Date
May 29, 2025, 7:10 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 24.752725] ================================================================== [ 24.752947] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 24.753121] Write of size 8 at addr fff00000c66b10e8 by task kunit_try_catch/261 [ 24.753601] [ 24.753726] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT [ 24.754018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.754220] Hardware name: linux,dummy-virt (DT) [ 24.754544] Call trace: [ 24.754607] show_stack+0x20/0x38 (C) [ 24.754869] dump_stack_lvl+0x8c/0xd0 [ 24.755044] print_report+0x118/0x608 [ 24.755339] kasan_report+0xdc/0x128 [ 24.755576] kasan_check_range+0x100/0x1a8 [ 24.755833] __kasan_check_write+0x20/0x30 [ 24.756067] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 24.756529] kasan_bitops_generic+0x110/0x1c8 [ 24.756648] kunit_try_run_case+0x170/0x3f0 [ 24.756831] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.757124] kthread+0x328/0x630 [ 24.757441] ret_from_fork+0x10/0x20 [ 24.757565] [ 24.757876] Allocated by task 261: [ 24.757948] kasan_save_stack+0x3c/0x68 [ 24.758061] kasan_save_track+0x20/0x40 [ 24.758243] kasan_save_alloc_info+0x40/0x58 [ 24.758469] __kasan_kmalloc+0xd4/0xd8 [ 24.758678] __kmalloc_cache_noprof+0x15c/0x3c0 [ 24.758739] kasan_bitops_generic+0xa0/0x1c8 [ 24.758885] kunit_try_run_case+0x170/0x3f0 [ 24.759082] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.759180] kthread+0x328/0x630 [ 24.759249] ret_from_fork+0x10/0x20 [ 24.759333] [ 24.759392] The buggy address belongs to the object at fff00000c66b10e0 [ 24.759392] which belongs to the cache kmalloc-16 of size 16 [ 24.759940] The buggy address is located 8 bytes inside of [ 24.759940] allocated 9-byte region [fff00000c66b10e0, fff00000c66b10e9) [ 24.760274] [ 24.760374] The buggy address belongs to the physical page: [ 24.760597] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066b1 [ 24.760934] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.761213] page_type: f5(slab) [ 24.761416] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 24.761680] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.761800] page dumped because: kasan: bad access detected [ 24.761890] [ 24.762258] Memory state around the buggy address: [ 24.762439] fff00000c66b0f80: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 24.762540] fff00000c66b1000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.762652] >fff00000c66b1080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 24.762757] ^ [ 24.763031] fff00000c66b1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.763281] fff00000c66b1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.763609] ================================================================== [ 24.855332] ================================================================== [ 24.855470] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 24.855605] Read of size 8 at addr fff00000c66b10e8 by task kunit_try_catch/261 [ 24.855783] [ 24.855931] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT [ 24.856238] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.856309] Hardware name: linux,dummy-virt (DT) [ 24.856600] dump_stack_lvl+0x8c/0xd0 [ 24.856909] kasan_report+0xdc/0x128 [ 24.857783] kunit_try_run_case+0x170/0x3f0 [ 24.858191] ret_from_fork+0x10/0x20 [ 24.858313] [ 24.861377] fff00000c66b1000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.864449] Write of size 8 at addr fff00000c66b10e8 by task kunit_try_catch/261 [ 24.865271] dump_stack_lvl+0x8c/0xd0 [ 24.865789] __kasan_check_write+0x20/0x30 [ 24.866492] kthread+0x328/0x630 [ 24.867045] kasan_save_track+0x20/0x40 [ 24.867263] __kasan_kmalloc+0xd4/0xd8 [ 24.867539] kunit_try_run_case+0x170/0x3f0 [ 24.868377] [ 24.868608] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066b1 [ 24.869527] Memory state around the buggy address: [ 24.870357] fff00000c66b1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.872097] ================================================================== [ 24.767294] ================================================================== [ 24.767468] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 24.767622] Read of size 8 at addr fff00000c66b10e8 by task kunit_try_catch/261 [ 24.767735] [ 24.767827] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT [ 24.768137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.768233] Hardware name: linux,dummy-virt (DT) [ 24.768322] Call trace: [ 24.768382] show_stack+0x20/0x38 (C) [ 24.768530] dump_stack_lvl+0x8c/0xd0 [ 24.768657] print_report+0x118/0x608 [ 24.768782] kasan_report+0xdc/0x128 [ 24.768899] __asan_report_load8_noabort+0x20/0x30 [ 24.769032] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 24.769222] kasan_bitops_generic+0x110/0x1c8 [ 24.769389] kunit_try_run_case+0x170/0x3f0 [ 24.769542] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.769731] kthread+0x328/0x630 [ 24.769847] ret_from_fork+0x10/0x20 [ 24.769971] [ 24.770026] Allocated by task 261: [ 24.770132] kasan_save_stack+0x3c/0x68 [ 24.770277] kasan_save_track+0x20/0x40 [ 24.770441] kasan_save_alloc_info+0x40/0x58 [ 24.770539] __kasan_kmalloc+0xd4/0xd8 [ 24.770636] __kmalloc_cache_noprof+0x15c/0x3c0 [ 24.770719] kasan_bitops_generic+0xa0/0x1c8 [ 24.770810] kunit_try_run_case+0x170/0x3f0 [ 24.770912] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.771029] kthread+0x328/0x630 [ 24.771133] ret_from_fork+0x10/0x20 [ 24.771271] [ 24.771324] The buggy address belongs to the object at fff00000c66b10e0 [ 24.771324] which belongs to the cache kmalloc-16 of size 16 [ 24.771476] The buggy address is located 8 bytes inside of [ 24.771476] allocated 9-byte region [fff00000c66b10e0, fff00000c66b10e9) [ 24.771618] [ 24.771674] The buggy address belongs to the physical page: [ 24.771757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1066b1 [ 24.771879] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.771984] page_type: f5(slab) [ 24.772102] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 24.772242] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.772391] page dumped because: kasan: bad access detected [ 24.772529] [ 24.772582] Memory state around the buggy address: [ 24.772664] fff00000c66b0f80: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 24.773081] ^ [ 24.775828] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.777168] kunit_try_run_case+0x170/0x3f0 [ 24.777440] kthread+0x328/0x630 [ 24.777537] ret_from_fork+0x10/0x20 [ 24.777645] [ 24.777698] Allocated by task 261: [ 24.777767] kasan_save_stack+0x3c/0x68 [ 24.778243] __kmalloc_cache_noprof+0x15c/0x3c0 [ 24.780571] >fff00000c66b1080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 24.782466] [ 24.783008] Call trace: [ 24.783748] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 24.784609] [ 24.785147] __kasan_kmalloc+0xd4/0xd8 [ 24.786126] The buggy address is located 8 bytes inside of [ 24.786126] allocated 9-byte region [fff00000c66b10e0, fff00000c66b10e9) [ 24.789249] fff00000c66b1000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.791381] [ 24.791487] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT [ 24.793607] __kasan_check_write+0x20/0x30 [ 24.794109] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.795261] kasan_save_track+0x20/0x40 [ 24.797631] [ 24.798747] page dumped because: kasan: bad access detected [ 24.799100] fff00000c66b1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.800930] Write of size 8 at addr fff00000c66b10e8 by task kunit_try_catch/261 [ 24.801380] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.802265] kasan_report+0xdc/0x128 [ 24.802770] kasan_check_range+0x100/0x1a8 [ 24.803233] kasan_bitops_generic+0x110/0x1c8 [ 24.804490] Allocated by task 261: [ 24.804789] kasan_save_alloc_info+0x40/0x58 [ 24.805802] kthread+0x328/0x630 [ 24.805892] ret_from_fork+0x10/0x20 [ 24.805986] [ 24.806061] The buggy address belongs to the object at fff00000c66b10e0 [ 24.806061] which belongs to the cache kmalloc-16 of size 16 [ 24.807026] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 24.807424] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.809000] fff00000c66b1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.814379] kunit_try_run_case+0x170/0x3f0 [ 24.816489] kthread+0x328/0x630 [ 24.819108] page_type: f5(slab) [ 24.819345] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.821288] fff00000c66b1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.825413] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 24.826173] [ 24.828028] Call trace: [ 24.828197] show_stack+0x20/0x38 (C) [ 24.828668] print_report+0x118/0x608 [ 24.829734] __kasan_check_write+0x20/0x30 [ 24.830572] kasan_bitops_generic+0x110/0x1c8 [ 24.832298] ret_from_fork+0x10/0x20 [ 24.833179] kasan_save_stack+0x3c/0x68 [ 24.833871] kasan_save_alloc_info+0x40/0x58 [ 24.835090] [ 24.835150] The buggy address belongs to the object at fff00000c66b10e0 [ 24.835150] which belongs to the cache kmalloc-16 of size 16 [ 24.836767] page_type: f5(slab) [ 24.837148] page dumped because: kasan: bad access detected [ 24.838652] fff00000c66b1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.843655] ==================================================================
[ 13.008965] ================================================================== [ 13.009286] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.009641] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 13.009870] [ 13.009978] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.010207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.010220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.010241] Call Trace: [ 13.010255] <TASK> [ 13.010269] dump_stack_lvl+0x73/0xb0 [ 13.010295] print_report+0xd1/0x650 [ 13.010319] ? __virt_addr_valid+0x1db/0x2d0 [ 13.010341] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.010366] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.010390] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.010417] kasan_report+0x141/0x180 [ 13.010440] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.010470] kasan_check_range+0x10c/0x1c0 [ 13.010494] __kasan_check_write+0x18/0x20 [ 