,dummy-virt (DT) [ 21.555139] Call trace: [ 21.555179] show_stack+0x20/0x38 (C) [ 21.555308] dump_stack_lvl+0x8c/0xd0 [ 21.555404] print_report+0x118/0x608 [ 21.555463] kasan_report+0xdc/0x128 [ 21.555518] kasan_check_range+0x100/0x1a8 [ 21.555628] __kasan_check_write+0x20/0x30 [ 21.555706] kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 21.555776] kasan_bitops_generic+0x110/0x1c8 [ 21.555854] kunit_try_run_case+0x170/0x3f0 [ 21.555911] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.556118] kthread+0x328/0x630 [ 21.556228] ret_from_fork+0x10/0x20 [ 21.556410] [ 21.556572] Allocated by task 261: [ 21.557017] kasan_save_stack+0x3c/0x68 [ 21.557221] kasan_save_track+0x20/0x40 [ 21.557502] kasan_save_alloc_info+0x40/0x58 [ 21.557579] __kasan_kmalloc+0xd4/0xd8 [ 21.557922] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.558276] kasan_bitops_generic+0xa0/0x1c8 [ 21.558360] kunit_try_run_case+0x170/0x3f0 [ 21.558472] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.558753] kthread+0x328/0x630 [ 21.558847] ret_from_fork+0x10/0x20 [ 21.559006] [ 21.559158] The buggy address belongs to the object at fff00000c4035140 [ 21.559158] which belongs to the cache kmalloc-16 of size 16 [ 21.559237] The buggy address is located 8 bytes inside of [ 21.559237] allocated 9-byte region [fff00000c4035140, fff00000c4035149) [ 21.559332] [ 21.559401] The buggy address belongs to the physical page: [ 21.559488] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104035 [ 21.559764] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.559832] page_type: f5(slab) [ 21.559884] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.559960] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.560025] page dumped because: kasan: bad access detected [ 21.560061] [ 21.560085] Memory state around the buggy address: [ 21.560124] fff00000c4035000: 00 02 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 21.560176] fff00000c4035080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.560223] >fff00000c4035100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.560873] ^ [ 21.560933] fff00000c4035180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.561049] fff00000c4035200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.561093] ================================================================== [ 21.509681] ================================================================== [ 21.509765] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 21.509860] Write of size 8 at addr fff00000c4035148 by task kunit_try_catch/261 [ 21.509924] [ 21.509991] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT [ 21.510101] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.510136] Hardware name: linux,dummy-virt (DT) [ 21.510178] Call trace: [ 21.510209] show_stack+0x20/0x38 (C) [ 21.510274] dump_stack_lvl+0x8c/0xd0 [ 21.510331] print_report+0x118/0x608 [ 21.510388] kasan_report+0xdc/0x128 [ 21.510441] kasan_check_range+0x100/0x1a8 [ 21.515424] __kasan_check_write+0x20/0x30 [ 21.515912] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 21.516052] kasan_bitops_generic+0x110/0x1c8 [ 21.516778] kunit_try_run_case+0x170/0x3f0 [ 21.516911] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.517488] kthread+0x328/0x630 [ 21.517722] ret_from_fork+0x10/0x20 [ 21.517789] [ 21.518601] Allocated by task 261: [ 21.518999] kasan_save_stack+0x3c/0x68 [ 21.519072] kasan_save_track+0x20/0x40 [ 21.519118] kasan_save_alloc_info+0x40/0x58 [ 21.519902] __kasan_kmalloc+0xd4/0xd8 [ 21.520221] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.520499] kasan_bitops_generic+0xa0/0x1c8 [ 21.521174] kunit_try_run_case+0x170/0x3f0 [ 21.521412] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.521499] kthread+0x328/0x630 [ 21.522031] ret_from_fork+0x10/0x20 [ 21.522583] [ 21.522633] The buggy address belongs to the object at fff00000c4035140 [ 21.522633] which belongs to the cache kmalloc-16 of size 16 [ 21.522713] The buggy address is located 8 bytes inside of [ 21.522713] allocated 9-byte region [fff00000c4035140, fff00000c4035149) [ 21.523365] [ 21.523734] The buggy address belongs to the physical page: [ 21.523905] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104035 [ 21.524468] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.524556] page_type: f5(slab) [ 21.525140] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.525408] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.525465] page dumped because: kasan: bad access detected [ 21.525506] [ 21.525530] Memory state around the buggy address: [ 21.525570] fff00000c4035000: 00 02 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 21.526153] fff00000c4035080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.526826] >fff00000c4035100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.526881] ^ [ 21.526938] fff00000c4035180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.527001] fff00000c4035200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.527403] ================================================================== [ 21.541881] ================================================================== [ 21.542037] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 21.542192] Write of size 8 at addr fff00000c4035148 by task kunit_try_catch/261 [ 21.542310] [ 21.542389] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT [ 21.542526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.542565] Hardware name: linux,dummy-virt (DT) [ 21.543067] Call trace: [ 21.543125] show_stack+0x20/0x38 (C) [ 21.543218] dump_stack_lvl+0x8c/0xd0 [ 21.543278] print_report+0x118/0x608 [ 21.543361] kasan_report+0xdc/0x128 [ 21.543448] kasan_check_range+0x100/0x1a8 [ 21.543502] __kasan_check_write+0x20/0x30 [ 21.543557] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 21.543615] kasan_bitops_generic+0x110/0x1c8 [ 21.543667] kunit_try_run_case+0x170/0x3f0 [ 21.543718] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.543775] kthread+0x328/0x630 [ 21.543824] ret_from_fork+0x10/0x20 [ 21.543877] [ 21.543902] Allocated by task 261: [ 