Date
May 13, 2025, 12:07 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 21.579650] ================================================================== [ 21.579733] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 21.579813] Write of size 8 at addr fff00000c4035148 by task kunit_try_catch/261 [ 21.579875] [ 21.579917] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT [ 21.580034] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.580071] Hardware name: linux,dummy-virt (DT) [ 21.580112] Call trace: [ 21.580141] show_stack+0x20/0x38 (C) [ 21.580202] dump_stack_lvl+0x8c/0xd0 [ 21.580261] print_report+0x118/0x608 [ 21.580317] kasan_report+0xdc/0x128 [ 21.580371] kasan_check_range+0x100/0x1a8 [ 21.580427] __kasan_check_write+0x20/0x30 [ 21.580484] kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 21.580547] kasan_bitops_generic+0x11c/0x1c8 [ 21.580602] kunit_try_run_case+0x170/0x3f0 [ 21.580658] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.580719] kthread+0x328/0x630 [ 21.580773] ret_from_fork+0x10/0x20 [ 21.580828] [ 21.580855] Allocated by task 261: [ 21.580892] kasan_save_stack+0x3c/0x68 [ 21.580955] kasan_save_track+0x20/0x40 [ 21.581018] kasan_save_alloc_info+0x40/0x58 [ 21.581067] __kasan_kmalloc+0xd4/0xd8 [ 21.581111] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.581158] kasan_bitops_generic+0xa0/0x1c8 [ 21.581204] kunit_try_run_case+0x170/0x3f0 [ 21.581248] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.581296] kthread+0x328/0x630 [ 21.581338] ret_from_fork+0x10/0x20 [ 21.581823] [ 21.581857] The buggy address belongs to the object at fff00000c4035140 [ 21.581857] which belongs to the cache kmalloc-16 of size 16 [ 21.581929] The buggy address is located 8 bytes inside of [ 21.581929] allocated 9-byte region [fff00000c4035140, fff00000c4035149) [ 21.582108] [ 21.582139] The buggy address belongs to the physical page: [ 21.582190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104035 [ 21.582757] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.583055] page_type: f5(slab) [ 21.583115] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.583176] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.583312] page dumped because: kasan: bad access detected [ 21.583355] [ 21.583379] Memory state around the buggy address: [ 21.583521] fff00000c4035000: 00 02 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 21.583716] fff00000c4035080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.583770] >fff00000c4035100: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 21.584030] ^ [ 21.584126] fff00000c4035180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.584258] fff00000c4035200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.584475] ================================================================== [ 21.585008] ================================================================== [ 21.585073] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 21.585151] Read of size 8 at addr fff00000c4035148 by task kunit_try_catch/261 [ 21.585210] [ 21.585254] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT [ 21.585351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.585386] Hardware name: linux,dummy-virt (DT) [ 21.585425] Call trace: [ 21.585455] show_stack+0x20/0x38 (C) [ 21.585516] dump_stack_lvl+0x8c/0xd0 [ 21.585570] print_report+0x118/0x608 [ 21.585625] kasan_report+0xdc/0x128 [ 21.585679] __asan_report_load8_noabort+0x20/0x30 [ 21.585739] kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 21.585847] kasan_bitops_generic+0x11c/0x1c8 [ 21.585917] kunit_try_run_case+0x170/0x3f0 [ 21.586595] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.587320] kthread+0x328/0x630 [ 21.587408] ret_from_fork+0x10/0x20 [ 21.587529] [ 21.587593] Allocated by task 261: [ 21.587667] kasan_save_stack+0x3c/0x68 [ 21.587733] kasan_save_track+0x20/0x40 [ 21.587780] kasan_save_alloc_info+0x40/0x58 [ 21.587828] __kasan_kmalloc+0xd4/0xd8 [ 21.587871] __kmalloc_cache_noprof+0x15c/0x3c0 [ 21.588335] kasan_bitops_generic+0xa0/0x1c8 [ 21.588392] kunit_try_run_case+0x170/0x3f0 [ 21.588448] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.588646] kthread+0x328/0x630 [ 21.588701] ret_from_fork+0x10/0x20 [ 21.588835] [ 21.589100] The buggy address belongs to the object at fff00000c4035140 [ 21.589100] which belongs to the cache kmalloc-16 of size 16 [ 21.589185] The buggy address is located 8 bytes inside of [ 21.589185] allocated 9-byte region [fff00000c4035140, fff00000c4035149) [ 21.589273] [ 21.589633] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.590316] [ 21.590541] fff00000c4035000: 00 02 fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 21.590702] ^ [ 21.591943] ==================================================================