13.010515] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.010548] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.010575] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.010597] ? trace_hardirqs_on+0x37/0xe0 [ 13.010631] ? kasan_bitops_generic+0x92/0x1c0 [ 13.010655] kasan_bitops_generic+0x116/0x1c0 [ 13.010676] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.010697] ? __pfx_read_tsc+0x10/0x10 [ 13.010718] ? ktime_get_ts64+0x86/0x230 [ 13.010742] kunit_try_run_case+0x1a5/0x480 [ 13.010762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.010783] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.010874] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.010904] ? __kthread_parkme+0x82/0x180 [ 13.010925] ? preempt_count_sub+0x50/0x80 [ 13.010948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.010970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.010995] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.011020] kthread+0x337/0x6f0 [ 13.011040] ? trace_preempt_on+0x20/0xc0 [ 13.011063] ? __pfx_kthread+0x10/0x10 [ 13.011084] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.011107] ? calculate_sigpending+0x7b/0xa0 [ 13.011131] ? __pfx_kthread+0x10/0x10 [ 13.011153] ret_from_fork+0x116/0x1d0 [ 13.011171] ? __pfx_kthread+0x10/0x10 [ 13.011192] ret_from_fork_asm+0x1a/0x30 [ 13.011222] </TASK> [ 13.011232] [ 13.022593] Allocated by task 278: [ 13.022906] kasan_save_stack+0x45/0x70 [ 13.023266] kasan_save_track+0x18/0x40 [ 13.023551] kasan_save_alloc_info+0x3b/0x50 [ 13.023730] __kasan_kmalloc+0xb7/0xc0 [ 13.024110] __kmalloc_cache_noprof+0x189/0x420 [ 13.024474] kasan_bitops_generic+0x92/0x1c0 [ 13.024799] kunit_try_run_case+0x1a5/0x480 [ 13.025062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.025435] kthread+0x337/0x6f0 [ 13.025623] ret_from_fork+0x116/0x1d0 [ 13.026182] ret_from_fork_asm+0x1a/0x30 [ 13.026346] [ 13.026450] The buggy address belongs to the object at ffff888102856080 [ 13.026450] which belongs to the cache kmalloc-16 of size 16 [ 13.027240] The buggy address is located 8 bytes inside of [ 13.027240] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 13.027986] [ 13.028162] The buggy address belongs to the physical page: [ 13.028405] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 13.028939] flags: 0x200000000000000(node=0|zone=2) [ 13.029174] page_type: f5(slab) [ 13.029343] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.029698] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.030442] page dumped because: kasan: bad access detected [ 13.030919] [ 13.031030] Memory state around the buggy address: [ 13.031381] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.031701] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.032231] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.032572] ^ [ 13.032761] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.033308] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.033599] ================================================================== [ 12.900181] ================================================================== [ 12.900500] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 12.900880] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 12.901193] [ 12.901307] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.901354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.901367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.901388] Call Trace: [ 12.901405] <TASK> [ 12.901421] dump_stack_lvl+0x73/0xb0 [ 12.901445] print_report+0xd1/0x650 [ 12.901468] ? __virt_addr_valid+0x1db/0x2d0 [ 12.901491] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 12.901517] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.901541] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 12.901567] kasan_report+0x141/0x180 [ 12.901590] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 12.901632] kasan_check_range+0x10c/0x1c0 [ 12.901657] __kasan_check_write+0x18/0x20 [ 12.901677] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 12.901703] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 12.901731] ? __kmalloc_cache_noprof+0x189/0x420 [ 12.901752] ? trace_hardirqs_on+0x37/0xe0 [ 12.901775] ? kasan_bitops_generic+0x92/0x1c0 [ 12.901798] kasan_bitops_generic+0x116/0x1c0 [ 12.901819] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 12.901840] ? __pfx_read_tsc+0x10/0x10 [ 12.901861] ? ktime_get_ts64+0x86/0x230 [ 12.901885] kunit_try_run_case+0x1a5/0x480 [ 12.901907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.901927] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.901951] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.902034] ? __kthread_parkme+0x82/0x180 [ 12.902058] ? preempt_count_sub+0x50/0x80 [ 12.902082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.902104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.902128] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.902153] kthread+0x337/0x6f0 [ 12.902173] ? trace_preempt_on+0x20/0xc0 [ 12.902194] ? __pfx_kthread+0x10/0x10 [ 12.902216] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.902238] ? calculate_sigpending+0x7b/0xa0 [ 12.902263] ? __pfx_kthread+0x10/0x10 [ 12.902284] ret_from_fork+0x116/0x1d0 [ 