21.543936] kasan_save_stack+0x3c/0x68 [ 21.544008] kasan_save_track+0x20/0x40 [ 21.544054] kasan_save_alloc_info+0x40/0x58 [ 21.544101] __kasan_kmalloc+0xd4/0xd8 [ 21.544142] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.544183] kasan_bitops_generic+0xa0/0x1c8 [ 21.544225] kunit_try_run_case+0x170/0x3f0 [ 21.544266] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.544310] kthread+0x328/0x630 [ 21.544350] ret_from_fork+0x10/0x20 [ 21.544391] [ 21.544414] The buggy address belongs to the object at fff00000c4035140 [ 21.544414] which belongs to the cache kmalloc-16 of size 16 [ 21.544476] The buggy address is located 8 bytes inside of [ 21.544476] allocated 9-byte region [fff00000c4035140, fff00000c4035149) [ 21.544540] [ 21.544564] The buggy address belongs to the physical page: [ 21.544597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104035 [ 21.544653] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.544705] page_type: f5(slab) [ 21.544750] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.544804] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.544850] page dumped because: kasan: bad access detected [ 21.544886] [ 21.544908] Memory state around the buggy address: [ 21.544945] fff00000c4035000: 00 02 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 21.545233] fff00000c4035080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.545283] >fff00000c4035100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.545326] ^ [ 21.545369] fff00000c4035180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.545431] fff00000c4035200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.545589] ================================================================== [ 21.547223] ================================================================== [ 21.547303] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 21.547379] Read of size 8 at addr fff00000c4035148 by task kunit_try_catch/261 [ 21.547439] [ 21.547479] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT [ 21.547571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.547605] Hardware name: linux,dummy-virt (DT) [ 21.547644] Call trace: [ 21.547670] show_stack+0x20/0x38 (C) [ 21.547726] dump_stack_lvl+0x8c/0xd0 [ 21.547777] print_report+0x118/0x608 [ 21.547832] kasan_report+0xdc/0x128 [ 21.547884] __asan_report_load8_noabort+0x20/0x30 [ 21.547942] kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 21.548019] kasan_bitops_generic+0x110/0x1c8 [ 21.548079] kunit_try_run_case+0x170/0x3f0 [ 21.548132] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.548193] kthread+0x328/0x630 [ 21.548249] ret_from_fork+0x10/0x20 [ 21.548308] [ 21.548331] Allocated by task 261: [ 21.548365] kasan_save_stack+0x3c/0x68 [ 21.548417] kasan_save_track+0x20/0x40 [ 21.548463] kasan_save_alloc_info+0x40/0x58 [ 21.548511] __kasan_kmalloc+0xd4/0xd8 [ 21.548600] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.548654] kasan_bitops_generic+0xa0/0x1c8 [ 21.548702] kunit_try_run_case+0x170/0x3f0 [ 21.548746] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.548804] kthread+0x328/0x630 [ 21.548848] ret_from_fork+0x10/0x20 [ 21.548894] [ 21.549471] The buggy address belongs to the object at fff00000c4035140 [ 21.549471] which belongs to the cache kmalloc-16 of size 16 [ 21.549666] The buggy address is located 8 bytes inside of [ 21.549666] allocated 9-byte region [fff00000c4035140, fff00000c4035149) [ 21.549922] [ 21.549954] The buggy address belongs to the physical page: [ 21.550301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104035 [ 21.550394] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.550631] page_type: f5(slab) [ 21.550816] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.550884] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.551063] page dumped because: kasan: bad access detected [ 21.551145] [ 21.551198] Memory state around the buggy address: [ 21.551362] fff00000c4035000: 00 02 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 21.551626] fff00000c4035080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.552003] >fff00000c4035100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.552704] ^ [ 21.552783] fff00000c4035180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.552837] fff00000c4035200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.553288] ================================================================== [ 21.495757] ================================================================== [ 21.495838] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 21.495916] Read of size 8 at addr fff00000c4035148 by task kunit_try_catch/261 [ 21.496329] [ 21.496639] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT [ 21.496935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.497008] Hardware name: linux,dummy-virt (DT) [ 21.497072] Call trace: [ 21.497108] show_stack+0x20/0x38 (C) [ 21.497366] dump_stack_lvl+0x8c/0xd0 [ 21.497606] print_report+0x118/0x608 [ 21.497714] kasan_report+0xdc/0x128 [ 21.497857] __asan_report_load8_noabort+0x20/0x30 [ 21.497928] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 21.498018] kasan_bitops_generic+0x110/0x1c8 [ 21.498078] kunit_try_run_case+0x170/0x3f0 [ 21.498136] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.498196] kthread+0x328/0x630 [ 21.498251] ret_from_fork+0x10/0x20 [ 21.498312] [ 21.498337] Allocated by task 261: [ 21.498375] kasan_save_stack+0x3c/0x68 [ 21.498426] kasan_save_track+0x20/0x40 [ 21.498472] kasan_save_alloc_info+0x40/0x58 [ 21.498525] __kasan_kmalloc+0xd4/0xd8 [ 21.498567] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.499863] kasan_bitops_generic+0xa0/0x1c8 [ 21.500585] kunit_try_run_case+0x170/0x3f0 [ 21.500836] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.501260] kthread+0x328/0x630 [ 21.501315] ret_from_fork+0x10/0x20 [ 21.501362] [ 21.501391] The buggy address belongs to the object at fff00000c4035140 [ 21.501391] which belongs to the cache kmalloc-16 of size 16 [ 21.502548] The buggy address is located 8 bytes inside of [ 21.502548] allocated 9-byte region [fff00000c4035140, fff00000c4035149) [ 21.502648] [ 21.502679] The buggy address belongs to the physical page: [ 21.503377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104035 [ 21.503458] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.503521] page_type: f5(slab) [ 21.503573] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.503635] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.503685] page dumped because: kasan: bad access detected [ 21.505396] [ 21.505649] Memory state around the buggy address: [ 21.506073] fff00000c4035000: 00 02 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 21.506206] fff00000c4035080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.506882] >fff00000c4035100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.507075] ^ [ 21.507561] fff00000c4035180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.507661] fff00000c4035200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.507711] ================================================================== [ 21.528827] ================================================================== [ 21.528908] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 21.529004] Read of size 8 at addr fff00000c4035148 by task kunit_try_catch/261 [ 21.529066] [ 21.529114] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT [ 21.529212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.529246] Hardware name: linux,dummy-virt (DT) [ 21.529287] Call trace: [ 21.529862] show_stack+0x20/0x38 (C) [ 21.530033] dump_stack_lvl+0x8c/0xd0 [ 21.530158] print_report+0x118/0x608 [ 21.530219] kasan_report+0xdc/0x128 [ 21.530275] __asan_report_load8_noabort+0x20/0x30 [ 21.530337] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 21.530400] kasan_bitops_generic+0x110/0x1c8 [ 21.530474] kunit_try_run_case+0x170/0x3f0 [ 21.530544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.531158] kthread+0x328/0x630 [ 21.531220] ret_from_fork+0x10/0x20 [ 21.531285] [ 21.531310] Allocated by task 261: [ 21.531347] kasan_save_stack+0x3c/0x68 [ 21.531399] kasan_save_track+0x20/0x40 [ 21.531578] kasan_save_alloc_info+0x40/0x58 [ 21.531660] __kasan_kmalloc+0xd4/0xd8 [ 21.531725] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.531777] kasan_bitops_generic+0xa0/0x1c8 [ 21.531821] kunit_try_run_case+0x170/0x3f0 [ 21.531863] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.532141] kthread+0x328/0x630 [ 21.532216] ret_from_fork+0x10/0x20 [ 21.532290] [ 21.532337] The buggy address belongs to the object at fff00000c4035140 [ 21.532337] which belongs to the cache kmalloc-16 of size 16 [ 21.532424] The buggy address is located 8 bytes inside of [ 21.532424] allocated 9-byte region [fff00000c4035140, fff00000c4035149) [ 21.532490] [ 21.532517] The buggy address belongs to the physical page: [ 21.532553] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104035 [ 21.532614] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.532684] page_type: f5(slab) [ 21.532732] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.533241] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.533296] page dumped because: kasan: bad access detected [ 21.533336] [ 21.533371] Memory state around the buggy address: [ 21.533415] fff00000c4035000: 00 02 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 21.533695] fff00000c4035080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.533839] >fff00000c4035100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.533944] ^ [ 21.534066] fff00000c4035180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.534139] fff00000c4035200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.534185] ==================================================================
[ 13.250036] ================================================================== [ 13.250323] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.250697] Write of size 8 at addr ffff888101d83668 by task kunit_try_catch/278 [ 13.251050] [ 13.251136] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT(voluntary) [ 13.251181] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.251201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.251222] Call Trace: [ 13.251237] <TASK> [ 13.251251] dump_stack_lvl+0x73/0xb0 [ 13.251277] print_report+0xd1/0x650 [ 13.251300] ? __virt_addr_valid+0x1db/0x2d0 [ 13.251324] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.251350] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.251373] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.251400] kasan_report+0x141/0x180 [ 13.251422] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.251453] kasan_check_range+0x10c/0x1c0 [ 13.251478] __kasan_check_write+0x18/0x20 [ 13.251498] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.251524] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.251551] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.251572] ? trace_hardirqs_on+0x37/0xe0 [ 13.251593] ? kasan_bitops_generic+0x92/0x1c0 [ 13.251630] kasan_bitops_generic+0x116/0x1c0 [ 13.251649] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.251671] ? __pfx_read_tsc+0x10/0x10 [ 13.251692] ? ktime_get_ts64+0x86/0x230 [ 13.251716] kunit_try_run_case+0x1a5/0x480 [ 13.251749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.251771] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.251794] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.251816] ? __kthread_parkme+0x82/0x180 [ 13.251836] ? preempt_count_sub+0x50/0x80 [ 13.251861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.251885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.251907] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.251929] kthread+0x337/0x6f0 [ 13.251949] ? trace_preempt_on+0x20/0xc0 [ 13.251971] ? __pfx_kthread+0x10/0x10 [ 13.251992] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.252013] ? calculate_sigpending+0x7b/0xa0 [ 13.252036] ? __pfx_kthread+0x10/0x10 [ 13.252058] ret_from_fork+0x116/0x1d0 [ 13.252076] ? __pfx_kthread+0x10/0x10 [ 13.252097] ret_from_fork_asm+0x1a/0x30 [ 13.252128] </TASK> [ 13.252137] [ 13.260504] Allocated by task 278: [ 