Date
June 20, 2025, 12:38 p.m.
| Environment | |
|---|---|
| qemu-x86_64 |
[ 28.143278] ================================================================== [ 28.144829] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 28.145274] Write of size 8 at addr ffff8881022cf748 by task kunit_try_catch/290 [ 28.145799] [ 28.146010] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250620 #1 PREEMPT(voluntary) [ 28.146125] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.146153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.146198] Call Trace: [ 28.146241] <TASK> [ 28.146285] dump_stack_lvl+0x73/0xb0 [ 28.146355] print_report+0xd1/0x650 [ 28.146409] ? __virt_addr_valid+0x1db/0x2d0 [ 28.146476] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 28.146535] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.146594] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 28.146651] kasan_report+0x141/0x180 [ 28.146701] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 28.146771] kasan_check_range+0x10c/0x1c0 [ 28.146824] __kasan_check_write+0x18/0x20 [ 28.146878] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 28.146935] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.146996] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.147051] ? trace_hardirqs_on+0x37/0xe0 [ 28.147098] ? kasan_bitops_generic+0x92/0x1c0 [ 28.147161] kasan_bitops_generic+0x116/0x1c0 [ 28.147213] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.147271] ? __pfx_read_tsc+0x10/0x10 [ 28.147320] ? ktime_get_ts64+0x86/0x230 [ 28.147379] kunit_try_run_case+0x1a5/0x480 [ 28.147447] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.147491] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.147535] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.147583] ? __kthread_parkme+0x82/0x180 [ 28.147629] ? preempt_count_sub+0x50/0x80 [ 28.147681] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.147734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.147785] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.147836] kthread+0x337/0x6f0 [ 28.147878] ? trace_preempt_on+0x20/0xc0 [ 28.147927] ? __pfx_kthread+0x10/0x10 [ 28.147972] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.148019] ? calculate_sigpending+0x7b/0xa0 [ 28.148073] ? __pfx_kthread+0x10/0x10 [ 28.148120] ret_from_fork+0x116/0x1d0 [ 28.148162] ? __pfx_kthread+0x10/0x10 [ 28.148207] ret_from_fork_asm+0x1a/0x30 [ 28.148276] </TASK> [ 28.148303] [ 28.161907] Allocated by task 290: [ 28.162142] kasan_save_stack+0x45/0x70 [ 28.162515] kasan_save_track+0x18/0x40 [ 28.162827] kasan_save_alloc_info+0x3b/0x50 [ 28.163185] __kasan_kmalloc+0xb7/0xc0 [ 28.163379] __kmalloc_cache_noprof+0x189/0x420 [ 28.163581] kasan_bitops_generic+0x92/0x1c0 [ 28.163768] kunit_try_run_case+0x1a5/0x480 [ 28.163953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.164182] kthread+0x337/0x6f0 [ 28.164488] ret_from_fork+0x116/0x1d0 [ 28.164916] ret_from_fork_asm+0x1a/0x30 [ 28.165244] [ 28.165470] The buggy address belongs to the object at ffff8881022cf740 [ 28.165470] which belongs to the cache kmalloc-16 of size 16 [ 28.166387] The buggy address is located 8 bytes inside of [ 28.166387] allocated 9-byte region [ffff8881022cf740, ffff8881022cf749) [ 28.167061] [ 28.167202] The buggy address belongs to the physical page: [ 28.167571] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022cf [ 28.167950] flags: 0x200000000000000(node=0|zone=2) [ 28.168187] page_type: f5(slab) [ 28.168487] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.169040] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.169598] page dumped because: kasan: bad access detected [ 28.169810] [ 28.169910] Memory state around the buggy address: [ 28.170121] ffff8881022cf600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.170382] ffff8881022cf680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.170653] >ffff8881022cf700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 28.170909] ^ [ 28.171125] ffff8881022cf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.171384] ffff8881022cf800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.171937] ================================================================== [ 28.062410] ================================================================== [ 28.063208] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 28.063935] Write of size 8 at addr ffff8881022cf748 by task kunit_try_catch/290 [ 28.064526] [ 28.064757] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250620 #1 PREEMPT(voluntary) [ 28.064871] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.064901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.064954] Call Trace: [ 28.064998] <TASK> [ 28.065042] dump_stack_lvl+0x73/0xb0 [ 28.065109] print_report+0xd1/0x650 [ 