12.902303] ? __pfx_kthread+0x10/0x10 [ 12.902324] ret_from_fork_asm+0x1a/0x30 [ 12.902355] </TASK> [ 12.902365] [ 12.911221] Allocated by task 278: [ 12.911450] kasan_save_stack+0x45/0x70 [ 12.911617] kasan_save_track+0x18/0x40 [ 12.912044] kasan_save_alloc_info+0x3b/0x50 [ 12.912281] __kasan_kmalloc+0xb7/0xc0 [ 12.912469] __kmalloc_cache_noprof+0x189/0x420 [ 12.912675] kasan_bitops_generic+0x92/0x1c0 [ 12.912951] kunit_try_run_case+0x1a5/0x480 [ 12.913143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.913400] kthread+0x337/0x6f0 [ 12.913528] ret_from_fork+0x116/0x1d0 [ 12.913707] ret_from_fork_asm+0x1a/0x30 [ 12.913907] [ 12.914003] The buggy address belongs to the object at ffff888102856080 [ 12.914003] which belongs to the cache kmalloc-16 of size 16 [ 12.914538] The buggy address is located 8 bytes inside of [ 12.914538] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 12.915042] [ 12.915120] The buggy address belongs to the physical page: [ 12.915298] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 12.915681] flags: 0x200000000000000(node=0|zone=2) [ 12.915923] page_type: f5(slab) [ 12.916093] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.916371] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.916606] page dumped because: kasan: bad access detected [ 12.917044] [ 12.917206] Memory state around the buggy address: [ 12.917443] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.917874] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.918214] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.918435] ^ [ 12.918618] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.919022] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.919347] ================================================================== [ 12.985006] ================================================================== [ 12.985342] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 12.985728] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 12.986005] [ 12.986090] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.986220] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.986237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.986259] Call Trace: [ 12.986275] <TASK> [ 12.986290] dump_stack_lvl+0x73/0xb0 [ 12.986315] print_report+0xd1/0x650 [ 12.986337] ? __virt_addr_valid+0x1db/0x2d0 [ 12.986360] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 12.986386] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.986409] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 12.986435] kasan_report+0x141/0x180 [ 12.986457] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 12.986490] kasan_check_range+0x10c/0x1c0 [ 12.986513] __kasan_check_write+0x18/0x20 [ 12.986539] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 12.986566] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 12.986593] ? __kmalloc_cache_noprof+0x189/0x420 [ 12.986627] ? trace_hardirqs_on+0x37/0xe0 [ 12.986649] ? kasan_bitops_generic+0x92/0x1c0 [ 12.986673] kasan_bitops_generic+0x116/0x1c0 [ 12.986694] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 12.986717] ? __pfx_read_tsc+0x10/0x10 [ 12.986737] ? ktime_get_ts64+0x86/0x230 [ 12.986761] kunit_try_run_case+0x1a5/0x480 [ 12.986782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.986802] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.986827] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.986851] ? __kthread_parkme+0x82/0x180 [ 12.986872] ? preempt_count_sub+0x50/0x80 [ 12.986896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.986917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.986941] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.987028] kthread+0x337/0x6f0 [ 12.987050] ? trace_preempt_on+0x20/0xc0 [ 12.987072] ? __pfx_kthread+0x10/0x10 [ 12.987093] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.987116] ? calculate_sigpending+0x7b/0xa0 [ 12.987141] ? __pfx_kthread+0x10/0x10 [ 12.987163] ret_from_fork+0x116/0x1d0 [ 12.987181] ? __pfx_kthread+0x10/0x10 [ 12.987201] ret_from_fork_asm+0x1a/0x30 [ 12.987232] </TASK> [ 12.987242] [ 12.999279] Allocated by task 278: [ 12.999463] kasan_save_stack+0x45/0x70 [ 12.999831] kasan_save_track+0x18/0x40 [ 13.000038] kasan_save_alloc_info+0x3b/0x50 [ 13.000241] __kasan_kmalloc+0xb7/0xc0 [ 13.000423] __kmalloc_cache_noprof+0x189/0x420 [ 13.000643] kasan_bitops_generic+0x92/0x1c0 [ 13.001005] kunit_try_run_case+0x1a5/0x480 [ 13.001179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.001402] kthread+0x337/0x6f0 [ 13.001582] ret_from_fork+0x116/0x1d0 [ 13.001770] ret_from_fork_asm+0x1a/0x30 [ 13.002110] [ 13.002219] The buggy address belongs to the object at ffff888102856080 [ 13.002219] which belongs to the cache kmalloc-16 of size 16 [ 13.002683] The buggy address is located 8 bytes inside of [ 13.002683] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 13.003306] [ 13.003461] The buggy address belongs to the physical page: [ 13.003893] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 13.004163] flags: 0x200000000000000(node=0|zone=2) [ 13.004592] page_type: f5(slab) [ 