Date
June 19, 2025, 12:07 p.m.
| Environment | |
|---|---|
| qemu-x86_64 |
[ 29.517645] ================================================================== [ 29.518245] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 29.519946] Write of size 8 at addr ffff888101892c28 by task kunit_try_catch/290 [ 29.520514] [ 29.520648] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250619 #1 PREEMPT(voluntary) [ 29.520741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.520762] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.520802] Call Trace: [ 29.520839] <TASK> [ 29.520878] dump_stack_lvl+0x73/0xb0 [ 29.520944] print_report+0xd1/0x650 [ 29.520986] ? __virt_addr_valid+0x1db/0x2d0 [ 29.521027] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 29.521075] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.521144] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 29.521196] kasan_report+0x141/0x180 [ 29.521247] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 29.521302] kasan_check_range+0x10c/0x1c0 [ 29.521595] __kasan_check_write+0x18/0x20 [ 29.521644] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 29.521687] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.521736] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.521787] ? trace_hardirqs_on+0x37/0xe0 [ 29.521831] ? kasan_bitops_generic+0x92/0x1c0 [ 29.521878] kasan_bitops_generic+0x116/0x1c0 [ 29.521918] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.521962] ? __pfx_read_tsc+0x10/0x10 [ 29.522003] ? ktime_get_ts64+0x86/0x230 [ 29.522048] kunit_try_run_case+0x1a5/0x480 [ 29.522094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.522159] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.522188] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.522214] ? __kthread_parkme+0x82/0x180 [ 29.522239] ? preempt_count_sub+0x50/0x80 [ 29.522266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.522293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.522318] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.522343] kthread+0x337/0x6f0 [ 29.522366] ? trace_preempt_on+0x20/0xc0 [ 29.522391] ? __pfx_kthread+0x10/0x10 [ 29.522414] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.522436] ? calculate_sigpending+0x7b/0xa0 [ 29.522463] ? __pfx_kthread+0x10/0x10 [ 29.522486] ret_from_fork+0x116/0x1d0 [ 29.522507] ? __pfx_kthread+0x10/0x10 [ 29.522529] ret_from_fork_asm+0x1a/0x30 [ 29.522564] </TASK> [ 29.522577] [ 29.536688] Allocated by task 290: [ 29.536921] kasan_save_stack+0x45/0x70 [ 29.537115] kasan_save_track+0x18/0x40 [ 29.537309] kasan_save_alloc_info+0x3b/0x50 [ 29.537521] __kasan_kmalloc+0xb7/0xc0 [ 29.537714] __kmalloc_cache_noprof+0x189/0x420 [ 29.537959] kasan_bitops_generic+0x92/0x1c0 [ 29.540181] kunit_try_run_case+0x1a5/0x480 [ 29.540657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.541246] kthread+0x337/0x6f0 [ 29.541398] ret_from_fork+0x116/0x1d0 [ 29.541494] ret_from_fork_asm+0x1a/0x30 [ 29.541590] [ 29.541645] The buggy address belongs to the object at ffff888101892c20 [ 29.541645] which belongs to the cache kmalloc-16 of size 16 [ 29.541864] The buggy address is located 8 bytes inside of [ 29.541864] allocated 9-byte region [ffff888101892c20, ffff888101892c29) [ 29.542385] [ 29.542501] The buggy address belongs to the physical page: [ 29.542715] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 29.544059] flags: 0x200000000000000(node=0|zone=2) [ 29.544403] page_type: f5(slab) [ 29.544550] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.545028] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.546337] page dumped because: kasan: bad access detected [ 29.546785] [ 29.546950] Memory state around the buggy address: [ 29.547330] ffff888101892b00: 00 00 fc fc 00 04 fc fc 00 04 fc fc 00 00 fc fc [ 29.547952] ffff888101892b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.548394] >ffff888101892c00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 29.548749] ^ [ 29.549735] ffff888101892c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.550339] ffff888101892d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.550792] ================================================================== [ 29.624454] ================================================================== [ 29.624859] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 29.625523] Write of size 8 at addr ffff888101892c28 by task kunit_try_catch/290 [ 29.625961] [ 29.626216] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250619 #1 PREEMPT(voluntary) [ 29.626324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.626351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.626399] Call Trace: [ 29.626442] <TASK> [ 29.626483] dump_stack_lvl+0x73/0xb0 [ 29.626554] print_report+0xd1/0x650 [ 29.626607] ? __virt_addr_valid+0x1db/0x2d0 [ 29.626661] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 29.626718] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.626775] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 29.626829] kasan_report+0x141/0x180 [ 29.626870] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 29.626927] kasan_check_range+0x10c/0x1c0 [ 29.626976] __kasan_check_write+0x18/0x20 [ 29.627027] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 29.627086] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.627162] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.627217] ? trace_hardirqs_on+0x37/0xe0 [ 29.627269] ? kasan_bitops_generic+0x92/0x1c0 [ 29.627332] kasan_bitops_generic+0x116/0x1c0 [ 29.627386] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.627443] ? __pfx_read_tsc+0x10/0x10 [ 29.627492] ? ktime_get_ts64+0x86/0x230 [ 29.628240] kunit_try_run_case+0x1a5/0x480 [ 29.628286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.628313] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.628341] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.628366] ? __kthread_parkme+0x82/0x180 [ 29.628390] ? preempt_count_sub+0x50/0x80 [ 29.628416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.628441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.628467] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.628492] kthread+0x337/0x6f0 [ 29.628514] ? trace_preempt_on+0x20/0xc0 [ 29.628540] ? __pfx_kthread+0x10/0x10 [ 29.628563] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.628586] ? calculate_sigpending+0x7b/0xa0 [ 29.628613] ? __pfx_kthread+0x10/0x10 [ 29.628636] ret_from_fork+0x116/0x1d0 [ 29.628658] ? __pfx_kthread+0x10/0x10 [ 29.628680] ret_from_fork_asm+0x1a/0x30 [ 29.628713] </TASK> [ 29.628726] [ 29.640233] Allocated by task 290: [ 29.640632] kasan_save_stack+0x45/0x70 [ 29.640995] kasan_save_track+0x18/0x40 [ 29.641433] kasan_save_alloc_info+0x3b/0x50 [ 29.641760] __kasan_kmalloc+0xb7/0xc0 [ 29.642119] __kmalloc_cache_noprof+0x189/0x420 [ 29.642495] kasan_bitops_generic+0x92/0x1c0 [ 29.642833] kunit_try_run_case+0x1a5/0x480 [ 29.643861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.644159] kthread+0x337/0x6f0 [ 29.644322] ret_from_fork+0x116/0x1d0 [ 29.644583] ret_from_fork_asm+0x1a/0x30 [ 29.644887] [ 29.645044] The buggy address belongs to the object at ffff888101892c20 [ 29.645044] which belongs to the cache kmalloc-16 of size 16 [ 29.645900] The buggy address is located 8 bytes inside of [ 29.645900] allocated 9-byte region [ffff888101892c20, ffff888101892c29) [ 29.646807] [ 29.646929] The buggy address belongs to the physical page: [ 29.647153] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 29.647460] flags: 0x200000000000000(node=0|zone=2) [ 29.647832] page_type: f5(slab) [ 29.648073] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.648629] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.649886] page dumped because: kasan: bad access detected [ 29.650215] [ 29.650328] Memory state around the buggy address: [ 29.650536] ffff888101892b00: 00 00 fc fc 00 04 fc fc 00 04 fc fc 00 00 fc fc [ 29.650802] ffff888101892b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.652479] >ffff888101892c00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 29.653842] ^ [ 29.654305] ffff888101892c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.654843] ffff888101892d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.655428] ================================================================== [ 29.692558] ================================================================== [ 29.692951] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 29.693942] Write of size 8 at addr ffff888101892c28 by task kunit_try_catch/290 [ 29.694613] [ 29.694820] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250619 #1 PREEMPT(voluntary) [ 29.694928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.694958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.695004] Call Trace: [ 29.695047] <TASK> [ 29.695083] dump_stack_lvl+0x73/0xb0 [ 29.695172] print_report+0xd1/0x650 [ 29.695217] ? __virt_addr_valid+0x1db/0x2d0 [ 29.695266] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 29.695322] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.695378] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 29.695436] kasan_report+0x141/0x180 [ 29.695487] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 29.695553] kasan_check_range+0x10c/0x1c0 [ 29.695609] __kasan_check_write+0x18/0x20 [ 29.695662] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 