Date
June 3, 2025, 7:38 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 20.749832] ================================================================== [ 20.749888] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 20.750021] Read of size 8 at addr fff00000c4473c08 by task kunit_try_catch/261 [ 20.750185] [ 20.750281] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250603 #1 PREEMPT [ 20.750402] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.750458] Hardware name: linux,dummy-virt (DT) [ 20.750493] Call trace: [ 20.750534] show_stack+0x20/0x38 (C) [ 20.750585] dump_stack_lvl+0x8c/0xd0 [ 20.750652] print_report+0x118/0x608 [ 20.750728] kasan_report+0xdc/0x128 [ 20.750793] __asan_report_load8_noabort+0x20/0x30 [ 20.750873] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 20.750926] kasan_bitops_generic+0x110/0x1c8 [ 20.750982] kunit_try_run_case+0x170/0x3f0 [ 20.751033] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.751088] kthread+0x328/0x630 [ 20.751502] ret_from_fork+0x10/0x20 [ 20.751652] [ 20.751741] Allocated by task 261: [ 20.751820] kasan_save_stack+0x3c/0x68 [ 20.751973] kasan_save_track+0x20/0x40 [ 20.752071] kasan_save_alloc_info+0x40/0x58 [ 20.752193] __kasan_kmalloc+0xd4/0xd8 [ 20.752253] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.752292] kasan_bitops_generic+0xa0/0x1c8 [ 20.752333] kunit_try_run_case+0x170/0x3f0 [ 20.752657] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.752724] kthread+0x328/0x630 [ 20.753021] ret_from_fork+0x10/0x20 [ 20.753095] [ 20.753168] The buggy address belongs to the object at fff00000c4473c00 [ 20.753168] which belongs to the cache kmalloc-16 of size 16 [ 20.753256] The buggy address is located 8 bytes inside of [ 20.753256] allocated 9-byte region [fff00000c4473c00, fff00000c4473c09) [ 20.753361] [ 20.753470] The buggy address belongs to the physical page: [ 20.753537] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104473 [ 20.753595] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.753925] page_type: f5(slab) [ 20.754002] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.754099] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.754186] page dumped because: kasan: bad access detected [ 20.754301] [ 20.754380] Memory state around the buggy address: [ 20.754451] fff00000c4473b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.754502] fff00000c4473b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.754548] >fff00000c4473c00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.754589] ^ [ 20.754619] fff00000c4473c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.754664] fff00000c4473d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.754726] ================================================================== [ 20.759231] ================================================================== [ 20.759271] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 20.759330] Read of size 8 at addr fff00000c4473c08 by task kunit_try_catch/261 [ 20.759416] [ 20.759460] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250603 #1 PREEMPT [ 20.759789] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.760034] Hardware name: linux,dummy-virt (DT) [ 20.760100] Call trace: [ 20.760183] show_stack+0x20/0x38 (C) [ 20.760868] kasan_bitops_generic+0x110/0x1c8 [ 20.762561] [ 20.762999] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.764034] fff00000c4473d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.765853] kasan_check_range+0x100/0x1a8 [ 20.768716] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.777506] page dumped because: kasan: bad access detected [ 20.779413] >fff00000c4473c00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.781880] [ 20.782639] dump_stack_lvl+0x8c/0xd0 [ 20.783259] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.784520] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.785076] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.786365] fff00000c4473d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.787478] show_stack+0x20/0x38 (C) [ 20.788690] [ 20.789823] kthread+0x328/0x630 [ 20.790695] >fff00000c4473c00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.791031] fff00000c4473c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.792588] dump_stack_lvl+0x8c/0xd0 [ 20.793200] kthread+0x328/0x630 [ 20.793808] [ 20.794078] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.794982] ^ [ 20.795625] Write of size 8 at addr fff00000c4473c08 by task kunit_try_catch/261 [ 20.796285] kasan_report+0xdc/0x128 [ 20.797743] kasan_save_alloc_info+0x40/0x58 [ 20.800189] fff00000c4473c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.801363] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 20.801839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.802023] dump_stack_lvl+0x8c/0xd0 [ 20.802220] __asan_report_load8_noabort+0x20/0x30 [ 20.803290] kunit_try_run_case+0x170/0x3f0 [ 20.805093] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.805634] fff00000c4473b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.806364] ================================================================== [ 20.755707] ================================================================== [ 20.755764] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 20.755816] Write of size 8 at addr fff00000c4473c08 by task kunit_try_catch/261 [ 20.755867] [ 20.755899] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250603 #1 PREEMPT [ 20.756138] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.756205] Hardware name: linux,dummy-virt (DT) [ 20.756239] Call trace: [ 20.756287] show_stack+0x20/0x38 (C) [ 20.756339] dump_stack_lvl+0x8c/0xd0 [ 20.756406] print_report+0x118/0x608 [ 20.756526] kasan_report+0xdc/0x128 [ 20.756592] kasan_check_range+0x100/0x1a8 [ 20.756656] __kasan_check_write+0x20/0x30 [ 20.756704] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 20.756999] kasan_bitops_generic+0x110/0x1c8 [ 20.757094] kunit_try_run_case+0x170/0x3f0 [ 20.757146] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.757230] kthread+0x328/0x630 [ 20.757275] ret_from_fork+0x10/0x20 [ 20.757369] [ 20.757408] Allocated by task 261: [ 20.757468] kasan_save_stack+0x3c/0x68 [ 20.757513] kasan_save_track+0x20/0x40 [ 20.757588] kasan_save_alloc_info+0x40/0x58 [ 20.757634] __kasan_kmalloc+0xd4/0xd8 [ 20.757691] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.757745] kasan_bitops_generic+0xa0/0x1c8 [ 20.757900] kunit_try_run_case+0x170/0x3f0 [ 20.757944] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.758092] kthread+0x328/0x630 [ 20.758209] ret_from_fork+0x10/0x20 [ 20.758258] [ 20.758286] The buggy address belongs to the object at fff00000c4473c00 [ 20.758286] which belongs to the cache kmalloc-16 of size 16 [ 20.758346] The buggy address is located 8 bytes inside of [ 20.758346] allocated 9-byte region [fff00000c4473c00, fff00000c4473c09) [ 20.758409] [ 20.758443] The buggy address belongs to the physical page: [ 20.758475] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104473 [ 20.758527] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.758576] page_type: f5(slab) [ 20.758629] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.758691] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.758740] page dumped because: kasan: bad access detected [ 20.758782] [ 20.758805] Memory state around the buggy address: [ 20.758839] fff00000c4473b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.758891] fff00000c4473b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.758936] >fff00000c4473c00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.758987] ^ [ 20.759016] fff00000c4473c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.759060] fff00000c4473d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.759110] ================================================================== [ 20.743230] ================================================================== [ 20.743325] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 20.743484] Write of size 8 at addr fff00000c4473c08 by task kunit_try_catch/261 [ 20.743572] [ 20.743609] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250603 #1 PREEMPT [ 20.743914] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.744078] Hardware name: linux,dummy-virt (DT) [ 20.744193] Call trace: [ 20.744234] show_stack+0x20/0x38 (C) [ 20.744315] dump_stack_lvl+0x8c/0xd0 [ 20.744630] print_report+0x118/0x608 [ 20.744770] kasan_report+0xdc/0x128 [ 20.744864] kasan_check_range+0x100/0x1a8 [ 20.744916] __kasan_check_write+0x20/0x30 [ 20.745224] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 20.745563] kasan_bitops_generic+0x110/0x1c8 [ 20.745650] kunit_try_run_case+0x170/0x3f0 [ 20.745717] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.745773] kthread+0x328/0x630 [ 20.745819] ret_from_fork+0x10/0x20 [ 20.745877] [ 20.745901] Allocated by task 261: [ 20.745931] kasan_save_stack+0x3c/0x68 [ 20.745975] kasan_save_track+0x20/0x40 [ 20.746025] kasan_save_alloc_info+0x40/0x58 [ 20.746062] __kasan_kmalloc+0xd4/0xd8 [ 20.746100] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.746152] kasan_bitops_generic+0xa0/0x1c8 [ 20.746193] kunit_try_run_case+0x170/0x3f0 [ 20.746240] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.746291] kthread+0x328/0x630 [ 20.746326] ret_from_fork+0x10/0x20 [ 20.746365] [ 20.746395] The buggy address belongs to the object at fff00000c4473c00 [ 20.746395] which belongs to the cache kmalloc-16 of size 16 [ 20.746466] The buggy address is located 8 bytes inside of [ 20.746466] allocated 9-byte region [fff00000c4473c00, fff00000c4473c09) [ 20.746531] [ 20.746554] The buggy address belongs to the physical page: [ 20.746589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104473 [ 20.746775] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.747049] page_type: f5(slab) [ 20.747247] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.747373] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.747606] page dumped because: kasan: bad access detected [ 20.747687] [ 20.747720] Memory state around the buggy address: [ 20.747793] fff00000c4473b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.747862] fff00000c4473b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.747907] >fff00000c4473c00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.747945] ^ [ 20.748039] fff00000c4473c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.748203] fff00000c4473d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.748296] ==================================================================