28.065163] ? __virt_addr_valid+0x1db/0x2d0 [ 28.065207] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 28.065263] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.065323] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 28.065381] kasan_report+0x141/0x180 [ 28.065433] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 28.065587] kasan_check_range+0x10c/0x1c0 [ 28.065643] __kasan_check_write+0x18/0x20 [ 28.065697] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 28.065754] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.065811] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.065868] ? trace_hardirqs_on+0x37/0xe0 [ 28.065919] ? kasan_bitops_generic+0x92/0x1c0 [ 28.065981] kasan_bitops_generic+0x116/0x1c0 [ 28.066047] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.066103] ? __pfx_read_tsc+0x10/0x10 [ 28.066154] ? ktime_get_ts64+0x86/0x230 [ 28.066217] kunit_try_run_case+0x1a5/0x480 [ 28.066277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.066328] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.066380] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.066433] ? __kthread_parkme+0x82/0x180 [ 28.066485] ? preempt_count_sub+0x50/0x80 [ 28.066526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.066567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.066609] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.066649] kthread+0x337/0x6f0 [ 28.066680] ? trace_preempt_on+0x20/0xc0 [ 28.066718] ? __pfx_kthread+0x10/0x10 [ 28.066751] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.066787] ? calculate_sigpending+0x7b/0xa0 [ 28.066833] ? __pfx_kthread+0x10/0x10 [ 28.066873] ret_from_fork+0x116/0x1d0 [ 28.066910] ? __pfx_kthread+0x10/0x10 [ 28.066949] ret_from_fork_asm+0x1a/0x30 [ 28.067017] </TASK> [ 28.067044] [ 28.077469] Allocated by task 290: [ 28.077799] kasan_save_stack+0x45/0x70 [ 28.078090] kasan_save_track+0x18/0x40 [ 28.078428] kasan_save_alloc_info+0x3b/0x50 [ 28.078645] __kasan_kmalloc+0xb7/0xc0 [ 28.078817] __kmalloc_cache_noprof+0x189/0x420 [ 28.079024] kasan_bitops_generic+0x92/0x1c0 [ 28.079331] kunit_try_run_case+0x1a5/0x480 [ 28.079681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.080109] kthread+0x337/0x6f0 [ 28.080310] ret_from_fork+0x116/0x1d0 [ 28.080533] ret_from_fork_asm+0x1a/0x30 [ 28.080718] [ 28.080821] The buggy address belongs to the object at ffff8881022cf740 [ 28.080821] which belongs to the cache kmalloc-16 of size 16 [ 28.081392] The buggy address is located 8 bytes inside of [ 28.081392] allocated 9-byte region [ffff8881022cf740, ffff8881022cf749) [ 28.082279] [ 28.082465] The buggy address belongs to the physical page: [ 28.082768] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022cf [ 28.083066] flags: 0x200000000000000(node=0|zone=2) [ 28.083594] page_type: f5(slab) [ 28.083876] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.084253] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.084514] page dumped because: kasan: bad access detected [ 28.084724] [ 28.084818] Memory state around the buggy address: [ 28.085016] ffff8881022cf600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.085508] ffff8881022cf680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.086276] >ffff8881022cf700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 28.086817] ^ [ 28.087225] ffff8881022cf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.087729] ffff8881022cf800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.088095] ================================================================== [ 28.036449] ================================================================== [ 28.037050] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 28.037510] Write of size 8 at addr ffff8881022cf748 by task kunit_try_catch/290 [ 28.038086] [ 28.038411] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250620 #1 PREEMPT(voluntary) [ 28.038533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.038580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.038626] Call Trace: [ 28.038667] <TASK> [ 28.038702] dump_stack_lvl+0x73/0xb0 [ 28.038757] print_report+0xd1/0x650 [ 28.038792] ? __virt_addr_valid+0x1db/0x2d0 [ 28.038831] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 28.038867] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.038912] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 28.038954] kasan_report+0x141/0x180 [ 28.038988] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 28.039032] kasan_check_range+0x10c/0x1c0 [ 28.039067] __kasan_check_write+0x18/0x20 [ 28.039102] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 28.039141] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.039228] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.039277] ? trace_hardirqs_on+0x37/0xe0 [ 