29.695711] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.695747] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.695776] ? trace_hardirqs_on+0x37/0xe0 [ 29.695802] ? kasan_bitops_generic+0x92/0x1c0 [ 29.695831] kasan_bitops_generic+0x116/0x1c0 [ 29.695857] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.695885] ? __pfx_read_tsc+0x10/0x10 [ 29.695917] ? ktime_get_ts64+0x86/0x230 [ 29.695956] kunit_try_run_case+0x1a5/0x480 [ 29.695984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.696009] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.696035] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.696060] ? __kthread_parkme+0x82/0x180 [ 29.696083] ? preempt_count_sub+0x50/0x80 [ 29.696290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.696319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.696346] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.696371] kthread+0x337/0x6f0 [ 29.696392] ? trace_preempt_on+0x20/0xc0 [ 29.696419] ? __pfx_kthread+0x10/0x10 [ 29.696441] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.696464] ? calculate_sigpending+0x7b/0xa0 [ 29.696491] ? __pfx_kthread+0x10/0x10 [ 29.696515] ret_from_fork+0x116/0x1d0 [ 29.696536] ? __pfx_kthread+0x10/0x10 [ 29.696559] ret_from_fork_asm+0x1a/0x30 [ 29.696591] </TASK> [ 29.696605] [ 29.707683] Allocated by task 290: [ 29.708186] kasan_save_stack+0x45/0x70 [ 29.708586] kasan_save_track+0x18/0x40 [ 29.708898] kasan_save_alloc_info+0x3b/0x50 [ 29.709258] __kasan_kmalloc+0xb7/0xc0 [ 29.709580] __kmalloc_cache_noprof+0x189/0x420 [ 29.710000] kasan_bitops_generic+0x92/0x1c0 [ 29.711013] kunit_try_run_case+0x1a5/0x480 [ 29.711350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.711571] kthread+0x337/0x6f0 [ 29.711744] ret_from_fork+0x116/0x1d0 [ 29.711919] ret_from_fork_asm+0x1a/0x30 [ 29.712136] [ 29.712245] The buggy address belongs to the object at ffff888101892c20 [ 29.712245] which belongs to the cache kmalloc-16 of size 16 [ 29.714827] The buggy address is located 8 bytes inside of [ 29.714827] allocated 9-byte region [ffff888101892c20, ffff888101892c29) [ 29.716070] [ 29.716348] The buggy address belongs to the physical page: [ 29.716555] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 29.717140] flags: 0x200000000000000(node=0|zone=2) [ 29.717482] page_type: f5(slab) [ 29.717690] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.718278] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.718622] page dumped because: kasan: bad access detected [ 29.719016] [ 29.719795] Memory state around the buggy address: [ 29.720051] ffff888101892b00: 00 00 fc fc 00 04 fc fc 00 04 fc fc 00 00 fc fc [ 29.720356] ffff888101892b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.721007] >ffff888101892c00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 29.721519] ^ [ 29.721761] ffff888101892c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.722479] ffff888101892d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.722732] ================================================================== [ 29.551762] ================================================================== [ 29.553513] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 29.554177] Write of size 8 at addr ffff888101892c28 by task kunit_try_catch/290 [ 29.555216] [ 29.555633] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250619 #1 PREEMPT(voluntary) [ 29.555760] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.555782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.555811] Call Trace: [ 29.555837] <TASK> [ 29.555863] dump_stack_lvl+0x73/0xb0 [ 29.555925] print_report+0xd1/0x650 [ 29.555958] ? __virt_addr_valid+0x1db/0x2d0 [ 29.556122] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 29.556157] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.556187] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 29.556216] kasan_report+0x141/0x180 [ 29.556241] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 29.556274] kasan_check_range+0x10c/0x1c0 [ 29.556300] __kasan_check_write+0x18/0x20 [ 29.556326] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 29.556354] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.556383] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.556410] ? trace_hardirqs_on+0x37/0xe0 [ 29.556436] ? kasan_bitops_generic+0x92/0x1c0 [ 29.556465] kasan_bitops_generic+0x116/0x1c0 [ 29.556492] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.556519] ? __pfx_read_tsc+0x10/0x10 [ 29.556543] ? ktime_get_ts64+0x86/0x230 [ 29.556571] kunit_try_run_case+0x1a5/0x480 [ 29.556600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.556624] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.556650] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.556675] ? __kthread_parkme+0x82/0x180 [ 29.556699] ? preempt_count_sub+0x50/0x80 [ 29.556725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.556751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.556775] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.556801] kthread+0x337/0x6f0 [ 29.556822] ? trace_preempt_on+0x20/0xc0 [ 29.556847] ? __pfx_kthread+0x10/0x10 [ 29.556870] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.556894] ? calculate_sigpending+0x7b/0xa0 [ 29.556934] ? __pfx_kthread+0x10/0x10 [ 29.556962] ret_from_fork+0x116/0x1d0 [ 29.556994] ? __pfx_kthread+0x10/0x10 [ 29.557018] ret_from_fork_asm+0x1a/0x30 [ 29.557051] </TASK> [ 29.557065] [ 29.572946] Allocated by task 290: [ 29.573832] kasan_save_stack+0x45/0x70 [ 29.574089] kasan_save_track+0x18/0x40 [ 29.574809] kasan_save_alloc_info+0x3b/0x50 [ 29.575364] __kasan_kmalloc+0xb7/0xc0 [ 29.575527] __kmalloc_cache_noprof+0x189/0x420 [ 29.575899] kasan_bitops_generic+0x92/0x1c0 [ 29.576366] kunit_try_run_case+0x1a5/0x480 [ 29.577271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.577476] kthread+0x337/0x6f0 [ 29.577582] ret_from_fork+0x116/0x1d0 [ 29.577674] ret_from_fork_asm+0x1a/0x30 [ 29.577767] [ 29.577822] The buggy address belongs to the object at ffff888101892c20 [ 29.577822] which belongs to the cache kmalloc-16 of size 16 [ 29.578574] The buggy address is located 8 bytes inside of [ 29.578574] allocated 9-byte region [ffff888101892c20, ffff888101892c29) [ 29.580142] [ 29.580325] The buggy address belongs to the physical page: [ 29.580746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 29.581711] flags: 0x200000000000000(node=0|zone=2) [ 29.581980] page_type: f5(slab) [ 29.582712] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.583508] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.584274] page dumped because: kasan: bad access detected [ 29.584607] [ 29.585681] Memory state around the buggy address: [ 29.585964] ffff888101892b00: 00 00 fc fc 00 04 fc fc 00 04 fc fc 00 00 fc fc [ 29.586274] ffff888101892b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.586807] >ffff888101892c00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 29.587640] ^ [ 29.587894] ffff888101892c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.588584] ffff888101892d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.589745] ================================================================== [ 29.723357] ================================================================== [ 29.723949] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 29.725443] Write of size 8 at addr ffff888101892c28 by task kunit_try_catch/290 [ 29.725885] [ 29.726033] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250619 #1 PREEMPT(voluntary) [ 29.726150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.726176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.726222] Call Trace: [ 29.726267] <TASK> [ 29.726312] dump_stack_lvl+0x73/0xb0 [ 29.726384] print_report+0xd1/0x650 [ 29.726575] ? __virt_addr_valid+0x1db/0x2d0 [ 29.726634] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 29.726690] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.726743] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 29.726789] kasan_report+0x141/0x180 [ 29.726836] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 29.726891] kasan_check_range+0x10c/0x1c0 [ 29.726934] __kasan_check_write+0x18/0x20 [ 29.726977] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 29.727021] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.727072] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.727134] ? trace_hardirqs_on+0x37/0xe0 [ 29.727180] ? kasan_bitops_generic+0x92/0x1c0 [ 29.727237] kasan_bitops_generic+0x116/0x1c0 [ 29.727289] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.727334] ? __pfx_read_tsc+0x10/0x10 [ 29.727373] ? ktime_get_ts64+0x86/0x230 [ 29.727422] kunit_try_run_case+0x1a5/0x480 [ 29.727474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.727516] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.727561] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.727611] ? __kthread_parkme+0x82/0x180 [ 29.727654] ? preempt_count_sub+0x50/0x80 [ 29.727702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.727752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.727804] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.727848] kthread+0x337/0x6f0 [ 29.727893] ? trace_preempt_on+0x20/0xc0 [ 29.728404] ? __pfx_kthread+0x10/0x10 [ 29.728452] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.728480] ? calculate_sigpending+0x7b/0xa0 [ 29.728508] ? __pfx_kthread+0x10/0x10 [ 29.728531] ret_from_fork+0x116/0x1d0 [ 29.728555] ? __pfx_kthread+0x10/0x10 [ 29.728578] ret_from_fork_asm+0x1a/0x30 [ 29.728611] </TASK> [ 29.728625] [ 29.739840] Allocated by task 290: [ 29.741267] kasan_save_stack+0x45/0x70 [ 29.741734] kasan_save_track+0x18/0x40 [ 29.742059] kasan_save_alloc_info+0x3b/0x50 [ 29.742409] __kasan_kmalloc+0xb7/0xc0 [ 29.742737] __kmalloc_cache_noprof+0x189/0x420 [ 29.743534] kasan_bitops_generic+0x92/0x1c0 [ 29.743940] kunit_try_run_case+0x1a5/0x480 [ 29.745748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.746603] kthread+0x337/0x6f0 [ 29.746911] ret_from_fork+0x116/0x1d0 [ 29.747323] ret_from_fork_asm+0x1a/0x30 [ 29.747602] [ 29.747717] The buggy address belongs to the object at ffff888101892c20 [ 29.747717] which belongs to the cache kmalloc-16 of size 16 [ 29.748885] The buggy address is located 8 bytes inside of [ 29.748885] allocated 9-byte region [ffff888101892c20, ffff888101892c29) [ 29.749850] [ 29.749967] The buggy address belongs to the physical page: [ 29.751481] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 29.752165] flags: 0x200000000000000(node=0|zone=2) [ 29.752564] page_type: f5(slab) [ 29.752794] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.753696] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.754413] page dumped because: kasan: bad access detected [ 29.754746] [ 29.754845] Memory state around the buggy address: [ 29.755290] ffff888101892b00: 00 00 fc fc 00 04 fc fc 00 04 fc fc 00 00 fc fc [ 29.756702] ffff888101892b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.756946] >ffff888101892c00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 29.757939] ^ [ 29.758158] ffff888101892c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.759097] ffff888101892d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.759384] ================================================================== [ 29.590673] ================================================================== [ 29.591880] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 29.592467] Write of size 8 at addr ffff888101892c28 by task kunit_try_catch/290 [ 29.592804] [ 29.592953] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250619 #1 PREEMPT(voluntary) [ 29.593059] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.593089] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.593148] Call Trace: [ 29.593190] <TASK> [ 29.593219] dump_stack_lvl+0x73/0xb0 [ 29.593265] print_report+0xd1/0x650 [ 29.593292] ? __virt_addr_valid+0x1db/0x2d0 [ 29.593325] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 29.593374] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.593404] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 29.593432] kasan_report+0x141/0x180 [ 29.593457] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 29.593489] kasan_check_range+0x10c/0x1c0 [ 29.593515] __kasan_check_write+0x18/0x20 [ 29.593541] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 29.593569] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.593597] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.593625] ? trace_hardirqs_on+0x37/0xe0 [ 29.593650] ? kasan_bitops_generic+0x92/0x1c0 [ 29.593679] kasan_bitops_generic+0x116/0x1c0 [ 29.593705] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.593732] ? __pfx_read_tsc+0x10/0x10 [ 29.593756] ? ktime_get_ts64+0x86/0x230 [ 29.593785] kunit_try_run_case+0x1a5/0x480 [ 29.593814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.593839] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.593865] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.593890] ? __kthread_parkme+0x82/0x180 [ 29.593925] ? preempt_count_sub+0x50/0x80 [ 29.593958] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.593983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.594010] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.594035] kthread+0x337/0x6f0 [ 29.594057] ? trace_preempt_on+0x20/0xc0 [ 29.594081] ? __pfx_kthread+0x10/0x10 [ 29.594303] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.594368] ? calculate_sigpending+0x7b/0xa0 [ 29.594409] ? __pfx_kthread+0x10/0x10 [ 29.594444] ret_from_fork+0x116/0x1d0 [ 29.594478] ? __pfx_kthread+0x10/0x10 [ 29.594511] ret_from_fork_asm+0x1a/0x30 [ 29.594562] </TASK> [ 29.594583] [ 29.607791] Allocated by task 290: [ 29.609033] kasan_save_stack+0x45/0x70 [ 29.609484] kasan_save_track+0x18/0x40 [ 29.609823] kasan_save_alloc_info+0x3b/0x50 [ 29.610739] __kasan_kmalloc+0xb7/0xc0 [ 29.610961] __kmalloc_cache_noprof+0x189/0x420 [ 29.611357] kasan_bitops_generic+0x92/0x1c0 [ 29.611575] kunit_try_run_case+0x1a5/0x480 [ 29.611911] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.612140] kthread+0x337/0x6f0 [ 29.612457] ret_from_fork+0x116/0x1d0 [ 29.612779] ret_from_fork_asm+0x1a/0x30 [ 29.613915] [ 29.614050] The buggy address