[ 13.542717] ================================================================== [ 13.542949] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.543271] Read of size 8 at addr ffff888101d83668 by task kunit_try_catch/278 [ 13.543983] [ 13.544109] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT(voluntary) [ 13.544155] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.544167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.544188] Call Trace: [ 13.544202] <TASK> [ 13.544218] dump_stack_lvl+0x73/0xb0 [ 13.544244] print_report+0xd1/0x650 [ 13.544294] ? __virt_addr_valid+0x1db/0x2d0 [ 13.544327] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.544352] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.544374] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.544399] kasan_report+0x141/0x180 [ 13.544421] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.544452] __asan_report_load8_noabort+0x18/0x20 [ 13.544473] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.544499] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.544528] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.544549] ? trace_hardirqs_on+0x37/0xe0 [ 13.544572] ? kasan_bitops_generic+0x92/0x1c0 [ 13.544597] kasan_bitops_generic+0x121/0x1c0 [ 13.544629] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.544651] ? __pfx_read_tsc+0x10/0x10 [ 13.544671] ? ktime_get_ts64+0x86/0x230 [ 13.544695] kunit_try_run_case+0x1a5/0x480 [ 13.544721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.544743] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.544765] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.544788] ? __kthread_parkme+0x82/0x180 [ 13.544828] ? preempt_count_sub+0x50/0x80 [ 13.544853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.544876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.544899] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.544922] kthread+0x337/0x6f0 [ 13.544943] ? trace_preempt_on+0x20/0xc0 [ 13.544965] ? __pfx_kthread+0x10/0x10 [ 13.544986] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.545007] ? calculate_sigpending+0x7b/0xa0 [ 13.545031] ? __pfx_kthread+0x10/0x10 [ 13.545054] ret_from_fork+0x116/0x1d0 [ 13.545072] ? __pfx_kthread+0x10/0x10 [ 13.545093] ret_from_fork_asm+0x1a/0x30 [ 13.545126] </TASK> [ 13.545137] [ 13.560534] Allocated by task 278: [ 13.560895] kasan_save_stack+0x45/0x70 [ 13.561177] kasan_save_track+0x18/0x40 [ 13.561328] kasan_save_alloc_info+0x3b/0x50 [ 13.561472] __kasan_kmalloc+0xb7/0xc0 [ 13.561657] __kmalloc_cache_noprof+0x189/0x420 [ 13.561810] kasan_bitops_generic+0x92/0x1c0 [ 13.561956] kunit_try_run_case+0x1a5/0x480 [ 13.562100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.562321] kthread+0x337/0x6f0 [ 13.562501] ret_from_fork+0x116/0x1d0 [ 13.562664] ret_from_fork_asm+0x1a/0x30 [ 13.562827] [ 13.562922] The buggy address belongs to the object at ffff888101d83660 [ 13.562922] which belongs to the cache kmalloc-16 of size 16 [ 13.563354] The buggy address is located 8 bytes inside of [ 13.563354] allocated 9-byte region [ffff888101d83660, ffff888101d83669) [ 13.563995] [ 13.564093] The buggy address belongs to the physical page: [ 13.564411] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d83 [ 13.564790] flags: 0x200000000000000(node=0|zone=2) [ 13.564999] page_type: f5(slab) [ 13.565135] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.565621] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.565845] page dumped because: kasan: bad access detected [ 13.566287] [ 13.566433] Memory state around the buggy address: [ 13.566736] ffff888101d83500: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.567026] ffff888101d83580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.567311] >ffff888101d83600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.567596] ^ [ 13.567801] ffff888101d83680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.568069] ffff888101d83700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.568385] ================================================================== [ 13.479018] ================================================================== [ 13.479522] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.480189] Write of size 8 at addr ffff888101d83668 by task kunit_try_catch/278 [ 13.480931] [ 13.481157] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT(voluntary) [ 13.481205] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.481216] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.481239] Call Trace: [ 13.481254] <TASK> [ 13.481269] dump_stack_lvl+0x73/0xb0 [ 13.481296] print_report+0xd1/0x650 [ 13.481328] ? __virt_addr_valid+0x1db/0x2d0 [ 13.481352] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.481386] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.481408] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.481432] kasan_report+0x141/0x180 [ 13.481464] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.481493] kasan_check_range+0x10c/0x1c0 [ 13.481517] __kasan_check_write+0x18/0x20 [ 13.481555] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.481579] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.481606] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.481637] ? trace_hardirqs_on+0x37/0xe0 [ 13.481659] ? kasan_bitops_generic+0x92/0x1c0 [ 13.481683] kasan_bitops_generic+0x121/0x1c0 [ 13.481703] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.481724] ? __pfx_read_tsc+0x10/0x10 [ 13.481745] ? ktime_get_ts64+0x86/0x230 [ 13.481768] kunit_try_run_case+0x1a5/0x480 [ 