13.260695] kasan_save_stack+0x45/0x70 [ 13.260899] kasan_save_track+0x18/0x40 [ 13.261099] kasan_save_alloc_info+0x3b/0x50 [ 13.261346] __kasan_kmalloc+0xb7/0xc0 [ 13.261510] __kmalloc_cache_noprof+0x189/0x420 [ 13.261759] kasan_bitops_generic+0x92/0x1c0 [ 13.261909] kunit_try_run_case+0x1a5/0x480 [ 13.262080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.262566] kthread+0x337/0x6f0 [ 13.262751] ret_from_fork+0x116/0x1d0 [ 13.262947] ret_from_fork_asm+0x1a/0x30 [ 13.263101] [ 13.263205] The buggy address belongs to the object at ffff888101d83660 [ 13.263205] which belongs to the cache kmalloc-16 of size 16 [ 13.263717] The buggy address is located 8 bytes inside of [ 13.263717] allocated 9-byte region [ffff888101d83660, ffff888101d83669) [ 13.264243] [ 13.264337] The buggy address belongs to the physical page: [ 13.264701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d83 [ 13.265043] flags: 0x200000000000000(node=0|zone=2) [ 13.265297] page_type: f5(slab) [ 13.265417] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.266037] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.266359] page dumped because: kasan: bad access detected [ 13.266560] [ 13.266673] Memory state around the buggy address: [ 13.266910] ffff888101d83500: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.267206] ffff888101d83580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.267466] >ffff888101d83600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.267720] ^ [ 13.268158] ffff888101d83680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.268423] ffff888101d83700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.268833] ================================================================== [ 13.230172] ================================================================== [ 13.230535] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.231200] Write of size 8 at addr ffff888101d83668 by task kunit_try_catch/278 [ 13.231469] [ 13.231553] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT(voluntary) [ 13.231599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.231622] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.231644] Call Trace: [ 13.231656] <TASK> [ 13.231671] dump_stack_lvl+0x73/0xb0 [ 13.231696] print_report+0xd1/0x650 [ 13.231718] ? __virt_addr_valid+0x1db/0x2d0 [ 13.231742] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.231767] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.231790] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.231816] kasan_report+0x141/0x180 [ 13.231839] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.231870] kasan_check_range+0x10c/0x1c0 [ 13.231894] __kasan_check_write+0x18/0x20 [ 13.231914] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.231940] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.231967] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.232035] ? trace_hardirqs_on+0x37/0xe0 [ 13.232060] ? kasan_bitops_generic+0x92/0x1c0 [ 13.232086] kasan_bitops_generic+0x116/0x1c0 [ 13.232106] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.232127] ? __pfx_read_tsc+0x10/0x10 [ 13.232148] ? ktime_get_ts64+0x86/0x230 [ 13.232172] kunit_try_run_case+0x1a5/0x480 [ 13.232208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.232230] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.232252] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.232275] ? __kthread_parkme+0x82/0x180 [ 13.232294] ? preempt_count_sub+0x50/0x80 [ 13.232319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.232342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.232366] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.232389] kthread+0x337/0x6f0 [ 13.232408] ? trace_preempt_on+0x20/0xc0 [ 13.232431] ? __pfx_kthread+0x10/0x10 [ 13.232452] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.232472] ? calculate_sigpending+0x7b/0xa0 [ 13.232496] ? __pfx_kthread+0x10/0x10 [ 13.232519] ret_from_fork+0x116/0x1d0 [ 13.232549] ? __pfx_kthread+0x10/0x10 [ 13.232570] ret_from_fork_asm+0x1a/0x30 [ 13.232602] </TASK> [ 13.232621] [ 13.241071] Allocated by task 278: [ 13.241215] kasan_save_stack+0x45/0x70 [ 13.241422] kasan_save_track+0x18/0x40 [ 13.241881] kasan_save_alloc_info+0x3b/0x50 [ 13.242109] __kasan_kmalloc+0xb7/0xc0 [ 13.242406] __kmalloc_cache_noprof+0x189/0x420 [ 13.242692] kasan_bitops_generic+0x92/0x1c0 [ 13.242888] kunit_try_run_case+0x1a5/0x480 [ 13.243066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.243361] kthread+0x337/0x6f0 [ 13.243514] ret_from_fork+0x116/0x1d0 [ 13.243720] ret_from_fork_asm+0x1a/0x30 [ 13.243904] [ 13.243985] The buggy address belongs to the object at ffff888101d83660 [ 13.243985] which belongs to the cache kmalloc-16 of size 16 [ 13.244658] The buggy address is located 8 bytes inside of [ 13.244658] allocated 9-byte region [ffff888101d83660, ffff888101d83669) [ 13.245012] [ 13.245084] The buggy address belongs to the physical page: [ 13.245274] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d83 [ 13.245642] flags: 0x200000000000000(node=0|zone=2) [ 13.245885] page_type: f5(slab) [ 13.246011] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.246438] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.246927] page dumped because: kasan: bad access detected [ 13.247331] [ 13.247431] Memory state around the buggy address: [ 13.247694] ffff888101d83500: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.247916] ffff888101d83580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.248189] >ffff888101d83600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.248510] ^ [ 13.248901] ffff888101d83680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.249283] ffff888101d83700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.249640] ================================================================== [ 13.190034] ================================================================== [ 13.190449] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.190879] Write of size 8 at addr ffff888101d83668 by task kunit_try_catch/278 [ 13.191364] [ 