belongs to the object at ffff888101892c20 [ 29.614050] which belongs to the cache kmalloc-16 of size 16 [ 29.614817] The buggy address is located 8 bytes inside of [ 29.614817] allocated 9-byte region [ffff888101892c20, ffff888101892c29) [ 29.615847] [ 29.616273] The buggy address belongs to the physical page: [ 29.616584] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 29.617844] flags: 0x200000000000000(node=0|zone=2) [ 29.618076] page_type: f5(slab) [ 29.618385] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.618947] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.619412] page dumped because: kasan: bad access detected [ 29.619720] [ 29.619825] Memory state around the buggy address: [ 29.620515] ffff888101892b00: 00 00 fc fc 00 04 fc fc 00 04 fc fc 00 00 fc fc [ 29.620911] ffff888101892b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.621266] >ffff888101892c00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 29.621772] ^ [ 29.621956] ffff888101892c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.622957] ffff888101892d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.623464] ================================================================== [ 29.658355] ================================================================== [ 29.658724] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 29.659855] Write of size 8 at addr ffff888101892c28 by task kunit_try_catch/290 [ 29.660497] [ 29.660675] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250619 #1 PREEMPT(voluntary) [ 29.660786] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.660809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.660856] Call Trace: [ 29.660931] <TASK> [ 29.661127] dump_stack_lvl+0x73/0xb0 [ 29.661223] print_report+0xd1/0x650 [ 29.661272] ? __virt_addr_valid+0x1db/0x2d0 [ 29.661316] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 29.661347] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.661376] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 29.661404] kasan_report+0x141/0x180 [ 29.661429] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 29.661462] kasan_check_range+0x10c/0x1c0 [ 29.661488] __kasan_check_write+0x18/0x20 [ 29.661513] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 29.661541] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.661570] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.661596] ? trace_hardirqs_on+0x37/0xe0 [ 29.661621] ? kasan_bitops_generic+0x92/0x1c0 [ 29.661649] kasan_bitops_generic+0x116/0x1c0 [ 29.661676] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.661702] ? __pfx_read_tsc+0x10/0x10 [ 29.661726] ? ktime_get_ts64+0x86/0x230 [ 29.661754] kunit_try_run_case+0x1a5/0x480 [ 29.661783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.661809] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.661835] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.661859] ? __kthread_parkme+0x82/0x180 [ 29.661883] ? preempt_count_sub+0x50/0x80 [ 29.661934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.661976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.662096] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.662143] kthread+0x337/0x6f0 [ 29.662166] ? trace_preempt_on+0x20/0xc0 [ 29.662193] ? __pfx_kthread+0x10/0x10 [ 29.662217] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.662240] ? calculate_sigpending+0x7b/0xa0 [ 29.662269] ? __pfx_kthread+0x10/0x10 [ 29.662292] ret_from_fork+0x116/0x1d0 [ 29.662314] ? __pfx_kthread+0x10/0x10 [ 29.662337] ret_from_fork_asm+0x1a/0x30 [ 29.662371] </TASK> [ 29.662385] [ 29.674323] Allocated by task 290: [ 29.674691] kasan_save_stack+0x45/0x70 [ 29.675590] kasan_save_track+0x18/0x40 [ 29.675917] kasan_save_alloc_info+0x3b/0x50 [ 29.676342] __kasan_kmalloc+0xb7/0xc0 [ 29.676540] __kmalloc_cache_noprof+0x189/0x420 [ 29.676744] kasan_bitops_generic+0x92/0x1c0 [ 29.676933] kunit_try_run_case+0x1a5/0x480 [ 29.677133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.677356] kthread+0x337/0x6f0 [ 29.677663] ret_from_fork+0x116/0x1d0 [ 29.678085] ret_from_fork_asm+0x1a/0x30 [ 29.678464] [ 29.678642] The buggy address belongs to the object at ffff888101892c20 [ 29.678642] which belongs to the cache kmalloc-16 of size 16 [ 29.680517] The buggy address is located 8 bytes inside of [ 29.680517] allocated 9-byte region [ffff888101892c20, ffff888101892c29) [ 29.681421] [ 29.681605] The buggy address belongs to the physical page: [ 29.682012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 29.683473] flags: 0x200000000000000(node=0|zone=2) [ 29.683732] page_type: f5(slab) [ 29.684044] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.684438] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.684830] page