[ 17.105579] ================================================================== [ 17.106220] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 17.107558] Write of size 8 at addr ffff8881023809a8 by task kunit_try_catch/278 [ 17.108275] [ 17.108581] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250603 #1 PREEMPT(voluntary) [ 17.108741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.108771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.108820] Call Trace: [ 17.108859] <TASK> [ 17.108900] dump_stack_lvl+0x73/0xb0 [ 17.108967] print_report+0xd1/0x650 [ 17.109020] ? __virt_addr_valid+0x1db/0x2d0 [ 17.109072] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 17.109372] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.109425] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 17.109482] kasan_report+0x141/0x180 [ 17.109561] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 17.109621] kasan_check_range+0x10c/0x1c0 [ 17.109673] __kasan_check_write+0x18/0x20 [ 17.109716] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 17.109773] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 17.109831] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.109885] ? kasan_bitops_generic+0x92/0x1c0 [ 17.109949] kasan_bitops_generic+0x116/0x1c0 [ 17.110000] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 17.110102] ? __pfx_read_tsc+0x10/0x10 [ 17.110150] ? ktime_get_ts64+0x86/0x230 [ 17.110203] kunit_try_run_case+0x1a5/0x480 [ 17.110250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.110293] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.110350] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.110410] ? __kthread_parkme+0x82/0x180 [ 17.110471] ? preempt_count_sub+0x50/0x80 [ 17.110526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.110566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.110608] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.110654] kthread+0x337/0x6f0 [ 17.110695] ? trace_preempt_on+0x20/0xc0 [ 17.110737] ? __pfx_kthread+0x10/0x10 [ 17.110775] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.110815] ? calculate_sigpending+0x7b/0xa0 [ 17.110865] ? __pfx_kthread+0x10/0x10 [ 17.110906] ret_from_fork+0x116/0x1d0 [ 17.110943] ? __pfx_kthread+0x10/0x10 [ 17.110976] ret_from_fork_asm+0x1a/0x30 [ 17.112008] </TASK> [ 17.112037] [ 17.126705] Allocated by task 278: [ 17.126948] kasan_save_stack+0x45/0x70 [ 17.127186] kasan_save_track+0x18/0x40 [ 17.127382] kasan_save_alloc_info+0x3b/0x50 [ 17.127601] __kasan_kmalloc+0xb7/0xc0 [ 17.127782] __kmalloc_cache_noprof+0x189/0x420 [ 17.127977] kasan_bitops_generic+0x92/0x1c0 [ 17.128425] kunit_try_run_case+0x1a5/0x480 [ 17.128881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.129135] kthread+0x337/0x6f0 [ 17.129315] ret_from_fork+0x116/0x1d0 [ 17.129524] ret_from_fork_asm+0x1a/0x30 [ 17.129734] [ 17.129863] The buggy address belongs to the object at ffff8881023809a0 [ 17.129863] which belongs to the cache kmalloc-16 of size 16 [ 17.130251] The buggy address is located 8 bytes inside of [ 17.130251] allocated 9-byte region [ffff8881023809a0, ffff8881023809a9) [ 17.130660] [ 17.132361] The buggy address belongs to the physical page: [ 17.134198] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102380 [ 17.134878] flags: 0x200000000000000(node=0|zone=2) [ 17.135730] page_type: f5(slab) [ 17.136074] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.137671] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.138518] page dumped because: kasan: bad access detected [ 17.139089] [ 17.139317] Memory state around the buggy address: [ 17.139980] ffff888102380880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 17.141075] ffff888102380900: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 17.142228] >ffff888102380980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.142681] ^ [ 17.143517] ffff888102380a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.144170] ffff888102380a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.144677] ================================================================== [ 17.063618] ================================================================== [ 17.064488] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 17.065153] Write of size 8 at addr ffff8881023809a8 by task kunit_try_catch/278 [ 17.065870] [ 17.066469] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250603 #1 PREEMPT(voluntary) [ 17.066872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.066908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.066962] Call Trace: [ 17.067011] <TASK> [ 17.067052] dump_stack_lvl+0x73/0xb0 [ 17.067119] print_report+0xd1/0x650 [ 17.067150] ? __virt_addr_valid+0x1db/0x2d0 [ 17.067178] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 17.067217] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.067307] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 17.067365] kasan_report+0x141/0x180 [ 17.067404] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 17.067468] kasan_check_range+0x10c/0x1c0 [ 17.067514] __kasan_check_write+0x18/0x20 [ 17.067549] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 17.067614] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 17.067663] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.067775] ? kasan_bitops_generic+0x92/0x1c0 [ 17.067812] kasan_bitops_generic+0x116/0x1c0 [ 17.067841] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 17.067871] ? __pfx_read_tsc+0x10/0x10 [ 17.067898] ? ktime_get_ts64+0x86/0x230 [ 17.067930] kunit_try_run_case+0x1a5/0x480 [ 17.067955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.067978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.068008] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.068036] ? __kthread_parkme+0x82/0x180 [ 17.068060] ? preempt_count_sub+0x50/0x80 [ 17.068087] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.068111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.068139] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.068168] kthread+0x337/0x6f0 [ 17.068193] ? trace_preempt_on+0x20/0xc0 [ 17.068249] ? __pfx_kthread+0x10/0x10 [ 17.068274] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.068300] ? calculate_sigpending+0x7b/0xa0 [ 17.068331] ? __pfx_kthread+0x10/0x10 [ 17.068356] ret_from_fork+0x116/0x1d0 [ 17.068378] ? __pfx_kthread+0x10/0x10 [ 17.068402] ret_from_fork_asm+0x1a/0x30 [ 17.068439] </TASK> [ 17.068468] [ 17.085665] Allocated by task 278: [ 17.086345] kasan_save_stack+0x45/0x70 [ 17.086779] kasan_save_track+0x18/0x40 [ 17.087112] kasan_save_alloc_info+0x3b/0x50 [ 17.087980] __kasan_kmalloc+0xb7/0xc0 [ 17.088513] __kmalloc_cache_noprof+0x189/0x420 [ 17.088911] kasan_bitops_generic+0x92/0x1c0 [ 17.089605] kunit_try_run_case+0x1a5/0x480 [ 17.090419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.090668] kthread+0x337/0x6f0 [ 17.091007] ret_from_fork+0x116/0x1d0 [ 17.091697] ret_from_fork_asm+0x1a/0x30 [ 17.092179] [ 17.092572] The buggy address belongs to the object at ffff8881023809a0 [ 17.092572] which belongs to the cache kmalloc-16 of size 16 [ 17.093269] The buggy address is located 8 bytes inside of [ 17.093269] allocated 9-byte region [ffff8881023809a0, ffff8881023809a9) [ 17.094321] [ 17.094672] The buggy address belongs to the physical page: [ 17.095572] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102380 [ 17.096110] flags: 0x200000000000000(node=0|zone=2) [ 17.096801] page_type: f5(slab) [ 17.097058] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.098249] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.098949] page dumped because: kasan: bad access detected [ 17.099402] [ 17.099528] Memory state around the buggy address: [ 17.099932] ffff888102380880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 17.100796] ffff888102380900: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 17.101341] >ffff888102380980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.101969] ^ [ 17.102757] ffff888102380a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.103129] ffff888102380a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.104048] ================================================================== [ 17.225597] ================================================================== [ 17.227149] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 17.228118] Write of size 8 at addr ffff8881023809a8 by task kunit_try_catch/278 [ 17.229414] [ 17.229692] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250603 #1 PREEMPT(voluntary) [ 17.229826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.229854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.229900] Call Trace: [ 17.229945] <TASK> [ 17.229987] dump_stack_lvl+0x73/0xb0 [ 17.230068] print_report+0xd1/0x650 [ 17.230119] ? __virt_addr_valid+0x1db/0x2d0 [ 17.230160] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 17.230191] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.230646] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 17.230726] kasan_report+0x141/0x180 [ 17.230771] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 17.230829] kasan_check_range+0x10c/0x1c0 [ 17.230865] __kasan_check_write+0x18/0x20 [ 17.230887] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 17.230917] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 17.230946] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.230971] ? kasan_bitops_generic+0x92/0x1c0 [ 17.231002] kasan_bitops_generic+0x116/0x1c0 [ 17.231029] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 17.231056] ? __pfx_read_tsc+0x10/0x10 [ 17.231081] ? ktime_get_ts64+0x86/0x230 [ 17.231109] kunit_try_run_case+0x1a5/0x480 [ 17.231134] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.231157] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.231185] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.231226] ? __kthread_parkme+0x82/0x180 [ 17.231251] ? preempt_count_sub+0x50/0x80 [ 17.231278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.231303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.231331] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.231377] kthread+0x337/0x6f0 [ 17.231401] ? trace_preempt_on+0x20/0xc0 [ 17.231428] ? __pfx_kthread+0x10/0x10 [ 17.231451] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.231493] ? calculate_sigpending+0x7b/0xa0 [ 17.231524] ? __pfx_kthread+0x10/0x10 [ 17.231548] ret_from_fork+0x116/0x1d0 [ 17.231570] ? __pfx_kthread+0x10/0x10 [ 17.231594] ret_from_fork_asm+0x1a/0x30 [ 17.231630] </TASK> [ 17.231645] [ 17.248434] Allocated by task 278: [ 17.248947] kasan_save_stack+0x45/0x70 [ 17.249478] kasan_save_track+0x18/0x40 [ 17.249957] kasan_save_alloc_info+0x3b/0x50 [ 17.250295] __kasan_kmalloc+0xb7/0xc0 [ 17.251271] __kmalloc_cache_noprof+0x189/0x420 [ 17.251963] kasan_bitops_generic+0x92/0x1c0 [ 17.252626] kunit_try_run_case+0x1a5/0x480 [ 17.253656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.254157] kthread+0x337/0x6f0 [ 17.254567] ret_from_fork+0x116/0x1d0 [ 17.255619] ret_from_fork_asm+0x1a/0x30 [ 17.256308] [ 17.256620] The buggy address belongs to the object