Date
June 16, 2025, 7:07 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 22.356518] ================================================================== [ 22.357911] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 22.358556] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.358597] Hardware name: linux,dummy-virt (DT) [ 22.358641] Call trace: [ 22.358674] show_stack+0x20/0x38 (C) [ 22.358742] dump_stack_lvl+0x8c/0xd0 [ 22.359424] __kasan_check_write+0x20/0x30 [ 22.360558] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.360631] kthread+0x328/0x630 [ 22.360688] ret_from_fork+0x10/0x20 [ 22.360753] [ 22.361071] Allocated by task 270: [ 22.361141] kasan_save_stack+0x3c/0x68 [ 22.361213] kasan_save_track+0x20/0x40 [ 22.361514] kasan_bitops_generic+0xa0/0x1c8 [ 22.361981] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.362085] kthread+0x328/0x630 [ 22.362544] [ 22.362925] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.362992] page_type: f5(slab) [ 22.363049] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.363219] [ 22.364034] fff00000c6397200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.364145] ================================================================== [ 22.303351] ================================================================== [ 22.303594] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 22.303844] Write of size 8 at addr fff00000c63971e8 by task kunit_try_catch/270 [ 22.304132] [ 22.304352] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250616 #1 PREEMPT [ 22.304615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.304654] Hardware name: linux,dummy-virt (DT) [ 22.304965] Call trace: [ 22.305029] show_stack+0x20/0x38 (C) [ 22.305106] dump_stack_lvl+0x8c/0xd0 [ 22.305168] print_report+0x118/0x608 [ 22.305224] kasan_report+0xdc/0x128 [ 22.305413] kasan_check_range+0x100/0x1a8 [ 22.305618] __kasan_check_write+0x20/0x30 [ 22.305733] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 22.305847] kasan_bitops_generic+0x110/0x1c8 [ 22.305913] kunit_try_run_case+0x170/0x3f0 [ 22.306030] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.306123] kthread+0x328/0x630 [ 22.306645] ret_from_fork+0x10/0x20 [ 22.306850] [ 22.306887] Allocated by task 270: [ 22.306931] kasan_save_stack+0x3c/0x68 [ 22.307050] kasan_save_track+0x20/0x40 [ 22.307105] kasan_save_alloc_info+0x40/0x58 [ 22.307540] __kasan_kmalloc+0xd4/0xd8 [ 22.307623] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.307745] kasan_bitops_generic+0xa0/0x1c8 [ 22.308074] kunit_try_run_case+0x170/0x3f0 [ 22.308161] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.308347] kthread+0x328/0x630 [ 22.308392] ret_from_fork+0x10/0x20 [ 22.308656] [ 22.308740] The buggy address belongs to the object at fff00000c63971e0 [ 22.308740] which belongs to the cache kmalloc-16 of size 16 [ 22.308818] The buggy address is located 8 bytes inside of [ 22.308818] allocated 9-byte region [fff00000c63971e0, fff00000c63971e9) [ 22.308900] [ 22.308929] The buggy address belongs to the physical page: [ 22.309040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106397 [ 22.309114] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.309301] page_type: f5(slab) [ 22.309357] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.309614] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.309848] page dumped because: kasan: bad access detected [ 22.309899] [ 22.309986] Memory state around the buggy address: [ 22.310145] fff00000c6397080: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 22.310209] fff00000c6397100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.310278] >fff00000c6397180: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 22.310332] ^ [ 22.310385] fff00000c6397200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.310437] fff00000c6397280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.310485] ================================================================== [ 22.325783] ================================================================== [ 22.325886] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 22.325969] Read of size 8 at addr fff00000c63971e8 by task kunit_try_catch/270 [ 22.326037] [ 22.326086] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250616 #1 PREEMPT [ 22.326197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.326237] Hardware name: linux,dummy-virt (DT) [ 22.326279] Call trace: [ 22.326314] show_stack+0x20/0x38 (C) [ 22.326413] dump_stack_lvl+0x8c/0xd0 [ 22.326531] print_report+0x118/0x608 [ 22.326613] kasan_report+0xdc/0x128 [ 22.326776] __asan_report_load8_noabort+0x20/0x30 [ 22.326913] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 22.326988] kasan_bitops_generic+0x110/0x1c8 [ 22.327056] kunit_try_run_case+0x170/0x3f0 [ 22.327118] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.327188] kthread+0x328/0x630 [ 22.327243] ret_from_fork+0x10/0x20 [ 22.327309] [ 22.327372] Allocated by task 270: [ 22.327429] kasan_save_stack+0x3c/0x68 [ 22.327492] kasan_save_track+0x20/0x40 [ 22.327545] kasan_save_alloc_info+0x40/0x58 [ 22.327595] __kasan_kmalloc+0xd4/0xd8 [ 22.327644] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.327696] kasan_bitops_generic+0xa0/0x1c8 [ 22.327745] kunit_try_run_case+0x170/0x3f0 [ 22.327796] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.327863] kthread+0x328/0x630 [ 22.327910] ret_from_fork+0x10/0x20 [ 22.327958] [ 22.327987] The buggy address belongs to the object at fff00000c63971e0 [ 22.327987] which belongs to the cache kmalloc-16 of size 16 [ 22.328060] The buggy address is located 8 bytes inside of [ 