13.481792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.481814] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.481836] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.481858] ? __kthread_parkme+0x82/0x180 [ 13.481878] ? preempt_count_sub+0x50/0x80 [ 13.481903] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.481926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.481948] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.481972] kthread+0x337/0x6f0 [ 13.481992] ? trace_preempt_on+0x20/0xc0 [ 13.482014] ? __pfx_kthread+0x10/0x10 [ 13.482035] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.482055] ? calculate_sigpending+0x7b/0xa0 [ 13.482079] ? __pfx_kthread+0x10/0x10 [ 13.482100] ret_from_fork+0x116/0x1d0 [ 13.482118] ? __pfx_kthread+0x10/0x10 [ 13.482139] ret_from_fork_asm+0x1a/0x30 [ 13.482170] </TASK> [ 13.482186] [ 13.496020] Allocated by task 278: [ 13.496349] kasan_save_stack+0x45/0x70 [ 13.496777] kasan_save_track+0x18/0x40 [ 13.497139] kasan_save_alloc_info+0x3b/0x50 [ 13.497638] __kasan_kmalloc+0xb7/0xc0 [ 13.497987] __kmalloc_cache_noprof+0x189/0x420 [ 13.498267] kasan_bitops_generic+0x92/0x1c0 [ 13.498413] kunit_try_run_case+0x1a5/0x480 [ 13.498690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.499158] kthread+0x337/0x6f0 [ 13.499472] ret_from_fork+0x116/0x1d0 [ 13.500052] ret_from_fork_asm+0x1a/0x30 [ 13.500229] [ 13.500318] The buggy address belongs to the object at ffff888101d83660 [ 13.500318] which belongs to the cache kmalloc-16 of size 16 [ 13.501371] The buggy address is located 8 bytes inside of [ 13.501371] allocated 9-byte region [ffff888101d83660, ffff888101d83669) [ 13.502311] [ 13.502485] The buggy address belongs to the physical page: [ 13.503072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d83 [ 13.503474] flags: 0x200000000000000(node=0|zone=2) [ 13.503963] page_type: f5(slab) [ 13.504257] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.504491] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.505137] page dumped because: kasan: bad access detected [ 13.505724] [ 13.506090] Memory state around the buggy address: [ 13.506545] ffff888101d83500: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.507086] ffff888101d83580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.507642] >ffff888101d83600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.508197] ^ [ 13.508400] ffff888101d83680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.508690] ffff888101d83700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.509303] ================================================================== [ 13.379131] ================================================================== [ 13.379597] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.379997] Write of size 8 at addr ffff888101d83668 by task kunit_try_catch/278 [ 13.380711] [ 13.381269] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT(voluntary) [ 13.381327] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.381339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.381361] Call Trace: [ 13.381375] <TASK> [ 13.381390] dump_stack_lvl+0x73/0xb0 [ 13.381427] print_report+0xd1/0x650 [ 13.381450] ? __virt_addr_valid+0x1db/0x2d0 [ 13.381473] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.381497] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.381519] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.381594] kasan_report+0x141/0x180 [ 13.381627] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.381656] kasan_check_range+0x10c/0x1c0 [ 13.381680] __kasan_check_write+0x18/0x20 [ 13.381699] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.381722] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.381750] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.381770] ? trace_hardirqs_on+0x37/0xe0 [ 13.381793] ? kasan_bitops_generic+0x92/0x1c0 [ 13.381817] kasan_bitops_generic+0x121/0x1c0 [ 13.381836] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.381857] ? __pfx_read_tsc+0x10/0x10 [ 13.381879] ? ktime_get_ts64+0x86/0x230 [ 13.381904] kunit_try_run_case+0x1a5/0x480 [ 13.381927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.381948] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.381970] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.381992] ? __kthread_parkme+0x82/0x180 [ 13.382011] ? preempt_count_sub+0x50/0x80 [ 13.382036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.382060] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.382082] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.382105] kthread+0x337/0x6f0 [ 13.382125] ? trace_preempt_on+0x20/0xc0 [ 13.382147] ? __pfx_kthread+0x10/0x10 [ 13.382169] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.382226] ? calculate_sigpending+0x7b/0xa0 [ 13.382249] ? __pfx_kthread+0x10/0x10 [ 13.382271] ret_from_fork+0x116/0x1d0 [ 13.382290] ? __pfx_kthread+0x10/0x10 [ 13.382310] ret_from_fork_asm+0x1a/0x30 [ 13.382342] </TASK> [ 13.382353] [ 13.396805] Allocated by task 278: [ 13.397078] kasan_save_stack+0x45/0x70 [ 13.397298] kasan_save_track+0x18/0x40 [ 13.397483] kasan_save_alloc_info+0x3b/0x50 [ 13.397979] __kasan_kmalloc+0xb7/0xc0 [ 13.398246] __kmalloc_cache_noprof+0x189/0x420 [ 13.398466] kasan_bitops_generic+0x92/0x1c0 [ 13.398827] kunit_try_run_case+0x1a5/0x480 [ 