at ffff8881023809a0 [ 17.256620] which belongs to the cache kmalloc-16 of size 16 [ 17.257557] The buggy address is located 8 bytes inside of [ 17.257557] allocated 9-byte region [ffff8881023809a0, ffff8881023809a9) [ 17.258608] [ 17.258892] The buggy address belongs to the physical page: [ 17.259287] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102380 [ 17.259596] flags: 0x200000000000000(node=0|zone=2) [ 17.259805] page_type: f5(slab) [ 17.259995] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.260191] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.260346] page dumped because: kasan: bad access detected [ 17.260494] [ 17.260620] Memory state around the buggy address: [ 17.261053] ffff888102380880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 17.261875] ffff888102380900: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 17.262559] >ffff888102380980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.263072] ^ [ 17.263301] ffff888102380a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.263623] ffff888102380a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.263893] ================================================================== [ 17.022296] ================================================================== [ 17.022711] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 17.024068] Write of size 8 at addr ffff8881023809a8 by task kunit_try_catch/278 [ 17.024916] [ 17.025178] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250603 #1 PREEMPT(voluntary) [ 17.025296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.025572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.025630] Call Trace: [ 17.025676] <TASK> [ 17.025748] dump_stack_lvl+0x73/0xb0 [ 17.025832] print_report+0xd1/0x650 [ 17.025865] ? __virt_addr_valid+0x1db/0x2d0 [ 17.025895] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 17.025927] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.025952] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 17.025983] kasan_report+0x141/0x180 [ 17.026008] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 17.026042] kasan_check_range+0x10c/0x1c0 [ 17.026070] __kasan_check_write+0x18/0x20 [ 17.026092] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 17.026121] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 17.026151] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.026177] ? kasan_bitops_generic+0x92/0x1c0 [ 17.026219] kasan_bitops_generic+0x116/0x1c0 [ 17.026260] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 17.026302] ? __pfx_read_tsc+0x10/0x10 [ 17.026341] ? ktime_get_ts64+0x86/0x230 [ 17.026405] kunit_try_run_case+0x1a5/0x480 [ 17.026435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.026478] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.026512] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.026541] ? __kthread_parkme+0x82/0x180 [ 17.026566] ? preempt_count_sub+0x50/0x80 [ 17.026595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.026619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.026649] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.026676] kthread+0x337/0x6f0 [ 17.026726] ? trace_preempt_on+0x20/0xc0 [ 17.026773] ? __pfx_kthread+0x10/0x10 [ 17.026807] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.026833] ? calculate_sigpending+0x7b/0xa0 [ 17.026862] ? __pfx_kthread+0x10/0x10 [ 17.026886] ret_from_fork+0x116/0x1d0 [ 17.026907] ? __pfx_kthread+0x10/0x10 [ 17.026930] ret_from_fork_asm+0x1a/0x30 [ 17.026967] </TASK> [ 17.026981] [ 17.043382] Allocated by task 278: [ 17.044543] kasan_save_stack+0x45/0x70 [ 17.045179] kasan_save_track+0x18/0x40 [ 17.045558] kasan_save_alloc_info+0x3b/0x50 [ 17.045961] __kasan_kmalloc+0xb7/0xc0 [ 17.046333] __kmalloc_cache_noprof+0x189/0x420 [ 17.046842] kasan_bitops_generic+0x92/0x1c0 [ 17.047414] kunit_try_run_case+0x1a5/0x480 [ 17.047735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.048531] kthread+0x337/0x6f0 [ 17.048926] ret_from_fork+0x116/0x1d0 [ 17.049851] ret_from_fork_asm+0x1a/0x30 [ 17.050061] [ 17.050285] The buggy address belongs to the object at ffff8881023809a0 [ 17.050285] which belongs to the cache kmalloc-16 of size 16 [ 17.051422] The buggy address is located 8 bytes inside of [ 17.051422] allocated 9-byte region [ffff8881023809a0, ffff8881023809a9) [ 17.052662] [ 17.052923] The buggy address belongs to the physical page: [ 17.053500] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102380 [ 17.054185] flags: 0x200000000000000(node=0|zone=2) [ 17.054576] page_type: f5(slab) [ 17.054884] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.055861] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.056883] page dumped because: kasan: bad access detected [ 17.057626] [ 17.057997] Memory state around the buggy address: [ 17.058316] ffff888102380880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 17.059147] ffff888102380900: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 17.059537] >ffff888102380980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.060193] ^ [ 17.060740] ffff888102380a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.061635] ffff888102380a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.062194] ================================================================== [ 16.980899] ================================================================== [ 16.982419] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 