22.328060] allocated 9-byte region [fff00000c63971e0, fff00000c63971e9) [ 22.328136] [ 22.328164] The buggy address belongs to the physical page: [ 22.328205] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106397 [ 22.328272] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.328336] page_type: f5(slab) [ 22.328390] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.329428] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.329625] page dumped because: kasan: bad access detected [ 22.329690] [ 22.329719] Memory state around the buggy address: [ 22.329782] fff00000c6397080: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 22.329876] fff00000c6397100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.330034] >fff00000c6397180: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 22.330218] ^ [ 22.331331] ================================================================== [ 22.318263] ================================================================== [ 22.318550] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 22.318649] Write of size 8 at addr fff00000c63971e8 by task kunit_try_catch/270 [ 22.318896] [ 22.319008] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250616 #1 PREEMPT [ 22.319314] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.319491] Hardware name: linux,dummy-virt (DT) [ 22.319549] Call trace: [ 22.319685] show_stack+0x20/0x38 (C) [ 22.319758] dump_stack_lvl+0x8c/0xd0 [ 22.319825] print_report+0x118/0x608 [ 22.319899] kasan_report+0xdc/0x128 [ 22.319959] kasan_check_range+0x100/0x1a8 [ 22.320020] __kasan_check_write+0x20/0x30 [ 22.320076] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 22.320141] kasan_bitops_generic+0x110/0x1c8 [ 22.320202] kunit_try_run_case+0x170/0x3f0 [ 22.320260] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.320325] kthread+0x328/0x630 [ 22.320379] ret_from_fork+0x10/0x20 [ 22.320439] [ 22.320471] Allocated by task 270: [ 22.320512] kasan_save_stack+0x3c/0x68 [ 22.320569] kasan_save_track+0x20/0x40 [ 22.320621] kasan_save_alloc_info+0x40/0x58 [ 22.320671] __kasan_kmalloc+0xd4/0xd8 [ 22.320720] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.320771] kasan_bitops_generic+0xa0/0x1c8 [ 22.321188] kunit_try_run_case+0x170/0x3f0 [ 22.321248] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.321437] kthread+0x328/0x630 [ 22.321491] ret_from_fork+0x10/0x20 [ 22.321682] [ 22.321722] The buggy address belongs to the object at fff00000c63971e0 [ 22.321722] which belongs to the cache kmalloc-16 of size 16 [ 22.321805] The buggy address is located 8 bytes inside of [ 22.321805] allocated 9-byte region [fff00000c63971e0, fff00000c63971e9) [ 22.321928] [ 22.321978] The buggy address belongs to the physical page: [ 22.322025] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106397 [ 22.322550] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.322653] page_type: f5(slab) [ 22.322723] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.323056] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.323401] page dumped because: kasan: bad access detected [ 22.323500] [ 22.323531] Memory state around the buggy address: [ 22.323584] fff00000c6397080: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 22.323658] fff00000c6397100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.323717] >fff00000c6397180: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 22.323771] ^ [ 22.324206] fff00000c6397200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.324298] fff00000c6397280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.324413] ================================================================== [ 22.313776] ================================================================== [ 22.313879] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 22.313966] Read of size 8 at addr fff00000c63971e8 by task kunit_try_catch/270 [ 22.314032] [ 22.314083] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250616 #1 PREEMPT [ 22.314195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.314230] Hardware name: linux,dummy-virt (DT) [ 22.314273] Call trace: [ 22.314305] show_stack+0x20/0x38 (C) [ 22.314370] dump_stack_lvl+0x8c/0xd0 [ 22.314431] print_report+0x118/0x608 [ 22.314489] kasan_report+0xdc/0x128 [ 22.314549] __asan_report_load8_noabort+0x20/0x30 [ 22.314610] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 22.314673] kasan_bitops_generic+0x110/0x1c8 [ 22.314734] kunit_try_run_case+0x170/0x3f0 [ 22.314795] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.314873] kthread+0x328/0x630 [ 22.314931] ret_from_fork+0x10/0x20 [ 22.314994] [ 22.315023] Allocated by task 270: [ 22.315063] kasan_save_stack+0x3c/0x68 [ 22.315118] kasan_save_track+0x20/0x40 [ 22.315168] kasan_save_alloc_info+0x40/0x58 [ 22.315216] __kasan_kmalloc+0xd4/0xd8 [ 22.315265] __kmalloc_cache_noprof+0x16c/0x3c0 [ 22.315316] kasan_bitops_generic+0xa0/0x1c8 [ 22.315366] kunit_try_run_case+0x170/0x3f0 [ 22.315414] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 22.315467] kthread+0x328/0x630 [ 22.315510] ret_from_fork+0x10/0x20 [ 22.315557] [ 22.315584] The buggy address belongs to the object at fff00000c63971e0 [ 22.315584] which belongs to the cache kmalloc-16 of size 16 [ 22.315657] The buggy address is located 8 bytes inside of [ 22.315657] allocated 9-byte region [fff00000c63971e0, fff00000c63971e9) [ 22.315730] [ 22.315758] The buggy address belongs to the physical page: [ 22.315802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106397 [ 22.316302] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 22.316376] page_type: f5(slab) [ 22.316477] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 22.316627] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.316679] page dumped because: kasan: bad access detected [ 22.316872] [ 22.316919] Memory state around the buggy address: [ 22.316974] fff00000c6397080: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 22.317169] fff00000c6397100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.317294] >fff00000c6397180: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 22.317376] ^ [ 22.317449] fff00000c6397200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.317511] fff00000c6397280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.317563] ==================================================================