13.191454] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT(voluntary) [ 13.191502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.191514] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.191535] Call Trace: [ 13.191547] <TASK> [ 13.191561] dump_stack_lvl+0x73/0xb0 [ 13.191589] print_report+0xd1/0x650 [ 13.191625] ? __virt_addr_valid+0x1db/0x2d0 [ 13.191650] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.191676] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.191698] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.191725] kasan_report+0x141/0x180 [ 13.191747] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.191778] kasan_check_range+0x10c/0x1c0 [ 13.191803] __kasan_check_write+0x18/0x20 [ 13.191823] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.191849] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.191877] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.191897] ? trace_hardirqs_on+0x37/0xe0 [ 13.191920] ? kasan_bitops_generic+0x92/0x1c0 [ 13.191944] kasan_bitops_generic+0x116/0x1c0 [ 13.191965] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.191987] ? __pfx_read_tsc+0x10/0x10 [ 13.192008] ? ktime_get_ts64+0x86/0x230 [ 13.192033] kunit_try_run_case+0x1a5/0x480 [ 13.192057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.192079] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.192102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.192125] ? __kthread_parkme+0x82/0x180 [ 13.192145] ? preempt_count_sub+0x50/0x80 [ 13.192170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.192193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.192218] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.192241] kthread+0x337/0x6f0 [ 13.192261] ? trace_preempt_on+0x20/0xc0 [ 13.192283] ? __pfx_kthread+0x10/0x10 [ 13.192304] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.192324] ? calculate_sigpending+0x7b/0xa0 [ 13.192348] ? __pfx_kthread+0x10/0x10 [ 13.192369] ret_from_fork+0x116/0x1d0 [ 13.192447] ? __pfx_kthread+0x10/0x10 [ 13.192469] ret_from_fork_asm+0x1a/0x30 [ 13.192501] </TASK> [ 13.192511] [ 13.200930] Allocated by task 278: [ 13.201061] kasan_save_stack+0x45/0x70 [ 13.201204] kasan_save_track+0x18/0x40 [ 13.201478] kasan_save_alloc_info+0x3b/0x50 [ 13.201842] __kasan_kmalloc+0xb7/0xc0 [ 13.202035] __kmalloc_cache_noprof+0x189/0x420 [ 13.202251] kasan_bitops_generic+0x92/0x1c0 [ 13.202460] kunit_try_run_case+0x1a5/0x480 [ 13.202687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.203002] kthread+0x337/0x6f0 [ 13.203229] ret_from_fork+0x116/0x1d0 [ 13.203397] ret_from_fork_asm+0x1a/0x30 [ 13.203779] [ 13.203883] The buggy address belongs to the object at ffff888101d83660 [ 13.203883] which belongs to the cache kmalloc-16 of size 16 [ 13.204293] The buggy address is located 8 bytes inside of [ 13.204293] allocated 9-byte region [ffff888101d83660, ffff888101d83669) [ 13.205171] [ 13.205282] The buggy address belongs to the physical page: [ 13.205503] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d83 [ 13.205808] flags: 0x200000000000000(node=0|zone=2) [ 13.205973] page_type: f5(slab) [ 13.206095] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.206757] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.207023] page dumped because: kasan: bad access detected [ 13.207198] [ 13.207347] Memory state around the buggy address: [ 13.207624] ffff888101d83500: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.207930] ffff888101d83580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.208163] >ffff888101d83600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.208375] ^ [ 13.208715] ffff888101d83680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.209301] ffff888101d83700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.209783] ================================================================== [ 13.165413] ================================================================== [ 13.166411] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.166913] Write of size 8 at addr ffff888101d83668 by task kunit_try_catch/278 [ 13.167439] [ 13.167552] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT(voluntary) [ 13.167599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.167620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.167642] Call Trace: [ 13.167655] <TASK> [ 13.167670] dump_stack_lvl+0x73/0xb0 [ 13.167856] print_report+0xd1/0x650 [ 13.167882] ? __virt_addr_valid+0x1db/0x2d0 [ 13.167905] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.167930] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.167953] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.167979] kasan_report+0x141/0x180 [ 13.168002] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.168033] kasan_check_range+0x10c/0x1c0 [ 13.168057] __kasan_check_write+0x18/0x20 [ 13.168078] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.168105] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.168132] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.168153] ? trace_hardirqs_on+0x37/0xe0 [ 13.168200] ? kasan_bitops_generic+0x92/0x1c0 [ 13.168225] kasan_bitops_generic+0x116/0x1c0 [ 13.168246] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.168268] ? __pfx_read_tsc+0x10/0x10 [ 13.168289] ? ktime_get_ts64+0x86/0x230 [ 13.168314] kunit_try_run_case+0x1a5/0x480 [ 13.168337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.168359] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.168382] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.168405] ? __kthread_parkme+0x82/0x180 [ 13.168425] ? preempt_count_sub+0x50/0x80 [ 13.168449] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.168473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.168495] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.168518] kthread+0x337/0x6f0 [ 13.168554] ? trace_preempt_on+0x20/0xc0 [ 13.168577] ? __pfx_kthread+0x10/0x10 [ 13.168597] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.168626] ? calculate_sigpending+0x7b/0xa0 [ 13.168651] ? __pfx_kthread+0x10/0x10 [ 13.168673] ret_from_fork+0x116/0x1d0 [ 13.168691] ? __pfx_kthread+0x10/0x10 [ 13.168713] ret_from_fork_asm+0x1a/0x30 [ 13.168744] </TASK> [ 13.168755] [ 13.181485] Allocated by task 278: [ 13.181805] kasan_save_stack+0x45/0x70 [ 13.182004] kasan_save_track+0x18/0x40 [ 13.182199] kasan_save_alloc_info+0x3b/0x50 [ 13.182588] __kasan_kmalloc+0xb7/0xc0 [ 13.182868] __kmalloc_cache_noprof+0x189/0x420 [ 13.183070] kasan_bitops_generic+0x92/0x1c0 [ 13.183337] kunit_try_run_case+0x1a5/0x480 [ 13.183505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.183823] kthread+0x337/0x6f0 [ 13.183950] ret_from_fork+0x116/0x1d0 [ 13.184139] ret_from_fork_asm+0x1a/0x30 [ 13.184389] [ 13.184463] The buggy address belongs to the object at ffff888101d83660 [ 13.184463] which belongs to the cache kmalloc-16 of size 16 [ 13.185030] The buggy address is located 8 bytes inside of [ 13.185030] allocated 9-byte region [ffff888101d83660, ffff888101d83669) [ 13.185518] [ 13.185591] The buggy address belongs to the physical page: [ 13.185872] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d83 [ 13.186234] flags: 0x200000000000000(node=0|zone=2) [ 13.186405] page_type: f5(slab) [ 13.186533] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.186885] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.187217] page dumped because: kasan: bad access detected [ 13.187426] [ 13.187522] Memory state around the buggy address: [ 13.187721] ffff888101d83500: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.188028] ffff888101d83580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.188392] >ffff888101d83600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.188670] ^ [ 13.188945] ffff888101d83680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.189265] ffff888101d83700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.189497] ================================================================== [ 13.269255] ================================================================== [ 13.269482] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.269842] Write of size 8 at addr ffff888101d83668 by task kunit_try_catch/278 [ 13.270168] [ 13.270272] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT(voluntary) [ 13.270317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.270329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.270349] Call Trace: [ 13.270362] <TASK> [ 13.270375] dump_stack_lvl+0x73/0xb0 [ 13.270400] print_report+0xd1/0x650 [ 13.270422] ? __virt_addr_valid+0x1db/0x2d0 [ 13.270445] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.270474] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.270497] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.270522] kasan_report+0x141/0x180 [ 13.270544] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.270575] kasan_check_range+0x10c/0x1c0 [ 13.270599] __kasan_check_write+0x18/0x20 [ 13.270628] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.270654] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.270681] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.270702] ? trace_hardirqs_on+0x37/0xe0 [ 13.270724] ? kasan_bitops_generic+0x92/0x1c0 [ 13.270748] kasan_bitops_generic+0x116/0x1c0 [ 13.270768] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.270789] ? __pfx_read_tsc+0x10/0x10 [ 13.270809] ? ktime_get_ts64+0x86/0x230 [ 13.270833] kunit_try_run_case+0x1a5/0x480 [ 13.270857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.270892] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.270914] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.270936] ? __kthread_parkme+0x82/0x180 [ 13.270957] ? preempt_count_sub+0x50/0x80 [ 13.270981] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.271004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.271027] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.271049] kthread+0x337/0x6f0 [ 13.271070] ? trace_preempt_on+0x20/0xc0 [ 13.271092] ? __pfx_kthread+0x10/0x10 [ 13.271112] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.271133] ? calculate_sigpending+0x7b/0xa0 [ 13.271157] ? __pfx_kthread+0x10/0x10 [ 13.271178] ret_from_fork+0x116/0x1d0 [ 13.271196] ? __pfx_kthread+0x10/0x10 [ 13.271218] ret_from_fork_asm+0x1a/0x30 [ 13.271250] </TASK> [ 13.271260] [ 13.281205] Allocated by task 278: [ 13.281387] kasan_save_stack+0x45/0x70 [ 13.281708] kasan_save_track+0x18/0x40 [ 13.281909] kasan_save_alloc_info+0x3b/0x50 [ 13.282122] __kasan_kmalloc+0xb7/0xc0 [ 13.282405] __kmalloc_cache_noprof+0x189/0x420 [ 13.282689] kasan_bitops_generic+0x92/0x1c0 [ 13.282844] kunit_try_run_case+0x1a5/0x480 [ 13.282989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.283263] kthread+0x337/0x6f0 [ 13.283629] ret_from_fork+0x116/0x1d0 [ 13.283893] ret_from_fork_asm+0x1a/0x30 [ 13.284096] [ 13.284240] The buggy address belongs to the object at ffff888101d83660 [ 13.284240] which belongs to the cache kmalloc-16 of size 16 [ 13.284875] The buggy address is located 8 bytes inside of [ 13.284875] allocated 9-byte region [ffff888101d83660, ffff888101d83669) [ 13.285586] [ 13.285722] The buggy address belongs to the physical page: [ 13.285981] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d83 [ 13.286388] flags: 0x200000000000000(node=0|zone=2) [ 13.286632] page_type: f5(slab) [ 13.286893] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.287188] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.287503] page dumped because: kasan: bad access detected [ 13.287784] [ 13.287860] Memory state around the buggy address: [ 13.288045] ffff888101d83500: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.288450] ffff888101d83580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.288997] >ffff888101d83600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.289339] ^ [ 13.289866] ffff888101d83680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.290093] ffff888101d83700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.290414] ================================================================== [ 13.142383] ================================================================== [ 13.143102] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.143541] Write