13.004758] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.005219] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.005495] page dumped because: kasan: bad access detected [ 13.006023] [ 13.006117] Memory state around the buggy address: [ 13.006583] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.006989] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.007232] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.007537] ^ [ 13.007728] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.008196] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.008472] ================================================================== [ 13.034406] ================================================================== [ 13.034735] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.035152] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 13.036065] [ 13.036177] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 13.036225] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.036238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.036259] Call Trace: [ 13.036278] <TASK> [ 13.036294] dump_stack_lvl+0x73/0xb0 [ 13.036472] print_report+0xd1/0x650 [ 13.036496] ? __virt_addr_valid+0x1db/0x2d0 [ 13.036519] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.036545] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.036568] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.036595] kasan_report+0x141/0x180 [ 13.036632] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.036663] kasan_check_range+0x10c/0x1c0 [ 13.036688] __kasan_check_write+0x18/0x20 [ 13.036708] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.036734] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.036831] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.036853] ? trace_hardirqs_on+0x37/0xe0 [ 13.036874] ? kasan_bitops_generic+0x92/0x1c0 [ 13.036899] kasan_bitops_generic+0x116/0x1c0 [ 13.036920] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.036941] ? __pfx_read_tsc+0x10/0x10 [ 13.036962] ? ktime_get_ts64+0x86/0x230 [ 13.036990] kunit_try_run_case+0x1a5/0x480 [ 13.037012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.037032] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.037057] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.037082] ? __kthread_parkme+0x82/0x180 [ 13.037103] ? preempt_count_sub+0x50/0x80 [ 13.037126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.037147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.037172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.037197] kthread+0x337/0x6f0 [ 13.037216] ? trace_preempt_on+0x20/0xc0 [ 13.037238] ? __pfx_kthread+0x10/0x10 [ 13.037260] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.037282] ? calculate_sigpending+0x7b/0xa0 [ 13.037306] ? __pfx_kthread+0x10/0x10 [ 13.037328] ret_from_fork+0x116/0x1d0 [ 13.037347] ? __pfx_kthread+0x10/0x10 [ 13.037369] ret_from_fork_asm+0x1a/0x30 [ 13.037399] </TASK> [ 13.037410] [ 13.049315] Allocated by task 278: [ 13.049568] kasan_save_stack+0x45/0x70 [ 13.049990] kasan_save_track+0x18/0x40 [ 13.050201] kasan_save_alloc_info+0x3b/0x50 [ 13.050370] __kasan_kmalloc+0xb7/0xc0 [ 13.050575] __kmalloc_cache_noprof+0x189/0x420 [ 13.051123] kasan_bitops_generic+0x92/0x1c0 [ 13.051406] kunit_try_run_case+0x1a5/0x480 [ 13.051683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.052067] kthread+0x337/0x6f0 [ 13.052249] ret_from_fork+0x116/0x1d0 [ 13.052428] ret_from_fork_asm+0x1a/0x30 [ 13.052593] [ 13.052702] The buggy address belongs to the object at ffff888102856080 [ 13.052702] which belongs to the cache kmalloc-16 of size 16 [ 13.053587] The buggy address is located 8 bytes inside of [ 13.053587] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 13.054171] [ 13.054600] The buggy address belongs to the physical page: [ 13.054836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 13.055404] flags: 0x200000000000000(node=0|zone=2) [ 13.055715] page_type: f5(slab) [ 13.055952] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.056493] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.056971] page dumped because: kasan: bad access detected [ 13.057225] [ 13.057304] Memory state around the buggy address: [ 13.057518] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.058245] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.058544] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.059038] ^ [ 13.059198] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.059627] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.060067] ================================================================== [ 12.940295] ================================================================== [ 12.940653] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 12.941238] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 12.941564] [ 12.941676] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.941723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.941757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.941778] Call Trace: [ 12.941792] <TASK> [ 12.941807] dump_stack_lvl+0x73/0xb0 [ 12.941917] print_report+0xd1/0x650 [ 12.941942] ? __virt_addr_valid+0x1db/0x2d0 [ 