[ 13.632064] ================================================================== [ 13.632535] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.632892] Write of size 8 at addr ffff8881025394a8 by task kunit_try_catch/286 [ 13.633154] [ 13.633234] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250616 #1 PREEMPT(voluntary) [ 13.633279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.633290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.633310] Call Trace: [ 13.633327] <TASK> [ 13.633342] dump_stack_lvl+0x73/0xb0 [ 13.633369] print_report+0xd1/0x650 [ 13.633390] ? __virt_addr_valid+0x1db/0x2d0 [ 13.633411] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.633435] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.633457] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.633481] kasan_report+0x141/0x180 [ 13.633503] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.633531] kasan_check_range+0x10c/0x1c0 [ 13.633553] __kasan_check_write+0x18/0x20 [ 13.633572] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.633596] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.633621] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.633644] ? trace_hardirqs_on+0x37/0xe0 [ 13.633667] ? kasan_bitops_generic+0x92/0x1c0 [ 13.633706] kasan_bitops_generic+0x116/0x1c0 [ 13.633729] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.633753] ? __pfx_read_tsc+0x10/0x10 [ 13.633773] ? ktime_get_ts64+0x86/0x230 [ 13.633798] kunit_try_run_case+0x1a5/0x480 [ 13.633820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.633842] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.633864] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.633885] ? __kthread_parkme+0x82/0x180 [ 13.633905] ? preempt_count_sub+0x50/0x80 [ 13.633937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.634137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.634165] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.634189] kthread+0x337/0x6f0 [ 13.634209] ? trace_preempt_on+0x20/0xc0 [ 13.634231] ? __pfx_kthread+0x10/0x10 [ 13.634250] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.634271] ? calculate_sigpending+0x7b/0xa0 [ 13.634297] ? __pfx_kthread+0x10/0x10 [ 13.634318] ret_from_fork+0x116/0x1d0 [ 13.634336] ? __pfx_kthread+0x10/0x10 [ 13.634356] ret_from_fork_asm+0x1a/0x30 [ 13.634386] </TASK> [ 13.634446] [ 13.643468] Allocated by task 286: [ 13.643655] kasan_save_stack+0x45/0x70 [ 13.643852] kasan_save_track+0x18/0x40 [ 13.644046] kasan_save_alloc_info+0x3b/0x50 [ 13.644226] __kasan_kmalloc+0xb7/0xc0 [ 13.644356] __kmalloc_cache_noprof+0x189/0x420 [ 13.645079] kasan_bitops_generic+0x92/0x1c0 [ 13.645302] kunit_try_run_case+0x1a5/0x480 [ 13.645736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.645921] kthread+0x337/0x6f0 [ 13.646048] ret_from_fork+0x116/0x1d0 [ 13.646215] ret_from_fork_asm+0x1a/0x30 [ 13.646386] [ 13.646890] The buggy address belongs to the object at ffff8881025394a0 [ 13.646890] which belongs to the cache kmalloc-16 of size 16 [ 13.647884] The buggy address is located 8 bytes inside of [ 13.647884] allocated 9-byte region [ffff8881025394a0, ffff8881025394a9) [ 13.648507] [ 13.648612] The buggy address belongs to the physical page: [ 13.648794] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102539 [ 13.649149] flags: 0x200000000000000(node=0|zone=2) [ 13.649326] page_type: f5(slab) [ 13.649527] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 13.650061] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.650399] page dumped because: kasan: bad access detected [ 13.650613] [ 13.650700] Memory state around the buggy address: [ 13.650893] ffff888102539380: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.651127] ffff888102539400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.651416] >ffff888102539480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 13.651712] ^ [ 13.651857] ffff888102539500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.652183] ffff888102539580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.652526] ================================================================== [ 13.613500] ================================================================== [ 13.613789] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.614046] Write of size 8 at addr ffff8881025394a8 by task kunit_try_catch/286 [ 13.614263] [ 13.614342] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250616 #1 PREEMPT(voluntary) [ 13.614571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.614589] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.614610] Call Trace: [ 13.614627] <TASK> [ 13.614642] dump_stack_lvl+0x73/0xb0 [ 13.614672] print_report+0xd1/0x650 [ 13.614694] ? __virt_addr_valid+0x1db/0x2d0 [ 13.614715] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.614739] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.614760] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.614783] kasan_report+0x141/0x180 [ 13.614805] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.614834] kasan_check_range+0x10c/0x1c0 [ 13.614856] __kasan_check_write+0x18/0x20 [ 13.614874] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.614898] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.614923] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.614961] ? trace_hardirqs_on+0x37/0xe0 [ 13.614983] ? kasan_bitops_generic+0x92/0x1c0 [ 13.615009] kasan_bitops_generic+0x116/0x1c0 [ 13.615031] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.615055] ? __pfx_read_tsc+0x10/0x10 [ 13.615074] ? ktime_get_ts64+0x86/0x230 [ 13.615099] kunit_try_run_case+0x1a5/0x480 [ 13.615123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.615144] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.615167] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.615188] ? __kthread_parkme+0x82/0x180 [ 13.615208] ? preempt_count_sub+0x50/0x80 [ 13.615230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.615252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.615274] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.615296] kthread+0x337/0x6f0 [ 13.615314] ? trace_preempt_on+0x20/0xc0 [ 13.615336] ? __pfx_kthread+0x10/0x10 [ 13.615355] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.615375] ? calculate_sigpending+0x7b/0xa0 [ 13.615398] ? __pfx_kthread+0x10/0x10 [ 13.615477] ret_from_fork+0x116/0x1d0 [ 13.615496] ? __pfx_kthread+0x10/0x10 [ 13.615516] ret_from_fork_asm+0x1a/0x30 [ 13.615545] </TASK> [ 13.615555] [ 13.624139] Allocated by task 286: [ 13.624319] kasan_save_stack+0x45/0x70 [ 13.624548] kasan_save_track+0x18/0x40 [ 13.624788] kasan_save_alloc_info+0x3b/0x50 [ 13.625018] __kasan_kmalloc+0xb7/0xc0 [ 13.625161] __kmalloc_cache_noprof+0x189/0x420 [ 13.625357] kasan_bitops_generic+0x92/0x1c0 [ 13.625531] kunit_try_run_case+0x1a5/0x480 [ 13.625721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.626083] kthread+0x337/0x6f0 [ 13.626249] ret_from_fork+0x116/0x1d0 [ 13.626440] ret_from_fork_asm+0x1a/0x30 [ 13.626617] [ 13.626701] The buggy address belongs to the object at ffff8881025394a0 [ 13.626701] which belongs to the cache kmalloc-16 of size 16 [ 13.627169] The buggy address is located 8 bytes inside of [ 13.627169] allocated 9-byte region [ffff8881025394a0, ffff8881025394a9) [ 13.627758] [ 13.627839] The buggy address belongs to the physical page: [ 13.628021] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102539 [ 13.628257] flags: 0x200000000000000(node=0|zone=2) [ 13.628425] page_type: f5(slab) [ 13.628766] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 13.629116] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.629551] page dumped because: kasan: bad access detected [ 13.629817] [ 13.629906] Memory state around the buggy address: [ 13.630140] ffff888102539380: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.630516] ffff888102539400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.630730] >ffff888102539480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 13.630945] ^ [ 13.631087] ffff888102539500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.631294] ffff888102539580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.631564] ================================================================== [ 13.536783] ================================================================== [ 13.537307] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.537698] Write of size 8 at addr ffff8881025394a8 by task kunit_try_catch/286 [ 13.538043] [ 13.538148] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250616 #1 PREEMPT(voluntary) [ 13.538192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.538203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.538223] Call Trace: [ 13.538235] <TASK> [ 13.538249] dump_stack_lvl+0x73/0xb0 [ 13.538275] print_report+0xd1/0x650 [ 13.538296] ? __virt_addr_valid+0x1db/0x2d0 [ 13.538319] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.538344] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.538365] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.538389] kasan_report+0x141/0x180 [ 13.538410] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.538438] kasan_check_range+0x10c/0x1c0 [ 13.538460] __kasan_check_write+0x18/0x20 [ 13.538479] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.538503] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.538528] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.538550] ? trace_hardirqs_on+0x37/0xe0 [ 13.538574] ? kasan_bitops_generic+0x92/0x1c0 [ 13.538599] kasan_bitops_generic+0x116/0x1c0 [ 13.538621] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.538644] ? __pfx_read_tsc+0x10/0x10 [ 13.538664] ? ktime_get_ts64+0x86/0x230 [ 13.538690] kunit_try_run_case+0x1a5/0x480 [ 13.538713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.538734] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.538755] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.538776] ? __kthread_parkme+0x82/0x180 [ 13.538795] ? preempt_count_sub+0x50/0x80 [ 13.538817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.538839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.538861] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.538882] kthread+0x337/0x6f0 [ 13.538900] ? trace_preempt_on+0x20/0xc0 [ 13.538921] ? __pfx_kthread+0x10/0x10 [ 13.539046] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.539067] ? calculate_sigpending+0x7b/0xa0 [ 13.539090] ? __pfx_kthread+0x10/0x10 [ 13.539111] ret_from_fork+0x116/0x1d0 [ 13.539129] ? __pfx_kthread+0x10/0x10 [ 13.539148] ret_from_fork_asm+0x1a/0x30 [ 13.539178] </TASK> [ 13.539188] [ 13.546916] Allocated by task 286: [ 13.547102] kasan_save_stack+0x45/0x70 [ 13.547300] kasan_save_track+0x18/0x40 [ 13.547556] kasan_save_alloc_info+0x3b/0x50 [ 13.547768] __kasan_kmalloc+0xb7/0xc0 [ 13.547959] __kmalloc_cache_noprof+0x189/0x420 [ 13.548174] kasan_bitops_generic+0x92/0x1c0 [ 13.548370] kunit_try_run_case+0x1a5/0x480 [ 13.548842] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.549047] kthread+0x337/0x6f0 [ 13.549164] ret_from_fork+0x116/0x1d0 [ 13.549346] ret_from_fork_asm+0x1a/0x30 [ 13.549534] [ 13.549627] The buggy address belongs to the object at ffff8881025394a0 [ 13.549627] which belongs to the cache kmalloc-16 of size 16 [ 13.550222] The buggy address is located 8 bytes inside of [ 13.550222] allocated 9-byte region [ffff8881025394a0, ffff8881025394a9) [ 13.550752] [ 13.550847] The buggy address belongs to the physical page: [ 13.551075] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102539 [ 13.551333] flags: 0x200000000000000(node=0|zone=2) [ 13.551556] page_type: f5(slab) [ 13.551717] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 13.552073] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.552409] page dumped because: kasan: bad access detected [ 13.552662] [ 13.552750] Memory state around the buggy address: [ 13.552951] ffff888102539380: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.553224] ffff888102539400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.553474] >ffff888102539480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 13.553680] ^ [ 13.553854] ffff888102539500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.554370] ffff888102539580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.554755] ================================================================== [ 13.516688] ================================================================== [ 13.517888] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.518945] Write of size 8 at addr ffff8881025394a8 by task kunit_try_catch/286 [ 13.519871] [ 13.520002] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250616 #1 PREEMPT(voluntary) [ 13.520053] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.520066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.520087] Call Trace: [ 13.520101] <TASK> [ 13.520119] dump_stack_lvl+0x73/0xb0 [ 13.520154] print_report+0xd1/0x650 [ 13.520176] ? __virt_addr_valid+0x1db/0x2d0 [ 13.520200] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.520225] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.520246] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.520271] kasan_report+0x141/0x180 [ 13.520292] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.520323] kasan_check_range+0x10c/0x1c0 [ 13.520345] __kasan_check_write+0x18/0x20 [ 13.520364] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.520414] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.520440] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.520464] ? trace_hardirqs_on+0x37/0xe0 [ 13.520486] ? kasan_bitops_generic+0x92/0x1c0 [ 13.520513] kasan_bitops_generic+0x116/0x1c0 [ 13.520536] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.520559] ? __pfx_read_tsc+0x10/0x10 [ 13.520580] ? ktime_get_ts64+0x86/0x230 [ 13.520605] kunit_try_run_case+0x1a5/0x480 [ 13.520630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.520651] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.520674] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.520695] ? __kthread_parkme+0x82/0x180 [ 13.520716] ? preempt_count_sub+0x50/0x80 [ 13.520739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.520761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.520783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.520804] kthread+0x337/0x6f0 [ 13.520823] ? trace_preempt_on+0x20/0xc0 [ 13.520844] ? __pfx_kthread+0x10/0x10 [ 13.520863] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.520883] ? calculate_sigpending+0x7b/0xa0 [ 13.520906] ? __pfx_kthread+0x10/0x10 [ 13.520927] ret_from_fork+0x116/0x1d0 [ 13.520954] ? __pfx_kthread+0x10/0x10 [ 13.520974] ret_from_fork_asm+0x1a/0x30 [ 13.521004] </TASK> [ 13.521015] [ 13.528797] Allocated by task 286: [ 13.528968] kasan_save_stack+0x45/0x70 [ 13.529106] kasan_save_track+0x18/0x40 [ 13.529230] kasan_save_alloc_info+0x3b/0x50 [ 13.529431] __kasan_kmalloc+0xb7/0xc0 [ 13.529702] __kmalloc_cache_noprof+0x189/0x420 [ 13.529941] kasan_bitops_generic+0x92/0x1c0 [ 13.530144] kunit_try_run_case+0x1a5/0x480 [ 13.530346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.530585] kthread+0x337/0x6f0 [ 13.530704] ret_from_fork+0x116/0x1d0 [ 13.530825] ret_from_fork_asm+0x1a/0x30 [ 13.530973] [ 13.531062] The buggy address belongs to the object at ffff8881025394a0 [ 13.531062] which belongs to the cache kmalloc-16 of size 16 [ 13.531663] The buggy address is located 8 bytes inside of [ 13.531663] allocated 9-byte region [ffff8881025394a0, ffff8881025394a9) [ 13.532097] [ 13.532164] The buggy address belongs to the physical page: [ 13.532324] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102539 [ 13.532821] flags: 0x200000000000000(node=0|zone=2) [ 13.533074] page_type: f5(slab) [ 13.533239] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 13.533649] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.533992] page dumped because: kasan: bad access detected [ 13.534214] [ 13.534283] Memory state around the buggy address: [ 13.534553] ffff888102539380: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.534805] ffff888102539400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.535084] >ffff888102539480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 