13.399170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.399648] kthread+0x337/0x6f0 [ 13.399825] ret_from_fork+0x116/0x1d0 [ 13.400097] ret_from_fork_asm+0x1a/0x30 [ 13.400438] [ 13.400658] The buggy address belongs to the object at ffff888101d83660 [ 13.400658] which belongs to the cache kmalloc-16 of size 16 [ 13.401726] The buggy address is located 8 bytes inside of [ 13.401726] allocated 9-byte region [ffff888101d83660, ffff888101d83669) [ 13.402482] [ 13.402724] The buggy address belongs to the physical page: [ 13.403078] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d83 [ 13.403668] flags: 0x200000000000000(node=0|zone=2) [ 13.403975] page_type: f5(slab) [ 13.404153] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.404434] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.404793] page dumped because: kasan: bad access detected [ 13.405008] [ 13.405148] Memory state around the buggy address: [ 13.405435] ffff888101d83500: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.405786] ffff888101d83580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.406164] >ffff888101d83600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.406430] ^ [ 13.406776] ffff888101d83680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.407089] ffff888101d83700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.407370] ================================================================== [ 13.407772] ================================================================== [ 13.408172] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.408477] Write of size 8 at addr ffff888101d83668 by task kunit_try_catch/278 [ 13.408933] [ 13.409043] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT(voluntary) [ 13.409090] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.409101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.409122] Call Trace: [ 13.409135] <TASK> [ 13.409150] dump_stack_lvl+0x73/0xb0 [ 13.409176] print_report+0xd1/0x650 [ 13.409206] ? __virt_addr_valid+0x1db/0x2d0 [ 13.409229] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.409252] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.409275] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.409298] kasan_report+0x141/0x180 [ 13.409322] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.409351] kasan_check_range+0x10c/0x1c0 [ 13.409375] __kasan_check_write+0x18/0x20 [ 13.409395] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.409419] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.409447] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.409467] ? trace_hardirqs_on+0x37/0xe0 [ 13.409490] ? kasan_bitops_generic+0x92/0x1c0 [ 13.409513] kasan_bitops_generic+0x121/0x1c0 [ 13.409533] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.409555] ? __pfx_read_tsc+0x10/0x10 [ 13.409576] ? ktime_get_ts64+0x86/0x230 [ 13.409600] kunit_try_run_case+0x1a5/0x480 [ 13.409635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.409656] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.409678] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.409701] ? __kthread_parkme+0x82/0x180 [ 13.409721] ? preempt_count_sub+0x50/0x80 [ 13.409746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.409769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.409792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.409829] kthread+0x337/0x6f0 [ 13.409849] ? trace_preempt_on+0x20/0xc0 [ 13.409871] ? __pfx_kthread+0x10/0x10 [ 13.409893] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.409913] ? calculate_sigpending+0x7b/0xa0 [ 13.409937] ? __pfx_kthread+0x10/0x10 [ 13.409959] ret_from_fork+0x116/0x1d0 [ 13.409977] ? __pfx_kthread+0x10/0x10 [ 13.409998] ret_from_fork_asm+0x1a/0x30 [ 13.410030] </TASK> [ 13.410040] [ 13.422991] Allocated by task 278: [ 13.423395] kasan_save_stack+0x45/0x70 [ 13.424079] kasan_save_track+0x18/0x40 [ 13.424694] kasan_save_alloc_info+0x3b/0x50 [ 13.424869] __kasan_kmalloc+0xb7/0xc0 [ 13.425005] __kmalloc_cache_noprof+0x189/0x420 [ 13.425160] kasan_bitops_generic+0x92/0x1c0 [ 13.425315] kunit_try_run_case+0x1a5/0x480 [ 13.425462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.426215] kthread+0x337/0x6f0 [ 13.426756] ret_from_fork+0x116/0x1d0 [ 13.427397] ret_from_fork_asm+0x1a/0x30 [ 13.427924] [ 13.428294] The buggy address belongs to the object at ffff888101d83660 [ 13.428294] which belongs to the cache kmalloc-16 of size 16 [ 13.430091] The buggy address is located 8 bytes inside of [ 13.430091] allocated 9-byte region [ffff888101d83660, ffff888101d83669) [ 13.432073] [ 13.432326] The buggy address belongs to the physical page: [ 13.433024] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d83 [ 13.433876] flags: 0x200000000000000(node=0|zone=2) [ 13.434437] page_type: f5(slab) [ 13.434845] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.435485] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.436419] page dumped because: kasan: bad access detected [ 13.436986] [ 13.437064] Memory state around the buggy address: [ 13.437430] ffff888101d83500: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.438429] ffff888101d83580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.439267] >ffff888101d83600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.439826] ^ [ 13.440027] ffff888101d83680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.440627] ffff888101d83700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.441632] ================================================================== [ 13.334265] ================================================================== [ 13.334626] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.335018] Write of size 8 at addr ffff888101d83668 by task kunit_try_catch/278 [ 13.335473] [ 13.335678] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT(voluntary) [ 13.335727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.335738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.335759] Call Trace: [ 13.335772] <TASK> [ 13.335786] dump_stack_lvl+0x73/0xb0 [ 13.335812] print_report+0xd1/0x650 [ 13.335835] ? __virt_addr_valid+0x1db/0x2d0 [ 13.335858] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.335882] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.335905] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.335929] kasan_report+0x141/0x180 [ 13.335952] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.335981] kasan_check_range+0x10c/0x1c0 [ 13.336005] __kasan_check_write+0x18/0x20 [ 13.336025] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.336049] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.336078] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.336098] ? trace_hardirqs_on+0x37/0xe0 [ 13.336120] ? kasan_bitops_generic+0x92/0x1c0 [ 13.336145] kasan_bitops_generic+0x121/0x1c0 [ 13.336165] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.336187] ? __pfx_read_tsc+0x10/0x10 [ 13.336207] ? ktime_get_ts64+0x86/0x230 [ 13.336232] kunit_try_run_case+0x1a5/0x480 [ 13.336255] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.336277] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.336299] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.336322] ? __kthread_parkme+0x82/0x180 [ 13.336342] ? preempt_count_sub+0x50/0x80 [ 13.336367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.336390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.336414] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.336437] kthread+0x337/0x6f0 [ 13.336456] ? trace_preempt_on+0x20/0xc0 [ 13.336478] ? __pfx_kthread+0x10/0x10 [ 13.336499] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.336520] ? calculate_sigpending+0x7b/0xa0 [ 13.336586] ? __pfx_kthread+0x10/0x10 [ 13.336609] ret_from_fork+0x116/0x1d0 [ 13.336639] ? __pfx_kthread+0x10/0x10 [ 13.336661] ret_from_fork_asm+0x1a/0x30 [ 13.336693] </TASK> [ 13.336703] [ 13.345001] Allocated by task 278: [ 13.345157] kasan_save_stack+0x45/0x70 [ 13.345359] kasan_save_track+0x18/0x40 [ 13.345495] kasan_save_alloc_info+0x3b/0x50 [ 13.345779] __kasan_kmalloc+0xb7/0xc0 [ 13.345980] __kmalloc_cache_noprof+0x189/0x420 [ 13.346162] kasan_bitops_generic+0x92/0x1c0 [ 13.346372] kunit_try_run_case+0x1a5/0x480 [ 13.346525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.347653] kthread+0x337/0x6f0 [ 13.348347] ret_from_fork+0x116/0x1d0 [ 13.348886] ret_from_fork_asm+0x1a/0x30 [ 13.349279] [ 13.349445] The buggy address belongs to the object at ffff888101d83660 [ 13.349445] which belongs to the cache kmalloc-16 of size 16 [ 13.350636] The buggy address is located 8 bytes inside of [ 13.350636] allocated 9-byte region [ffff888101d83660, ffff888101d83669) [ 13.350995] [ 13.351070] The buggy address belongs to the physical page: [ 13.351381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d83 [ 13.352236] flags: 0x200000000000000(node=0|zone=2) [ 13.352855] page_type: f5(slab) [ 13.353277] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.354048] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.354911] page dumped because: kasan: bad access detected [ 13.355463] [ 13.355702] Memory state around the buggy address: [ 13.356035] ffff888101d83500: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.356409] ffff888101d83580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.357284] >ffff888101d83600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.357806] ^ [ 13.358010] ffff888101d83680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.358250] ffff888101d83700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.358525] ================================================================== [ 13.510323] ================================================================== [ 13.511264] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.511864] Read of size 8 at addr ffff888101d83668 by task kunit_try_catch/278 [ 13.512091] [ 13.512178] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT(voluntary) [ 13.512223] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.512235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.512257] Call Trace: [ 13.512270] <TASK> [ 13.512295] dump_stack_lvl+0x73/0xb0 [ 13.512321] print_report+0xd1/0x650 [ 13.512343] ? __virt_addr_valid+0x1db/0x2d0 [ 13.512367] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.512390] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.512413] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.512437] kasan_report+0x141/0x180 [ 13.512459] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.512488] kasan_check_range+0x10c/0x1c0 [ 13.512512] __kasan_check_read+0x15/0x20 [ 13.512531] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.512555] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.512583] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.512603] ? trace_hardirqs_on+0x37/0xe0 [ 13.512682] ? kasan_bitops_generic+0x92/0x1c0 [ 13.512709] kasan_bitops_generic+0x121/0x1c0 [ 13.512729] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.512751] ? __pfx_read_tsc+0x10/0x10 [ 13.512771] ? ktime_get_ts64+0x86/0x230 [ 13.512796] kunit_try_run_case+0x1a5/0x480 [ 13.512819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.512842] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.512865] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.512888] ? __kthread_parkme+0x82/0x180 [ 13.512909] ? preempt_count_sub+0x50/0x80 [ 13.512933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.512957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.512980] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.513003] kthread+0x337/0x6f0 [ 13.513022] ? trace_preempt_on+0x20/0xc0 [ 13.513045] ? __pfx_kthread+0x10/0x10 [ 13.513066] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.513086] ? calculate_sigpending+0x7b/0xa0 [ 13.513110] ? __pfx_kthread+0x10/0x10 [ 13.513132] ret_from_fork+0x116/0x1d0 [ 13.513151] ? __pfx_kthread+0x10/0x10 [ 13.513172] ret_from_fork_asm+0x1a/0x30 [ 13.513215] </TASK> [ 13.513225] [ 13.528424] Allocated by task 278: [ 13.528809] kasan_save_stack+0x45/0x70 [ 13.529176] kasan_save_track+0x18/0x40 [ 13.529390] kasan_save_alloc_info+0x3b/0x50 [ 13.529721] __kasan_kmalloc+0xb7/0xc0 [ 13.530078] __kmalloc_cache_noprof+0x189/0x420 [ 13.530554] kasan_bitops_generic+0x92/0x1c0 [ 13.531005] kunit_try_run_case+0x1a5/0x480 [ 13.531198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.531401] kthread+0x337/0x6f0 [ 13.531767] ret_from_fork+0x116/0x1d0 [ 13.532119] ret_from_fork_asm+0x1a/0x30 [ 13.532499] [ 13.532711] The buggy address belongs to the object at ffff888101d83660 [ 13.532711] which belongs to the cache kmalloc-16 of size 16 [ 13.533414] The buggy address is located 8 bytes inside of [ 13.533414] allocated 9-byte region [ffff888101d83660, ffff888101d83669) [ 13.533931] [ 13.534094] The buggy address belongs to the physical page: [ 13.534807] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d83 [ 13.535506] flags: 0x200000000000000(node=0|zone=2) [ 13.535988] page_type: f5(slab) [ 13.536351] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.537102] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.537827] page dumped because: kasan: bad access detected [ 13.538128] [ 13.538199] Memory state around the buggy address: [ 13.538582] ffff888101d83500: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.539322] ffff888101d83580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.540041] >ffff888101d83600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.540275] ^ [ 13.540852] ffff888101d83680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.541551] ffff888101d83700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.542312] ================================================================== [ 13.442779] ================================================================== [ 13.444111] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.444736] Write of size 8 at addr ffff888101d83668 by task kunit_try_catch/278 [ 13.445672] [ 13.445984] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT(voluntary) [ 13.446035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.446049] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.446071] Call Trace: [ 13.446086] <TASK> [ 13.446101] dump_stack_lvl+0x73/0xb0 [ 13.446129] print_report+0xd1/0x650 [ 13.446152] ? __virt_addr_valid+0x1db/0x2d0 [ 13.446176] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.446200] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.446222] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.446245] kasan_report+0x141/0x180 [ 13.446267] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.446296] kasan_check_range+0x10c/0x1c0 [ 13.446319] __kasan_check_write+0x18/0x20 [ 13.446338] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.446362] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.446389] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.446410] ? trace_hardirqs_on+0x37/0xe0 [ 13.446432] ? kasan_bitops_generic+0x92/0x1c0 [ 13.446456] kasan_bitops_generic+0x121/0x1c0 [ 13.446480] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.446501] ? __pfx_read_tsc+0x10/0x10 [ 13.446641] ? ktime_get_ts64+0x86/0x230 [ 13.446675] kunit_try_run_case+0x1a5/0x480 [ 13.446700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.446735] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.446757] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.446811] ? __kthread_parkme+0x82/0x180 [ 13.446832] ? preempt_count_sub+0x50/0x80 [ 13.446857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.446881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.446903] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.446926] kthread+0x337/0x6f0 [ 13.446946] ? trace_preempt_on+0x20/0xc0 [ 13.446968] ? __pfx_kthread+0x10/0x10 [ 13.446989] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.447010] ? calculate_sigpending+0x7b/0xa0 [ 13.447034] ? __pfx_kthread+0x10/0x10 [ 13.447056] ret_from_fork+0x116/0x1d0 [ 13.447073] ? __pfx_kthread+0x10/0x10 [ 13.447094] ret_from_fork_asm+0x1a/0x30 [ 13.447126] </TASK> [ 13.447135] [ 13.464711] Allocated by task 278: [ 13.465050] kasan_save_stack+0x45/0x70 [ 13.465198] kasan_save_track+0x18/0x40 [ 13.465335] kasan_save_alloc_info+0x3b/0x50 [ 13.465479] __kasan_kmalloc+0xb7/0xc0 [ 13.465642] __kmalloc_cache_noprof+0x189/0x420 [ 13.466132] kasan_bitops_generic+0x92/0x1c0 [ 13.466632] kunit_try_run_case+0x1a5/0x480 [ 13.467043] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.467608] kthread+0x337/0x6f0 [ 13.467799] ret_from_fork+0x116/0x1d0 [ 13.467935] ret_from_fork_asm+0x1a/0x30 [ 13.468075] [ 13.468146] The buggy address belongs to the object at ffff888101d83660 [ 13.468146] which belongs to the cache kmalloc-16 of size 16 [ 13.469336] The buggy address is located 8 bytes inside of [ 13.469336] allocated 9-byte region [ffff888101d83660, ffff888101d83669) [ 13.470557] [ 13.470768] The buggy address belongs to the physical page: [ 13.471145] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d83 [ 13.471907] flags: 0x200000000000000(node=0|zone=2) [ 13.472205] page_type: f5(slab) [ 13.472621] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.472987] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.473274] page dumped because: kasan: bad access detected [ 13.473921] [ 13.474148] Memory state around the buggy address: [ 13.474657] ffff888101d83500: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.475315] ffff888101d83580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.475869] >ffff888101d83600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.476128] ^ [ 13.476718] ffff888101d83680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.477391] ffff888101d83700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.478136] ================================================================== [ 13.359001] ================================================================== [ 13.359351] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.359799] Write of size 8 at addr ffff888101d83668 by task kunit_try_catch/278 [ 13.360139] [ 13.360235] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT(voluntary) [ 13.360279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.360292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.360313] Call Trace: [ 13.360327] <TASK> [ 13.360340] dump_stack_lvl+0x73/0xb0 [ 13.360366] print_report+0xd1/0x650 [ 13.360389] ? __virt_addr_valid+0x1db/0x2d0 [ 13.360411] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.360435] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.360476] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.360500] kasan_report+0x141/0x180 [ 13.360522] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.360551] kasan_check_range+0x10c/0x1c0 [ 13.360575] __kasan_check_write+0x18/0x20 [ 13.360595] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.360628] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.360656] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.360678] ? trace_hardirqs_on+0x37/0xe0 [ 13.360701] ? kasan_bitops_generic+0x92/0x1c0 [ 13.360725] kasan_bitops_generic+0x121/0x1c0 [ 13.360745] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.360767] ? __pfx_read_tsc+0x10/0x10 [ 13.360787] ? ktime_get_ts64+0x86/0x230 [ 13.360812] kunit_try_run_case+0x1a5/0x480 [ 13.360836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.360858] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.360880] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.360902] ? __kthread_parkme+0x82/0x180 [ 13.360922] ? preempt_count_sub+0x50/0x80 [ 13.360947] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.360970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.360993] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.361016] kthread+0x337/0x6f0 [ 13.361035] ? trace_preempt_on+0x20/0xc0 [ 13.361058] ? __pfx_kthread+0x10/0x10 [ 13.361080] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.361101] ? calculate_sigpending+0x7b/0xa0 [ 13.361124] ? __pfx_kthread+0x10/0x10 [ 13.361146] ret_from_fork+0x116/0x1d0 [ 13.361164] ? __pfx_kthread+0x10/0x10 [ 13.361185] ret_from_fork_asm+0x1a/0x30 [ 13.361217] </TASK> [ 13.361227] [ 13.369801] Allocated by task 278: [ 13.369931] kasan_save_stack+0x45/0x70 [ 13.370075] kasan_save_track+0x18/0x40 [ 13.370395] kasan_save_alloc_info+0x3b/0x50 [ 13.371006] __kasan_kmalloc+0xb7/0xc0 [ 13.371194] __kmalloc_cache_noprof+0x189/0x420 [ 13.371361] kasan_bitops_generic+0x92/0x1c0 [ 13.371507] kunit_try_run_case+0x1a5/0x480 [ 13.371670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.371925] kthread+0x337/0x6f0 [ 13.372112] ret_from_fork+0x116/0x1d0 [ 13.372466] ret_from_fork_asm+0x1a/0x30 [ 13.372767] [ 13.372865] The buggy address belongs to the object at ffff888101d83660 [ 13.372865] which belongs to the cache kmalloc-16 of size 16 [ 13.373470] The buggy address