12.942071] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 12.942098] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.942121] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 12.942165] kasan_report+0x141/0x180 [ 12.942188] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 12.942218] kasan_check_range+0x10c/0x1c0 [ 12.942243] __kasan_check_write+0x18/0x20 [ 12.942263] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 12.942291] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 12.942318] ? __kmalloc_cache_noprof+0x189/0x420 [ 12.942340] ? trace_hardirqs_on+0x37/0xe0 [ 12.942361] ? kasan_bitops_generic+0x92/0x1c0 [ 12.942385] kasan_bitops_generic+0x116/0x1c0 [ 12.942425] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 12.942447] ? __pfx_read_tsc+0x10/0x10 [ 12.942468] ? ktime_get_ts64+0x86/0x230 [ 12.942492] kunit_try_run_case+0x1a5/0x480 [ 12.942513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.942540] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.942564] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.942589] ? __kthread_parkme+0x82/0x180 [ 12.942621] ? preempt_count_sub+0x50/0x80 [ 12.942644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.942665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.942689] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.942714] kthread+0x337/0x6f0 [ 12.942733] ? trace_preempt_on+0x20/0xc0 [ 12.942816] ? __pfx_kthread+0x10/0x10 [ 12.942838] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.942862] ? calculate_sigpending+0x7b/0xa0 [ 12.942884] ? __pfx_kthread+0x10/0x10 [ 12.942907] ret_from_fork+0x116/0x1d0 [ 12.942925] ? __pfx_kthread+0x10/0x10 [ 12.942947] ret_from_fork_asm+0x1a/0x30 [ 12.942977] </TASK> [ 12.942987] [ 12.955239] Allocated by task 278: [ 12.955505] kasan_save_stack+0x45/0x70 [ 12.955703] kasan_save_track+0x18/0x40 [ 12.956151] kasan_save_alloc_info+0x3b/0x50 [ 12.956404] __kasan_kmalloc+0xb7/0xc0 [ 12.956599] __kmalloc_cache_noprof+0x189/0x420 [ 12.957079] kasan_bitops_generic+0x92/0x1c0 [ 12.957381] kunit_try_run_case+0x1a5/0x480 [ 12.957558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.958192] kthread+0x337/0x6f0 [ 12.958359] ret_from_fork+0x116/0x1d0 [ 12.958559] ret_from_fork_asm+0x1a/0x30 [ 12.958752] [ 12.958863] The buggy address belongs to the object at ffff888102856080 [ 12.958863] which belongs to the cache kmalloc-16 of size 16 [ 12.959337] The buggy address is located 8 bytes inside of [ 12.959337] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 12.959957] [ 12.960070] The buggy address belongs to the physical page: [ 12.960288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 12.960604] flags: 0x200000000000000(node=0|zone=2) [ 12.960910] page_type: f5(slab) [ 12.961074] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.961511] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.961875] page dumped because: kasan: bad access detected [ 12.962085] [ 12.962183] Memory state around the buggy address: [ 12.962402] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.962682] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.963101] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.963386] ^ [ 12.963555] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.963830] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.964149] ================================================================== [ 12.919835] ================================================================== [ 12.920104] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 12.920444] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 12.920911] [ 12.921396] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.921443] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.921456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.921476] Call Trace: [ 12.921487] <TASK> [ 12.921500] dump_stack_lvl+0x73/0xb0 [ 12.921526] print_report+0xd1/0x650 [ 12.921548] ? __virt_addr_valid+0x1db/0x2d0 [ 12.921571] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 12.921597] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.921636] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 12.921663] kasan_report+0x141/0x180 [ 12.921686] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 12.921717] kasan_check_range+0x10c/0x1c0 [ 12.921742] __kasan_check_write+0x18/0x20 [ 12.921775] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 12.921802] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 12.921829] ? __kmalloc_cache_noprof+0x189/0x420 [ 12.921850] ? trace_hardirqs_on+0x37/0xe0 [ 12.921872] ? kasan_bitops_generic+0x92/0x1c0 [ 12.921897] kasan_bitops_generic+0x116/0x1c0 [ 12.921919] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 12.921941] ? __pfx_read_tsc+0x10/0x10 [ 12.921962] ? ktime_get_ts64+0x86/0x230 [ 12.921986] kunit_try_run_case+0x1a5/0x480 [ 12.922007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.922027] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.922051] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.922076] ? __kthread_parkme+0x82/0x180 [ 12.922095] ? preempt_count_sub+0x50/0x80 [ 