16.983107] Write of size 8 at addr ffff8881023809a8 by task kunit_try_catch/278 [ 16.983881] [ 16.984063] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250603 #1 PREEMPT(voluntary) [ 16.984887] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.984915] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.984944] Call Trace: [ 16.984962] <TASK> [ 16.984987] dump_stack_lvl+0x73/0xb0 [ 16.985035] print_report+0xd1/0x650 [ 16.985062] ? __virt_addr_valid+0x1db/0x2d0 [ 16.985089] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 16.985119] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.985144] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 16.985173] kasan_report+0x141/0x180 [ 16.985203] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 16.985289] kasan_check_range+0x10c/0x1c0 [ 16.985334] __kasan_check_write+0x18/0x20 [ 16.985372] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 16.985403] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 16.985432] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.985481] ? kasan_bitops_generic+0x92/0x1c0 [ 16.985539] kasan_bitops_generic+0x116/0x1c0 [ 16.985567] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.985596] ? __pfx_read_tsc+0x10/0x10 [ 16.985621] ? ktime_get_ts64+0x86/0x230 [ 16.985651] kunit_try_run_case+0x1a5/0x480 [ 16.985676] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.986021] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.986066] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.986095] ? __kthread_parkme+0x82/0x180 [ 16.986120] ? preempt_count_sub+0x50/0x80 [ 16.986148] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.986172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.986210] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.986263] kthread+0x337/0x6f0 [ 16.986287] ? trace_preempt_on+0x20/0xc0 [ 16.986313] ? __pfx_kthread+0x10/0x10 [ 16.986336] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.986362] ? calculate_sigpending+0x7b/0xa0 [ 16.986389] ? __pfx_kthread+0x10/0x10 [ 16.986412] ret_from_fork+0x116/0x1d0 [ 16.986435] ? __pfx_kthread+0x10/0x10 [ 16.986477] ret_from_fork_asm+0x1a/0x30 [ 16.986515] </TASK> [ 16.986528] [ 17.001330] Allocated by task 278: [ 17.001736] kasan_save_stack+0x45/0x70 [ 17.002136] kasan_save_track+0x18/0x40 [ 17.003490] kasan_save_alloc_info+0x3b/0x50 [ 17.004122] __kasan_kmalloc+0xb7/0xc0 [ 17.004839] __kmalloc_cache_noprof+0x189/0x420 [ 17.005445] kasan_bitops_generic+0x92/0x1c0 [ 17.006017] kunit_try_run_case+0x1a5/0x480 [ 17.006619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.007144] kthread+0x337/0x6f0 [ 17.007452] ret_from_fork+0x116/0x1d0 [ 17.008501] ret_from_fork_asm+0x1a/0x30 [ 17.008946] [ 17.009194] The buggy address belongs to the object at ffff8881023809a0 [ 17.009194] which belongs to the cache kmalloc-16 of size 16 [ 17.009897] The buggy address is located 8 bytes inside of [ 17.009897] allocated 9-byte region [ffff8881023809a0, ffff8881023809a9) [ 17.010865] [ 17.011074] The buggy address belongs to the physical page: [ 17.011431] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102380 [ 17.011833] flags: 0x200000000000000(node=0|zone=2) [ 17.012104] page_type: f5(slab) [ 17.013298] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.014097] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.014639] page dumped because: kasan: bad access detected [ 17.015251] [ 17.015482] Memory state around the buggy address: [ 17.016424] ffff888102380880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 17.017153] ffff888102380900: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 17.017735] >ffff888102380980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.018216] ^ [ 17.018584] ffff888102380a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.019418] ffff888102380a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.019925] ================================================================== [ 17.186370] ================================================================== [ 17.186949] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 17.187572] Write of size 8 at addr ffff8881023809a8 by task kunit_try_catch/278 [ 17.188405] [ 17.188729] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250603 #1 PREEMPT(voluntary) [ 17.188864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.188896] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.188950] Call Trace: [ 17.188997] <TASK> [ 17.189043] dump_stack_lvl+0x73/0xb0 [ 17.189123] print_report+0xd1/0x650 [ 17.189178] ? __virt_addr_valid+0x1db/0x2d0 [ 17.189228] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 17.189268] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.189295] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 17.189325] kasan_report+0x141/0x180 [ 17.189350] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 17.189383] kasan_check_range+0x10c/0x1c0 [ 17.189410] __kasan_check_write+0x18/0x20 [ 17.189432] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 17.189487] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 17.190275] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.190312] ? kasan_bitops_generic+0x92/0x1c0 [ 17.190345] kasan_bitops_generic+0x116/0x1c0 [ 17.190375] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 17.190402] ? __pfx_read_tsc+0x10/0x10 [ 17.190428] ? ktime_get_ts64+0x86/0x230 [ 17.190474] kunit_try_run_case+0x1a5/0x480 [ 17.190506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.190528] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.190559] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.190587] ? __kthread_parkme+0x82/0x180 [ 17.190612] ? preempt_count_sub+0x50/0x80 [ 17.190643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.190667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.190702] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.190745] kthread+0x337/0x6f0 [ 17.190779] ? trace_preempt_on+0x20/0xc0 [ 17.190819] ? __pfx_kthread+0x10/0x10 [ 17.190868] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.190893] ? calculate_sigpending+0x7b/0xa0 [ 17.190921] ? __pfx_kthread+0x10/0x10 [ 17.190945] ret_from_fork+0x116/0x1d0 [ 17.190966] ? __pfx_kthread+0x10/0x10 [ 17.190990] ret_from_fork_asm+0x1a/0x30 [ 17.191025] </TASK> [ 17.191039] [ 17.208722] Allocated by task 278: [ 17.209158] kasan_save_stack+0x45/0x70 [ 17.209686] kasan_save_track+0x18/0x40 [ 17.210201] kasan_save_alloc_info+0x3b/0x50 [ 17.210864] __kasan_kmalloc+0xb7/0xc0 [ 17.211076] __kmalloc_cache_noprof+0x189/0x420 [ 17.211310] kasan_bitops_generic+0x92/0x1c0 [ 17.211729] kunit_try_run_case+0x1a5/0x480 [ 17.212053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.212850] kthread+0x337/0x6f0 [ 17.213179] ret_from_fork+0x116/0x1d0 [ 17.213532] ret_from_fork_asm+0x1a/0x30 [ 17.213746] [ 17.213946] The buggy address belongs to the object at ffff8881023809a0 [ 17.213946] which belongs to the cache kmalloc-16 of size 16 [ 17.215025] The buggy address is located 8 bytes inside of [ 17.215025] allocated 9-byte region [ffff8881023809a0, ffff8881023809a9) [ 17.215679] [ 17.215818] The buggy address belongs to the physical page: [ 17.216208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102380 [ 17.216811] flags: 0x200000000000000(node=0|zone=2) [ 17.217105] page_type: f5(slab) [ 17.217410] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.219195] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.219597] page dumped because: kasan: bad access detected [ 17.219841] [ 17.220020] Memory state around the buggy address: [ 17.220410] ffff888102380880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 17.221464] ffff888102380900: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 17.222596] >ffff888102380980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.222963] ^ [ 17.223227] ffff888102380a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.224212] ffff888102380a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.224617] ================================================================== [ 17.145636] ================================================================== [ 17.146715] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 17.147240] Write of size 8 at addr ffff8881023809a8 by task kunit_try_catch/278 [ 17.147699] [ 17.147909] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250603 #1 PREEMPT(voluntary) [ 17.148302] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.148342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.148396] Call Trace: [ 17.148442] <TASK> [ 17.148497] dump_stack_lvl+0x73/0xb0 [ 17.148570] print_report+0xd1/0x650 [ 17.148623] ? __virt_addr_valid+0x1db/0x2d0 [ 17.148673] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 17.148729] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.148779] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 17.148829] kasan_report+0x141/0x180 [ 17.148877] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 17.148973] kasan_check_range+0x10c/0x1c0 [ 17.149032] __kasan_check_write+0x18/0x20 [ 17.149083] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 17.149146] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 17.149250] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.149297] ? kasan_bitops_generic+0x92/0x1c0 [ 17.149338] kasan_bitops_generic+0x116/0x1c0 [ 17.149370] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 17.149400] ? __pfx_read_tsc+0x10/0x10 [ 17.149426] ? ktime_get_ts64+0x86/0x230 [ 17.149482] kunit_try_run_case+0x1a5/0x480 [ 17.149513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.149537] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.149568] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.149597] ? __kthread_parkme+0x82/0x180 [ 17.149621] ? preempt_count_sub+0x50/0x80 [ 17.149649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.149672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.149700] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.149728] kthread+0x337/0x6f0 [ 17.149750] ? trace_preempt_on+0x20/0xc0 [ 17.149777] ? __pfx_kthread+0x10/0x10 [ 17.149800] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.149825] ? calculate_sigpending+0x7b/0xa0 [ 17.149856] ? __pfx_kthread+0x10/0x10 [ 17.149881] ret_from_fork+0x116/0x1d0 [ 17.149903] ? __pfx_kthread+0x10/0x10 [ 17.149926] ret_from_fork_asm+0x1a/0x30 [ 17.149962] </TASK> [ 17.149976] [ 17.165751] Allocated by task 278: [ 17.166119] kasan_save_stack+0x45/0x70 [ 17.166956] kasan_save_track+0x18/0x40 [ 17.167662] kasan_save_alloc_info+0x3b/0x50 [ 17.167908] __kasan_kmalloc+0xb7/0xc0 [ 17.168340] __kmalloc_cache_noprof+0x189/0x420 [ 17.169169] kasan_bitops_generic+0x92/0x1c0 [ 17.169982] kunit_try_run_case+0x1a5/0x480 [ 17.170177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.171330] kthread+0x337/0x6f0 [ 17.171602] ret_from_fork+0x116/0x1d0 [ 17.172391] ret_from_fork_asm+0x1a/0x30 [ 17.172666] [ 17.173574] The buggy address belongs to the object at ffff8881023809a0 [ 17.173574] which belongs to the cache kmalloc-16 of size 16 [ 17.174070] The buggy address is located 8 bytes inside of [ 17.174070] allocated 9-byte region [ffff8881023809a0, ffff8881023809a9) [ 17.175258] [ 17.176024] The buggy address belongs to the physical page: [ 17.176291] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102380 [ 17.178018] flags: 0x200000000000000(node=0|zone=2) [ 17.178269] page_type: f5(slab) [ 17.178541] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.179537] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.180102] page dumped because: kasan: bad access detected [ 17.180629] [ 17.180914] Memory state around the buggy address: [ 17.181326] ffff888102380880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 17.181961] ffff888102380900: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 17.182673] >ffff888102380980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.183091] ^ [ 17.183575] ffff888102380a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.184316] ffff888102380a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.185006] ================================================================== [ 16.940041] ================================================================== [ 16.940605] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 16.941578] Write of size 8 at addr ffff8881023809a8 by task kunit_try_catch/278 [ 16.941782] [ 16.941879] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.0-next-20250603 #1 PREEMPT(voluntary) [ 16.941943] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.941959] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.941987] Call Trace: [ 16.942003] <TASK> [ 16.942029] dump_stack_lvl+0x73/0xb0 [ 16.942070] print_report+0xd1/0x650 [ 16.942098] ? __virt_addr_valid+0x1db/0x2d0 [ 16.942128] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 16.942158] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.942183] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 16.942418] kasan_report+0x141/0x180 [ 16.942448] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 16.942499] kasan_check_range+0x10c/0x1c0 [ 16.942528] __kasan_check_write+0x18/0x20 [ 16.942552] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 16.942582] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 16.942613] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.942639] ? kasan_bitops_generic+0x92/0x1c0 [ 16.942671] kasan_bitops_generic+0x116/0x1c0 [ 16.942769] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.942800] ? __pfx_read_tsc+0x10/0x10 [ 16.942828] ? ktime_get_ts64+0x86/0x230 [ 16.942857] kunit_try_run_case+0x1a5/0x480 [ 16.942885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.942906] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.942936] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.942963] ? __kthread_parkme+0x82/0x180 [ 16.942986] ? preempt_count_sub+0x50/0x80 [ 16.943013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.943036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.943065] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.943099] kthread+0x337/0x6f0 [ 16.943122] ? trace_preempt_on+0x20/0xc0 [ 16.943149] ? __pfx_kthread+0x10/0x10 [ 16.943171] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.943196] ? calculate_sigpending+0x7b/0xa0 [ 16.943244] ? __pfx_kthread+0x10/0x10 [ 16.943272] ret_from_fork+0x116/0x1d0 [ 16.943294] ? __pfx_kthread+0x10/0x10 [ 16.943317] ret_from_fork_asm+0x1a/0x30 [ 16.943387] </TASK> [ 16.943403] [ 16.961222] Allocated by task 278: [ 16.961972] kasan_save_stack+0x45/0x70 [ 16.962722] kasan_save_track+0x18/0x40 [ 16.962998] kasan_save_alloc_info+0x3b/0x50 [ 16.963186] __kasan_kmalloc+0xb7/0xc0 [ 16.963500] __kmalloc_cache_noprof+0x189/0x420 [ 16.963875] kasan_bitops_generic+0x92/0x1c0 [ 16.964081] kunit_try_run_case+0x1a5/0x480 [ 16.965535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.965874] kthread+0x337/0x6f0 [ 16.966288] ret_from_fork+0x116/0x1d0 [ 16.966450] ret_from_fork_asm+0x1a/0x30 [ 16.966679] [ 16.967326] The buggy address belongs to the object at ffff8881023809a0 [ 16.967326] which belongs to the cache kmalloc-16 of size 16 [ 16.969088] The buggy address is located 8 bytes inside of [ 16.969088] allocated 9-byte region [ffff8881023809a0, ffff8881023809a9) [ 16.969651] [ 16.969854] The buggy address belongs to the physical page: [ 16.971262] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102380 [ 16.971656] flags: 0x200000000000000(node=0|zone=2) [ 16.972290] page_type: f5(slab) [ 16.972570] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.972961] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.973795] page dumped because: kasan: bad access detected [ 16.974719] [ 16.975099] Memory state around the buggy address: [ 16.975398] ffff888102380880: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 16.976109] ffff888102380900: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 16.976530] >ffff888102380980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 16.977092] ^ [ 16.977696] ffff888102380a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.978241] ffff888102380a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.978596] ==================================================================