is located 8 bytes inside of [ 13.373470] allocated 9-byte region [ffff888101d83660, ffff888101d83669) [ 13.373977] [ 13.374053] The buggy address belongs to the physical page: [ 13.374375] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d83 [ 13.374720] flags: 0x200000000000000(node=0|zone=2) [ 13.374884] page_type: f5(slab) [ 13.375006] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.375445] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.375792] page dumped because: kasan: bad access detected [ 13.376000] [ 13.376070] Memory state around the buggy address: [ 13.376346] ffff888101d83500: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.377084] ffff888101d83580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.377463] >ffff888101d83600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.377814] ^ [ 13.378116] ffff888101d83680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.378418] ffff888101d83700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.378775] ================================================================== [ 13.312019] ================================================================== [ 13.312415] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.313395] Write of size 8 at addr ffff888101d83668 by task kunit_try_catch/278 [ 13.313980] [ 13.314089] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-rc6-next-20250513 #1 PREEMPT(voluntary) [ 13.314166] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.314188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.314209] Call Trace: [ 13.314222] <TASK> [ 13.314236] dump_stack_lvl+0x73/0xb0 [ 13.314264] print_report+0xd1/0x650 [ 13.314286] ? __virt_addr_valid+0x1db/0x2d0 [ 13.314310] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.314333] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.314356] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.314380] kasan_report+0x141/0x180 [ 13.314404] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.314432] kasan_check_range+0x10c/0x1c0 [ 13.314456] __kasan_check_write+0x18/0x20 [ 13.314481] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.314505] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.314551] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.314572] ? trace_hardirqs_on+0x37/0xe0 [ 13.314594] ? kasan_bitops_generic+0x92/0x1c0 [ 13.314685] kasan_bitops_generic+0x121/0x1c0 [ 13.314723] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.314758] ? __pfx_read_tsc+0x10/0x10 [ 13.314779] ? ktime_get_ts64+0x86/0x230 [ 13.314804] kunit_try_run_case+0x1a5/0x480 [ 13.314828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.314850] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.314873] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.314896] ? __kthread_parkme+0x82/0x180 [ 13.314916] ? preempt_count_sub+0x50/0x80 [ 13.314942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.314966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.314990] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.315013] kthread+0x337/0x6f0 [ 13.315033] ? trace_preempt_on+0x20/0xc0 [ 13.315056] ? __pfx_kthread+0x10/0x10 [ 13.315077] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.315098] ? calculate_sigpending+0x7b/0xa0 [ 13.315122] ? __pfx_kthread+0x10/0x10 [ 13.315144] ret_from_fork+0x116/0x1d0 [ 13.315162] ? __pfx_kthread+0x10/0x10 [ 13.315194] ret_from_fork_asm+0x1a/0x30 [ 13.315243] </TASK> [ 13.315254] [ 13.324800] Allocated by task 278: [ 13.324994] kasan_save_stack+0x45/0x70 [ 13.325194] kasan_save_track+0x18/0x40 [ 13.325393] kasan_save_alloc_info+0x3b/0x50 [ 13.325734] __kasan_kmalloc+0xb7/0xc0 [ 13.325927] __kmalloc_cache_noprof+0x189/0x420 [ 13.326167] kasan_bitops_generic+0x92/0x1c0 [ 13.326402] kunit_try_run_case+0x1a5/0x480 [ 13.326701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.327094] kthread+0x337/0x6f0 [ 13.327277] ret_from_fork+0x116/0x1d0 [ 13.327413] ret_from_fork_asm+0x1a/0x30 [ 13.327552] [ 13.327634] The buggy address belongs to the object at ffff888101d83660 [ 13.327634] which belongs to the cache kmalloc-16 of size 16 [ 13.328596] The buggy address is located 8 bytes inside of [ 13.328596] allocated 9-byte region [ffff888101d83660, ffff888101d83669) [ 13.329167] [ 13.329278] The buggy address belongs to the physical page: [ 13.329742] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d83 [ 13.330144] flags: 0x200000000000000(node=0|zone=2) [ 13.330390] page_type: f5(slab) [ 13.330661] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.330995] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.331412] page dumped because: kasan: bad access detected [ 13.331717] [ 13.331837] Memory state around the buggy address: [ 13.332002] ffff888101d83500: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 13.332219] ffff888101d83580: 00 02 fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 13.332578] >ffff888101d83600: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.332919] ^ [ 13.333218] ffff888101d83680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.333502] ffff888101d83700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.333868] ==================================================================