12.922118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.922140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.922165] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.922190] kthread+0x337/0x6f0 [ 12.922209] ? trace_preempt_on+0x20/0xc0 [ 12.922231] ? __pfx_kthread+0x10/0x10 [ 12.922252] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.922275] ? calculate_sigpending+0x7b/0xa0 [ 12.922298] ? __pfx_kthread+0x10/0x10 [ 12.922320] ret_from_fork+0x116/0x1d0 [ 12.922338] ? __pfx_kthread+0x10/0x10 [ 12.922360] ret_from_fork_asm+0x1a/0x30 [ 12.922389] </TASK> [ 12.922399] [ 12.931091] Allocated by task 278: [ 12.931247] kasan_save_stack+0x45/0x70 [ 12.931431] kasan_save_track+0x18/0x40 [ 12.931572] kasan_save_alloc_info+0x3b/0x50 [ 12.931930] __kasan_kmalloc+0xb7/0xc0 [ 12.932201] __kmalloc_cache_noprof+0x189/0x420 [ 12.932428] kasan_bitops_generic+0x92/0x1c0 [ 12.932654] kunit_try_run_case+0x1a5/0x480 [ 12.932972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.933211] kthread+0x337/0x6f0 [ 12.933390] ret_from_fork+0x116/0x1d0 [ 12.933562] ret_from_fork_asm+0x1a/0x30 [ 12.933773] [ 12.933855] The buggy address belongs to the object at ffff888102856080 [ 12.933855] which belongs to the cache kmalloc-16 of size 16 [ 12.934218] The buggy address is located 8 bytes inside of [ 12.934218] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 12.934686] [ 12.934780] The buggy address belongs to the physical page: [ 12.935034] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 12.935485] flags: 0x200000000000000(node=0|zone=2) [ 12.935951] page_type: f5(slab) [ 12.936122] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.936449] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.936770] page dumped because: kasan: bad access detected [ 12.937024] [ 12.937216] Memory state around the buggy address: [ 12.937383] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.937685] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.938195] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.938410] ^ [ 12.938544] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.939119] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.939535] ================================================================== [ 12.879714] ================================================================== [ 12.880366] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 12.880745] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 12.881305] [ 12.881420] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.881467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.881480] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.881502] Call Trace: [ 12.881514] <TASK> [ 12.881529] dump_stack_lvl+0x73/0xb0 [ 12.881556] print_report+0xd1/0x650 [ 12.881579] ? __virt_addr_valid+0x1db/0x2d0 [ 12.881602] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 12.881641] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.881665] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 12.881691] kasan_report+0x141/0x180 [ 12.881714] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 12.881746] kasan_check_range+0x10c/0x1c0 [ 12.881770] __kasan_check_write+0x18/0x20 [ 12.881856] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 12.881882] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 12.881909] ? __kmalloc_cache_noprof+0x189/0x420 [ 12.881932] ? trace_hardirqs_on+0x37/0xe0 [ 12.881954] ? kasan_bitops_generic+0x92/0x1c0 [ 12.881977] kasan_bitops_generic+0x116/0x1c0 [ 12.881998] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 12.882019] ? __pfx_read_tsc+0x10/0x10 [ 12.882040] ? ktime_get_ts64+0x86/0x230 [ 12.882064] kunit_try_run_case+0x1a5/0x480 [ 12.882086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.882106] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.882130] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.882155] ? __kthread_parkme+0x82/0x180 [ 12.882175] ? preempt_count_sub+0x50/0x80 [ 12.882199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.882220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.882244] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.882269] kthread+0x337/0x6f0 [ 12.882288] ? trace_preempt_on+0x20/0xc0 [ 12.882311] ? __pfx_kthread+0x10/0x10 [ 12.882332] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.882355] ? calculate_sigpending+0x7b/0xa0 [ 12.882379] ? __pfx_kthread+0x10/0x10 [ 12.882400] ret_from_fork+0x116/0x1d0 [ 12.882419] ? __pfx_kthread+0x10/0x10 [ 12.882440] ret_from_fork_asm+0x1a/0x30 [ 12.882470] </TASK> [ 12.882481] [ 12.891243] Allocated by task 278: [ 12.891418] kasan_save_stack+0x45/0x70 [ 12.891571] kasan_save_track+0x18/0x40 [ 12.891726] kasan_save_alloc_info+0x3b/0x50 [ 12.892108] __kasan_kmalloc+0xb7/0xc0 [ 12.892320] __kmalloc_cache_noprof+0x189/0x420 [ 12.892542] kasan_bitops_generic+0x92/0x1c0 [ 12.892774] kunit_try_run_case+0x1a5/0x480 [ 12.892962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.893291] kthread+0x337/0x6f0 [ 12.893421] ret_from_fork+0x116/0x1d0 [ 12.893628] ret_from_fork_asm+0x1a/0x30 [ 12.893927] [ 12.894022] The buggy address belongs to the object at ffff888102856080 [ 12.894022] which belongs to the