of size 8 at addr ffff888101d83668 by task kunit_try_catch/278 [ 13.143969] [ 13.144088] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT(voluntary) [ 13.144146] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.144157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.144189] Call Trace: [ 13.144202] <TASK> [ 13.144226] dump_stack_lvl+0x73/0xb0 [ 13.144254] print_report+0xd1/0x650 [ 13.144277] ? __virt_addr_valid+0x1db/0x2d0 [ 13.144301] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.144337] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.144359] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.144386] kasan_report+0x141/0x180 [ 13.144420] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.144451] kasan_check_range+0x10c/0x1c0 [ 13.144475] __kasan_check_write+0x18/0x20 [ 13.144495] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.144522] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.144560] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.144581] ? trace_hardirqs_on+0x37/0xe0 [ 13.144604] ? kasan_bitops_generic+0x92/0x1c0 [ 13.144639] kasan_bitops_generic+0x116/0x1c0 [ 13.144659] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.144683] ? __pfx_read_tsc+0x10/0x10 [ 13.144706] ? ktime_get_ts64+0x86/0x230 [ 13.144731] kunit_try_run_case+0x1a5/0x480 [ 13.144754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.144777] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.144798] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.144820] ? __kthread_parkme+0x82/0x180 [ 13.144841] ? preempt_count_sub+0x50/0x80 [ 13.144867] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.144890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.144912] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.144935] kthread+0x337/0x6f0 [ 13.144955] ? trace_preempt_on+0x20/0xc0 [ 13.144978] ? __pfx_kthread+0x10/0x10 [ 13.144999] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.145019] ? calculate_sigpending+0x7b/0xa0 [ 13.145043] ? __pfx_kthread+0x10/0x10 [ 13.145065] ret_from_fork+0x116/0x1d0 [ 13.145083] ? __pfx_kthread+0x10/0x10 [ 13.145105] ret_from_fork_asm+0x1a/0x30 [ 13.145136] </TASK> [ 13.145148] [ 13.154039] Allocated by task 278: [ 13.154216] kasan_save_stack+0x45/0x70 [ 13.154365] kasan_save_track+0x18/0x40 [ 13.154506] kasan_save_alloc_info+0x3b/0x50 [ 13.154713] __kasan_kmalloc+0xb7/0xc0 [ 13.154997] __kmalloc_cache_noprof+0x189/0x420 [ 13.155218] kasan_bitops_generic+0x92/0x1c0 [ 13.155428] kunit_try_run_case+0x1a5/0x480 [ 13.155645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.156813] kthread+0x337/0x6f0 [ 13.156993] ret_from_fork+0x116/0x1d0 [ 13.157381] ret_from_fork_asm+0x1a/0x30 [ 13.157727] [ 13.157822] The buggy address belongs to the object at ffff888101d83660 [ 13.157822] which belongs to the cache kmalloc-16 of size 16 [ 13.158623] The buggy address is located 8 bytes inside of [ 13.158623] allocated 9-byte region [ffff888101d83660, ffff888101d83669) [ 13.159233] [ 13.159392] The buggy address belongs to the physical page: [ 13.159746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d83 [ 13.160065] flags: 0x200000000000000(node=0|zone=2) [ 13.160487] page_type: f5(slab) [ 13.160722] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.161245] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.161779] page dumped because: kasan: bad access detected [ 13.162113] [ 13.162227] Memory state around the buggy address: [ 13.162414] ffff888101d83500: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.162891] ffff888101d83580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.163185] >ffff888101d83600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.163679] ^ [ 13.164046] ffff888101d83680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.164444] ffff888101d83700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.164880] ================================================================== [ 13.210158] ================================================================== [ 13.210472] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.210904] Write of size 8 at addr ffff888101d83668 by task kunit_try_catch/278 [ 13.211196] [ 13.211282] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT(voluntary) [ 13.211327] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.211340] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.211360] Call Trace: [ 13.211373] <TASK> [ 13.211388] dump_stack_lvl+0x73/0xb0 [ 13.211413] print_report+0xd1/0x650 [ 13.211435] ? __virt_addr_valid+0x1db/0x2d0 [ 13.211458] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.211483] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.211507] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.211533] kasan_report+0x141/0x180 [ 13.211556] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.211587] kasan_check_range+0x10c/0x1c0 [ 13.211624] __kasan_check_write+0x18/0x20 [ 13.211646] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.211673] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.211701] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.211721] ? trace_hardirqs_on+0x37/0xe0 [ 13.211743] ? kasan_bitops_generic+0x92/0x1c0 [ 13.211768] kasan_bitops_generic+0x116/0x1c0 [ 13.211788] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.211810] ? __pfx_read_tsc+0x10/0x10 [ 13.211875] ? ktime_get_ts64+0x86/0x230 [ 13.211901] kunit_try_run_case+0x1a5/0x480 [ 13.211926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.211949] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.211971] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.211994] ? __kthread_parkme+0x82/0x180 [ 13.212014] ? preempt_count_sub+0x50/0x80 [ 13.212040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.212063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.212086] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.212109] kthread+0x337/0x6f0 [ 13.212129] ? trace_preempt_on+0x20/0xc0 [ 13.212151] ? __pfx_kthread+0x10/0x10 [ 13.212173] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.212202] ? calculate_sigpending+0x7b/0xa0 [ 13.212225] ? __pfx_kthread+0x10/0x10 [ 13.212247] ret_from_fork+0x116/0x1d0 [ 13.212265] ? __pfx_kthread+0x10/0x10 [ 13.212287] ret_from_fork_asm+0x1a/0x30 [ 13.212317] </TASK> [ 13.212327] [ 13.221709] Allocated by task 278: [ 13.221893] kasan_save_stack+0x45/0x70 [ 13.222094] kasan_save_track+0x18/0x40 [ 13.222318] kasan_save_alloc_info+0x3b/0x50 [ 13.222508] __kasan_kmalloc+0xb7/0xc0 [ 13.222651] __kmalloc_cache_noprof+0x189/0x420 [ 13.222804] kasan_bitops_generic+0x92/0x1c0 [ 13.223007] kunit_try_run_case+0x1a5/0x480 [ 13.223211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.223427] kthread+0x337/0x6f0 [ 13.223549] ret_from_fork+0x116/0x1d0 [ 13.223723] ret_from_fork_asm+0x1a/0x30 [ 13.223923] [ 13.224022] The buggy address belongs to the object at ffff888101d83660 [ 13.224022] which belongs to the cache kmalloc-16 of size 16 [ 13.224829] The buggy address is located 8 bytes inside of [ 13.224829] allocated 9-byte region [ffff888101d83660, ffff888101d83669) [ 13.225310] [ 13.225385] The buggy address belongs to the physical page: [ 13.225575] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d83 [ 13.225948] flags: 0x200000000000000(node=0|zone=2) [ 13.226107] page_type: f5(slab) [ 13.226228] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.226454] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.226928] page dumped because: kasan: bad access detected [ 13.227187] [ 13.227281] Memory state around the buggy address: [ 13.227505] ffff888101d83500: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.227999] ffff888101d83580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.228374] >ffff888101d83600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.228787] ^ [ 13.229050] ffff888101d83680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.229366] ffff888101d83700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.229582] ================================================================== [ 13.291044] ================================================================== [ 13.291428] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.291874] Write of size 8 at addr ffff888101d83668 by task kunit_try_catch/278 [ 13.292095] [ 13.292177] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT(voluntary) [ 13.292221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.292234] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.292255] Call Trace: [ 13.292267] <TASK> [ 13.292282] dump_stack_lvl+0x73/0xb0 [ 13.292320] print_report+0xd1/0x650 [ 13.292344] ? __virt_addr_valid+0x1db/0x2d0 [ 13.292367] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.292414] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.292437] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.292463] kasan_report+0x141/0x180 [ 13.292502] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.292532] kasan_check_range+0x10c/0x1c0 [ 13.292570] __kasan_check_write+0x18/0x20 [ 13.292603] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.292653] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.292725] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.292748] ? trace_hardirqs_on+0x37/0xe0 [ 13.292770] ? kasan_bitops_generic+0x92/0x1c0 [ 13.292795] kasan_bitops_generic+0x116/0x1c0 [ 13.292816] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.292838] ? __pfx_read_tsc+0x10/0x10 [ 13.292859] ? ktime_get_ts64+0x86/0x230 [ 13.292883] kunit_try_run_case+0x1a5/0x480 [ 13.292906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.292928] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.292950] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.292972] ? __kthread_parkme+0x82/0x180 [ 13.292992] ? preempt_count_sub+0x50/0x80 [ 13.293017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.293041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.293064] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.293109] kthread+0x337/0x6f0 [ 13.293130] ? trace_preempt_on+0x20/0xc0 [ 13.293165] ? __pfx_kthread+0x10/0x10 [ 13.293193] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.293213] ? calculate_sigpending+0x7b/0xa0 [ 13.293237] ? __pfx_kthread+0x10/0x10 [ 13.293259] ret_from_fork+0x116/0x1d0 [ 13.293277] ? __pfx_kthread+0x10/0x10 [ 13.293297] ret_from_fork_asm+0x1a/0x30 [ 13.293345] </TASK> [ 13.293355] [ 13.302674] Allocated by task 278: [ 13.302957] kasan_save_stack+0x45/0x70 [ 13.303184] kasan_save_track+0x18/0x40 [ 13.303362] kasan_save_alloc_info+0x3b/0x50 [ 13.303504] __kasan_kmalloc+0xb7/0xc0 [ 13.303768] __kmalloc_cache_noprof+0x189/0x420 [ 13.304024] kasan_bitops_generic+0x92/0x1c0 [ 13.304268] kunit_try_run_case+0x1a5/0x480 [ 13.304416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.304834] kthread+0x337/0x6f0 [ 13.305019] ret_from_fork+0x116/0x1d0 [ 13.305195] ret_from_fork_asm+0x1a/0x30 [ 13.305371] [ 13.305441] The buggy address belongs to the object at ffff888101d83660 [ 13.305441] which belongs to the cache kmalloc-16 of size 16 [ 13.306136] The buggy address is located 8 bytes inside of [ 13.306136] allocated 9-byte region [ffff888101d83660, ffff888101d83669) [ 13.306833] [ 13.306961] The buggy address belongs to the physical page: [ 13.307173] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d83 [ 13.307559] flags: 0x200000000000000(node=0|zone=2) [ 13.307900] page_type: f5(slab) [ 13.308233] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.308655] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.308955] page dumped because: kasan: bad access detected [ 13.309235] [ 13.309339] Memory state around the buggy address: [ 13.309535] ffff888101d83500: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.309951] ffff888101d83580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.310289] >ffff888101d83600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.310658] ^ [ 13.310945] ffff888101d83680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.311307] ffff888101d83700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.311590] ==================================================================