dumped because: kasan: bad access detected [ 29.686432] [ 29.686604] Memory state around the buggy address: [ 29.686960] ffff888101892b00: 00 00 fc fc 00 04 fc fc 00 04 fc fc 00 00 fc fc [ 29.687900] ffff888101892b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.688623] >ffff888101892c00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 29.689144] ^ [ 29.689436] ffff888101892c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.689851] ffff888101892d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.691006] ================================================================== [ 29.482865] ================================================================== [ 29.483607] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 29.484208] Write of size 8 at addr ffff888101892c28 by task kunit_try_catch/290 [ 29.484856] [ 29.485034] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250619 #1 PREEMPT(voluntary) [ 29.485161] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.485188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.485233] Call Trace: [ 29.485321] <TASK> [ 29.485364] dump_stack_lvl+0x73/0xb0 [ 29.485498] print_report+0xd1/0x650 [ 29.485593] ? __virt_addr_valid+0x1db/0x2d0 [ 29.485830] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 29.485916] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.485971] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 29.486027] kasan_report+0x141/0x180 [ 29.486080] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 29.486152] kasan_check_range+0x10c/0x1c0 [ 29.486197] __kasan_check_write+0x18/0x20 [ 29.486229] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 29.486260] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 29.486289] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.486319] ? trace_hardirqs_on+0x37/0xe0 [ 29.486346] ? kasan_bitops_generic+0x92/0x1c0 [ 29.486375] kasan_bitops_generic+0x116/0x1c0 [ 29.486400] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.486427] ? __pfx_read_tsc+0x10/0x10 [ 29.486452] ? ktime_get_ts64+0x86/0x230 [ 29.486481] kunit_try_run_case+0x1a5/0x480 [ 29.486511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.486535] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.486561] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.486587] ? __kthread_parkme+0x82/0x180 [ 29.486611] ? preempt_count_sub+0x50/0x80 [ 29.486638] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.486663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.486688] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.486713] kthread+0x337/0x6f0 [ 29.486734] ? trace_preempt_on+0x20/0xc0 [ 29.486758] ? __pfx_kthread+0x10/0x10 [ 29.486780] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.486804] ? calculate_sigpending+0x7b/0xa0 [ 29.486831] ? __pfx_kthread+0x10/0x10 [ 29.486854] ret_from_fork+0x116/0x1d0 [ 29.486875] ? __pfx_kthread+0x10/0x10 [ 29.486899] ret_from_fork_asm+0x1a/0x30 [ 29.486979] </TASK> [ 29.487001] [ 29.499774] Allocated by task 290: [ 29.500488] kasan_save_stack+0x45/0x70 [ 29.500909] kasan_save_track+0x18/0x40 [ 29.501601] kasan_save_alloc_info+0x3b/0x50 [ 29.502268] __kasan_kmalloc+0xb7/0xc0 [ 29.502624] __kmalloc_cache_noprof+0x189/0x420 [ 29.503248] kasan_bitops_generic+0x92/0x1c0 [ 29.503659] kunit_try_run_case+0x1a5/0x480 [ 29.503905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.504612] kthread+0x337/0x6f0 [ 29.504944] ret_from_fork+0x116/0x1d0 [ 29.505463] ret_from_fork_asm+0x1a/0x30 [ 29.505680] [ 29.505789] The buggy address belongs to the object at ffff888101892c20 [ 29.505789] which belongs to the cache kmalloc-16 of size 16 [ 29.506619] The buggy address is located 8 bytes inside of [ 29.506619] allocated 9-byte region [ffff888101892c20, ffff888101892c29) [ 29.507949] [ 29.508335] The buggy address belongs to the physical page: [ 29.508787] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 29.509497] flags: 0x200000000000000(node=0|zone=2) [ 29.510031] page_type: f5(slab) [ 29.510276] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.510959] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.511550] page dumped because: kasan: bad access detected [ 29.512265] [ 29.512441] Memory state around the buggy address: [ 29.513330] ffff888101892b00: 00 00 fc fc 00 04 fc fc 00 04 fc fc 00 00 fc fc [ 29.513760] ffff888101892b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.514346] >ffff888101892c00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 29.514891] ^ [ 29.515150] ffff888101892c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.515567] ffff888101892d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.516414] ==================================================================