cache kmalloc-16 of size 16 [ 12.894472] The buggy address is located 8 bytes inside of [ 12.894472] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 12.895150] [ 12.895262] The buggy address belongs to the physical page: [ 12.895465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 12.895728] flags: 0x200000000000000(node=0|zone=2) [ 12.895899] page_type: f5(slab) [ 12.896062] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.896408] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.897073] page dumped because: kasan: bad access detected [ 12.897265] [ 12.897338] Memory state around the buggy address: [ 12.897500] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.897943] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.898281] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.898626] ^ [ 12.898899] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.899236] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.899532] ================================================================== [ 12.964513] ================================================================== [ 12.965100] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 12.965406] Write of size 8 at addr ffff888102856088 by task kunit_try_catch/278 [ 12.965755] [ 12.965917] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250529 #1 PREEMPT(voluntary) [ 12.965962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.965975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.965996] Call Trace: [ 12.966012] <TASK> [ 12.966025] dump_stack_lvl+0x73/0xb0 [ 12.966051] print_report+0xd1/0x650 [ 12.966073] ? __virt_addr_valid+0x1db/0x2d0 [ 12.966096] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 12.966122] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.966145] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 12.966172] kasan_report+0x141/0x180 [ 12.966195] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 12.966226] kasan_check_range+0x10c/0x1c0 [ 12.966250] __kasan_check_write+0x18/0x20 [ 12.966270] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 12.966296] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 12.966323] ? __kmalloc_cache_noprof+0x189/0x420 [ 12.966345] ? trace_hardirqs_on+0x37/0xe0 [ 12.966365] ? kasan_bitops_generic+0x92/0x1c0 [ 12.966390] kasan_bitops_generic+0x116/0x1c0 [ 12.966410] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 12.966431] ? __pfx_read_tsc+0x10/0x10 [ 12.966452] ? ktime_get_ts64+0x86/0x230 [ 12.966476] kunit_try_run_case+0x1a5/0x480 [ 12.966497] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.966517] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.966547] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.966573] ? __kthread_parkme+0x82/0x180 [ 12.966594] ? preempt_count_sub+0x50/0x80 [ 12.966628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.966650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.966675] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.966700] kthread+0x337/0x6f0 [ 12.966719] ? trace_preempt_on+0x20/0xc0 [ 12.966742] ? __pfx_kthread+0x10/0x10 [ 12.966762] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.966785] ? calculate_sigpending+0x7b/0xa0 [ 12.966809] ? __pfx_kthread+0x10/0x10 [ 12.966830] ret_from_fork+0x116/0x1d0 [ 12.966850] ? __pfx_kthread+0x10/0x10 [ 12.966871] ret_from_fork_asm+0x1a/0x30 [ 12.966901] </TASK> [ 12.966912] [ 12.975493] Allocated by task 278: [ 12.975745] kasan_save_stack+0x45/0x70 [ 12.976142] kasan_save_track+0x18/0x40 [ 12.976323] kasan_save_alloc_info+0x3b/0x50 [ 12.976515] __kasan_kmalloc+0xb7/0xc0 [ 12.976712] __kmalloc_cache_noprof+0x189/0x420 [ 12.976968] kasan_bitops_generic+0x92/0x1c0 [ 12.977120] kunit_try_run_case+0x1a5/0x480 [ 12.977383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.977872] kthread+0x337/0x6f0 [ 12.978004] ret_from_fork+0x116/0x1d0 [ 12.978146] ret_from_fork_asm+0x1a/0x30 [ 12.978347] [ 12.978446] The buggy address belongs to the object at ffff888102856080 [ 12.978446] which belongs to the cache kmalloc-16 of size 16 [ 12.979076] The buggy address is located 8 bytes inside of [ 12.979076] allocated 9-byte region [ffff888102856080, ffff888102856089) [ 12.979489] [ 12.979562] The buggy address belongs to the physical page: [ 12.979753] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102856 [ 12.980098] flags: 0x200000000000000(node=0|zone=2) [ 12.980334] page_type: f5(slab) [ 12.980801] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.981463] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.981719] page dumped because: kasan: bad access detected [ 12.982099] [ 12.982203] Memory state around the buggy address: [ 12.982543] ffff888102855f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.982930] ffff888102856000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.983186] >ffff888102856080: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.983447] ^ [ 12.983634] ffff888102856100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.984369] ffff888102856180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.984629] ==================================================================