13.535374] ^ [ 13.535652] ffff888102539500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.535888] ffff888102539580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.536097] ================================================================== [ 13.555232] ================================================================== [ 13.555553] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.555898] Write of size 8 at addr ffff8881025394a8 by task kunit_try_catch/286 [ 13.556231] [ 13.556330] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250616 #1 PREEMPT(voluntary) [ 13.556372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.556384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.556404] Call Trace: [ 13.556484] <TASK> [ 13.556505] dump_stack_lvl+0x73/0xb0 [ 13.556533] print_report+0xd1/0x650 [ 13.556554] ? __virt_addr_valid+0x1db/0x2d0 [ 13.556575] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.556599] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.556621] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.556645] kasan_report+0x141/0x180 [ 13.556666] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.556695] kasan_check_range+0x10c/0x1c0 [ 13.556718] __kasan_check_write+0x18/0x20 [ 13.556736] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.556760] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.556786] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.556808] ? trace_hardirqs_on+0x37/0xe0 [ 13.556831] ? kasan_bitops_generic+0x92/0x1c0 [ 13.556857] kasan_bitops_generic+0x116/0x1c0 [ 13.556879] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.556903] ? __pfx_read_tsc+0x10/0x10 [ 13.556924] ? ktime_get_ts64+0x86/0x230 [ 13.556960] kunit_try_run_case+0x1a5/0x480 [ 13.556982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.557003] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.557025] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.557046] ? __kthread_parkme+0x82/0x180 [ 13.557064] ? preempt_count_sub+0x50/0x80 [ 13.557088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.557111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.557133] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.557154] kthread+0x337/0x6f0 [ 13.557173] ? trace_preempt_on+0x20/0xc0 [ 13.557194] ? __pfx_kthread+0x10/0x10 [ 13.557215] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.557234] ? calculate_sigpending+0x7b/0xa0 [ 13.557257] ? __pfx_kthread+0x10/0x10 [ 13.557277] ret_from_fork+0x116/0x1d0 [ 13.557295] ? __pfx_kthread+0x10/0x10 [ 13.557314] ret_from_fork_asm+0x1a/0x30 [ 13.557345] </TASK> [ 13.557355] [ 13.565313] Allocated by task 286: [ 13.565655] kasan_save_stack+0x45/0x70 [ 13.565874] kasan_save_track+0x18/0x40 [ 13.566073] kasan_save_alloc_info+0x3b/0x50 [ 13.566277] __kasan_kmalloc+0xb7/0xc0 [ 13.566520] __kmalloc_cache_noprof+0x189/0x420 [ 13.566677] kasan_bitops_generic+0x92/0x1c0 [ 13.566881] kunit_try_run_case+0x1a5/0x480 [ 13.567090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.567333] kthread+0x337/0x6f0 [ 13.567551] ret_from_fork+0x116/0x1d0 [ 13.567714] ret_from_fork_asm+0x1a/0x30 [ 13.567866] [ 13.567943] The buggy address belongs to the object at ffff8881025394a0 [ 13.567943] which belongs to the cache kmalloc-16 of size 16 [ 13.568530] The buggy address is located 8 bytes inside of [ 13.568530] allocated 9-byte region [ffff8881025394a0, ffff8881025394a9) [ 13.569001] [ 13.569078] The buggy address belongs to the physical page: [ 13.569299] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102539 [ 13.569801] flags: 0x200000000000000(node=0|zone=2) [ 13.570014] page_type: f5(slab) [ 13.570133] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 13.570355] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.570670] page dumped because: kasan: bad access detected [ 13.570917] [ 13.571014] Memory state around the buggy address: [ 13.571223] ffff888102539380: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.571597] ffff888102539400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.571907] >ffff888102539480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 13.572130] ^ [ 13.572269] ffff888102539500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.572544] ffff888102539580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.572852] ================================================================== [ 13.573307] ================================================================== [ 13.573838] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.574231] Write of size 8 at addr ffff8881025394a8 by task kunit_try_catch/286 [ 13.574644] [ 13.574748] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250616 #1 PREEMPT(voluntary) [ 13.574791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.574803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.574822] Call Trace: [ 13.574835] <TASK> [ 13.574849] dump_stack_lvl+0x73/0xb0 [ 13.574875] print_report+0xd1/0x650 [ 13.574896] ? __virt_addr_valid+0x1db/0x2d0 [ 13.574917] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.574952] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.574975] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.574999] kasan_report+0x141/0x180 [ 13.575020] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.575049] kasan_check_range+0x10c/0x1c0 [ 13.575071] __kasan_check_write+0x18/0x20 [ 13.575090] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.575114] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.575139] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.575162] ? trace_hardirqs_on+0x37/0xe0 [ 13.575184] ? kasan_bitops_generic+0x92/0x1c0 [ 13.575211] kasan_bitops_generic+0x116/0x1c0 [ 13.575233] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.575257] ? __pfx_read_tsc+0x10/0x10 [ 13.575276] ? ktime_get_ts64+0x86/0x230 [ 13.575301] kunit_try_run_case+0x1a5/0x480 [ 13.575323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.575345] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.575367] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.575387] ? __kthread_parkme+0x82/0x180 [ 13.575407] ? preempt_count_sub+0x50/0x80 [ 13.575500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.575525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.575547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.575569] kthread+0x337/0x6f0 [ 13.575588] ? trace_preempt_on+0x20/0xc0 [ 13.575609] ? __pfx_kthread+0x10/0x10 [ 13.575629] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.575648] ? calculate_sigpending+0x7b/0xa0 [ 13.575672] ? __pfx_kthread+0x10/0x10 [ 13.575693] ret_from_fork+0x116/0x1d0 [ 13.575710] ? __pfx_kthread+0x10/0x10 [ 13.575730] ret_from_fork_asm+0x1a/0x30 [ 13.575759] </TASK> [ 13.575769] [ 13.586308] Allocated by task 286: [ 13.586619] kasan_save_stack+0x45/0x70 [ 13.586812] kasan_save_track+0x18/0x40 [ 13.586992] kasan_save_alloc_info+0x3b/0x50 [ 13.587180] __kasan_kmalloc+0xb7/0xc0 [ 13.587342] __kmalloc_cache_noprof+0x189/0x420 [ 13.587983] kasan_bitops_generic+0x92/0x1c0 [ 13.588151] kunit_try_run_case+0x1a5/0x480 [ 13.588315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.588836] kthread+0x337/0x6f0 [ 13.589006] ret_from_fork+0x116/0x1d0 [ 13.589174] ret_from_fork_asm+0x1a/0x30 [ 13.589343] [ 13.589656] The buggy address belongs to the object at ffff8881025394a0 [ 13.589656] which belongs to the cache kmalloc-16 of size 16 [ 13.590138] The buggy address is located 8 bytes inside of [ 13.590138] allocated 9-byte region [ffff8881025394a0, ffff8881025394a9) [ 13.590654] [ 13.590742] The buggy address belongs to the physical page: [ 13.590961] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102539 [ 13.591198] flags: 0x200000000000000(node=0|zone=2) [ 13.591353] page_type: f5(slab) [ 13.591468] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 13.591967] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.592283] page dumped because: kasan: bad access detected [ 13.592645] [ 13.592730] Memory state around the buggy address: [ 13.592917] ffff888102539380: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.593183] ffff888102539400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.593391] >ffff888102539480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 13.593709] ^ [ 13.593920] ffff888102539500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.594479] ffff888102539580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.594767] ================================================================== [ 13.653034] ================================================================== [ 13.653298] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.653701] Write of size 8 at addr ffff8881025394a8 by task kunit_try_catch/286 [ 13.654005] [ 13.654109] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250616 #1 PREEMPT(voluntary) [ 13.654153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.654165] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.654185] Call Trace: [ 13.654202] <TASK> [ 13.654218] dump_stack_lvl+0x73/0xb0 [ 13.654245] print_report+0xd1/0x650 [ 13.654267] ? __virt_addr_valid+0x1db/0x2d0 [ 13.654288] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.654312] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.654333] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.654357] kasan_report+0x141/0x180 [ 13.654379] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.654407] kasan_check_range+0x10c/0x1c0 [ 13.654430] __kasan_check_write+0x18/0x20 [ 13.654448] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.654473] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.654498] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.654521] ? trace_hardirqs_on+0x37/0xe0 [ 13.654542] ? kasan_bitops_generic+0x92/0x1c0 [ 13.654568] kasan_bitops_generic+0x116/0x1c0 [ 13.654590] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.654614] ? __pfx_read_tsc+0x10/0x10 [ 13.654635] ? ktime_get_ts64+0x86/0x230 [ 13.654660] kunit_try_run_case+0x1a5/0x480 [ 13.654683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.654704] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.654726] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.654748] ? __kthread_parkme+0x82/0x180 [ 13.654767] ? preempt_count_sub+0x50/0x80 [ 13.654790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.654813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.654834] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.654857] kthread+0x337/0x6f0 [ 13.654875] ? trace_preempt_on+0x20/0xc0 [ 13.654897] ? __pfx_kthread+0x10/0x10 [ 13.654917] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.654947] ? calculate_sigpending+0x7b/0xa0 [ 13.654971] ? __pfx_kthread+0x10/0x10 [ 13.654992] ret_from_fork+0x116/0x1d0 [ 13.655010] ? __pfx_kthread+0x10/0x10 [ 13.655030] ret_from_fork_asm+0x1a/0x30 [ 13.655059] </TASK> [ 13.655070] [ 13.662592] Allocated by task 286: [ 13.662819] kasan_save_stack+0x45/0x70 [ 13.663030] kasan_save_track+0x18/0x40 [ 13.663217] kasan_save_alloc_info+0x3b/0x50 [ 13.663421] __kasan_kmalloc+0xb7/0xc0 [ 13.663619] __kmalloc_cache_noprof+0x189/0x420 [ 13.663924] kasan_bitops_generic+0x92/0x1c0 [ 13.664337] kunit_try_run_case+0x1a5/0x480 [ 13.664511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.664681] kthread+0x337/0x6f0 [ 13.664793] ret_from_fork+0x116/0x1d0 [ 13.664916] ret_from_fork_asm+0x1a/0x30 [ 13.665174] [ 13.665266] The buggy address belongs to the object at ffff8881025394a0 [ 13.665266] which belongs to the cache kmalloc-16 of size 16 [ 13.666233] The buggy address is located 8 bytes inside of [ 13.666233] allocated 9-byte region [ffff8881025394a0, ffff8881025394a9) [ 13.666702] [ 13.666771] The buggy address belongs to the physical page: [ 13.666947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102539 [ 13.667179] flags: 0x200000000000000(node=0|zone=2) [ 13.667561] page_type: f5(slab) [ 13.667744] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 13.668103] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.668434] page dumped because: kasan: bad access detected [ 13.668736] [ 13.668815] Memory state around the buggy address: [ 13.669009] ffff888102539380: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.669274] ffff888102539400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.669625] >ffff888102539480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 13.669914] ^ [ 13.670096] ffff888102539500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.670301] ffff888102539580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.670548] ================================================================== [ 13.595187] ================================================================== [ 13.595513] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.596005] Write of size 8 at addr ffff8881025394a8 by task kunit_try_catch/286 [ 13.596230] [ 13.596310] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250616 #1 PREEMPT(voluntary) [ 13.596356] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.596367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.596387] Call Trace: [ 13.596404] <TASK> [ 13.596420] dump_stack_lvl+0x73/0xb0 [ 13.596447] print_report+0xd1/0x650 [ 13.596469] ? __virt_addr_valid+0x1db/0x2d0 [ 13.596491] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.596515] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.596537] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.596577] kasan_report+0x141/0x180 [ 13.596598] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.596626] kasan_check_range+0x10c/0x1c0 [ 13.596649] __kasan_check_write+0x18/0x20 [ 13.596667] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.596691] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.596717] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.596739] ? trace_hardirqs_on+0x37/0xe0 [ 13.596762] ? kasan_bitops_generic+0x92/0x1c0 [ 13.596787] kasan_bitops_generic+0x116/0x1c0 [ 13.596809] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.596833] ? __pfx_read_tsc+0x10/0x10 [ 13.596853] ? ktime_get_ts64+0x86/0x230 [ 13.596877] kunit_try_run_case+0x1a5/0x480 [ 13.596901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.596922] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.596952] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.596974] ? __kthread_parkme+0x82/0x180 [ 13.596993] ? preempt_count_sub+0x50/0x80 [ 13.597016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.597039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.597062] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.597084] kthread+0x337/0x6f0 [ 13.597102] ? trace_preempt_on+0x20/0xc0 [ 13.597124] ? __pfx_kthread+0x10/0x10 [ 13.597143] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.597163] ? calculate_sigpending+0x7b/0xa0 [ 13.597186] ? __pfx_kthread+0x10/0x10 [ 13.597207] ret_from_fork+0x116/0x1d0 [ 13.597224] ? __pfx_kthread+0x10/0x10 [ 13.597244] ret_from_fork_asm+0x1a/0x30 [ 13.597274] </TASK> [ 13.597285] [ 13.605751] Allocated by task 286: [ 13.605948] kasan_save_stack+0x45/0x70 [ 13.606127] kasan_save_track+0x18/0x40 [ 13.606302] kasan_save_alloc_info+0x3b/0x50 [ 13.606563] __kasan_kmalloc+0xb7/0xc0 [ 13.606744] __kmalloc_cache_noprof+0x189/0x420 [ 13.606942] kasan_bitops_generic+0x92/0x1c0 [ 13.607086] kunit_try_run_case+0x1a5/0x480 [ 13.607254] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.607611] kthread+0x337/0x6f0 [ 13.607771] ret_from_fork+0x116/0x1d0 [ 13.607898] ret_from_fork_asm+0x1a/0x30 [ 13.608100] [ 13.608192] The buggy address belongs to the object at ffff8881025394a0 [ 13.608192] which belongs to the cache kmalloc-16 of size 16 [ 13.608741] The buggy address is located 8 bytes inside of [ 13.608741] allocated 9-byte region [ffff8881025394a0, ffff8881025394a9) [ 13.609210] [ 13.609298] The buggy address belongs to the physical page: [ 13.609703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102539 [ 13.610077] flags: 0x200000000000000(node=0|zone=2) [ 13.610259] page_type: f5(slab) [ 13.610419] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 13.610712] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.611028] page dumped because: kasan: bad access detected [ 13.611248] [ 13.611327] Memory state around the buggy address: [ 13.611475] ffff888102539380: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.611682] ffff888102539400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.611890] >ffff888102539480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 13.612166] ^ [ 13.612382] ffff888102539500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.612739] ffff888102539580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.613055] ==================================================================