28.039326] ? kasan_bitops_generic+0x92/0x1c0 [ 28.039389] kasan_bitops_generic+0x116/0x1c0 [ 28.039436] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.039497] ? __pfx_read_tsc+0x10/0x10 [ 28.039540] ? ktime_get_ts64+0x86/0x230 [ 28.039626] kunit_try_run_case+0x1a5/0x480 [ 28.039695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.039747] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.039811] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.039873] ? __kthread_parkme+0x82/0x180 [ 28.039931] ? preempt_count_sub+0x50/0x80 [ 28.039982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.040046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.040098] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.040210] kthread+0x337/0x6f0 [ 28.040269] ? trace_preempt_on+0x20/0xc0 [ 28.040312] ? __pfx_kthread+0x10/0x10 [ 28.040351] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.040390] ? calculate_sigpending+0x7b/0xa0 [ 28.040449] ? __pfx_kthread+0x10/0x10 [ 28.040500] ret_from_fork+0x116/0x1d0 [ 28.040546] ? __pfx_kthread+0x10/0x10 [ 28.040595] ret_from_fork_asm+0x1a/0x30 [ 28.040664] </TASK> [ 28.040692] [ 28.050878] Allocated by task 290: [ 28.051229] kasan_save_stack+0x45/0x70 [ 28.051673] kasan_save_track+0x18/0x40 [ 28.051984] kasan_save_alloc_info+0x3b/0x50 [ 28.052255] __kasan_kmalloc+0xb7/0xc0 [ 28.052467] __kmalloc_cache_noprof+0x189/0x420 [ 28.052710] kasan_bitops_generic+0x92/0x1c0 [ 28.052932] kunit_try_run_case+0x1a5/0x480 [ 28.053178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.053450] kthread+0x337/0x6f0 [ 28.053721] ret_from_fork+0x116/0x1d0 [ 28.054044] ret_from_fork_asm+0x1a/0x30 [ 28.054420] [ 28.054634] The buggy address belongs to the object at ffff8881022cf740 [ 28.054634] which belongs to the cache kmalloc-16 of size 16 [ 28.055482] The buggy address is located 8 bytes inside of [ 28.055482] allocated 9-byte region [ffff8881022cf740, ffff8881022cf749) [ 28.056379] [ 28.056498] The buggy address belongs to the physical page: [ 28.056716] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022cf [ 28.056993] flags: 0x200000000000000(node=0|zone=2) [ 28.057238] page_type: f5(slab) [ 28.057599] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.058340] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.059010] page dumped because: kasan: bad access detected [ 28.059426] [ 28.059577] Memory state around the buggy address: [ 28.059892] ffff8881022cf600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.060271] ffff8881022cf680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.060586] >ffff8881022cf700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 28.060841] ^ [ 28.061054] ffff8881022cf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.061311] ffff8881022cf800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.061571] ================================================================== [ 28.007816] ================================================================== [ 28.008325] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 28.008666] Write of size 8 at addr ffff8881022cf748 by task kunit_try_catch/290 [ 28.009900] [ 28.010132] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250620 #1 PREEMPT(voluntary) [ 28.010399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.010452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.010563] Call Trace: [ 28.010595] <TASK> [ 28.010621] dump_stack_lvl+0x73/0xb0 [ 28.010669] print_report+0xd1/0x650 [ 28.010695] ? __virt_addr_valid+0x1db/0x2d0 [ 28.010723] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 28.010752] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.010781] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 28.010809] kasan_report+0x141/0x180 [ 28.010832] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 28.010864] kasan_check_range+0x10c/0x1c0 [ 28.010891] __kasan_check_write+0x18/0x20 [ 28.010915] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 28.010943] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.010973] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.010999] ? trace_hardirqs_on+0x37/0xe0 [ 28.011024] ? kasan_bitops_generic+0x92/0x1c0 [ 28.011054] kasan_bitops_generic+0x116/0x1c0 [ 28.011079] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.011106] ? __pfx_read_tsc+0x10/0x10 [ 28.011129] ? ktime_get_ts64+0x86/0x230 [ 28.011189] kunit_try_run_case+0x1a5/0x480 [ 28.011223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.011247] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.011273] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.011298] ? __kthread_parkme+0x82/0x180 [ 28.011321] ? preempt_count_sub+0x50/0x80 [ 28.011347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.011373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.011397] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.011422] kthread+0x337/0x6f0 [ 28.011462] ? trace_preempt_on+0x20/0xc0 [ 28.011490] ? __pfx_kthread+0x10/0x10 [ 28.011512] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.011534] ? calculate_sigpending+0x7b/0xa0 [ 28.011561] ? __pfx_kthread+0x10/0x10 [ 28.011584] ret_from_fork+0x116/0x1d0 [ 28.011604] ? __pfx_kthread+0x10/0x10 [ 28.011626] ret_from_fork_asm+0x1a/0x30 [ 28.011658] </TASK> [ 28.011672] [ 28.022592] Allocated by task 290: [ 28.022790] kasan_save_stack+0x45/0x70 [ 28.023220] kasan_save_track+0x18/0x40 [ 28.023593] kasan_save_alloc_info+0x3b/0x50 [ 28.023987] __kasan_kmalloc+0xb7/0xc0 [ 28.024344] __kmalloc_cache_noprof+0x189/0x420 [ 28.024744] kasan_bitops_generic+0x92/0x1c0 [ 28.025116] kunit_try_run_case+0x1a5/0x480 [ 28.025533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.025786] kthread+0x337/0x6f0 [ 28.025963] ret_from_fork+0x116/0x1d0 [ 28.026182] ret_from_fork_asm+0x1a/0x30 [ 28.026373] [ 28.026556] The buggy address belongs to the object at ffff8881022cf740 [ 28.026556] which belongs to the cache kmalloc-16 of size 16 [ 28.027465] The buggy address is located 8 bytes inside of [ 28.027465] allocated 9-byte region [ffff8881022cf740, ffff8881022cf749) [ 28.028367] [ 28.028571] The buggy address belongs to the physical page: [ 28.028869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022cf [ 28.029203] flags: 0x200000000000000(node=0|zone=2) [ 28.029589] page_type: f5(slab) [ 28.029894] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.030539] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.031133] page dumped because: kasan: bad access detected [ 28.031495] [ 28.031597] Memory state around the buggy address: [ 28.031924] ffff8881022cf600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.032508] ffff8881022cf680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.032815] >ffff8881022cf700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 28.033106] ^ [ 28.033545] ffff8881022cf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.034031] ffff8881022cf800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.034574] ================================================================== [ 28.174293] ================================================================== [ 28.175083] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 28.175746] Write of size 8 at addr ffff8881022cf748 by task kunit_try_catch/290 [ 28.176310] [ 28.176535] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250620 #1 PREEMPT(voluntary) [ 28.176643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.176674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.176723] Call Trace: [ 28.176764] <TASK> [ 28.176808] dump_stack_lvl+0x73/0xb0 [ 28.176872] print_report+0xd1/0x650 [ 28.176920] ? __virt_addr_valid+0x1db/0x2d0 [ 28.176976] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 28.177033] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.177088] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 28.177145] kasan_report+0x141/0x180 [ 28.177189] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 28.177248] kasan_check_range+0x10c/0x1c0 [ 28.177302] __kasan_check_write+0x18/0x20 [ 28.177357] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 28.177416] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.177487] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.177534] ? trace_hardirqs_on+0x37/0xe0 [ 28.177584] ? kasan_bitops_generic+0x92/0x1c0 [ 28.177644] kasan_bitops_generic+0x116/0x1c0 [ 28.177699] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.177756] ? __pfx_read_tsc+0x10/0x10 [ 28.177805] ? ktime_get_ts64+0x86/0x230 [ 28.177867] kunit_try_run_case+0x1a5/0x480 [ 28.177923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.177976] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.178040] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.178093] ? __kthread_parkme+0x82/0x180 [ 28.178146] ? preempt_count_sub+0x50/0x80 [ 28.178191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.178240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.178290] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.178340] kthread+0x337/0x6f0 [ 28.178384] ? trace_preempt_on+0x20/0xc0 [ 28.178436] ? __pfx_kthread+0x10/0x10 [ 28.178496] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.178544] ? calculate_sigpending+0x7b/0xa0 [ 28.178599] ? __pfx_kthread+0x10/0x10 [ 28.178652] ret_from_fork+0x116/0x1d0 [ 28.178697] ? __pfx_kthread+0x10/0x10 [ 28.178746] ret_from_fork_asm+0x1a/0x30 [ 28.178819] </TASK> [ 28.178846] [ 28.192421] Allocated by task 290: [ 28.192817] kasan_save_stack+0x45/0x70 [ 28.193216] kasan_save_track+0x18/0x40 [ 28.193519] kasan_save_alloc_info+0x3b/0x50 [ 28.193889] __kasan_kmalloc+0xb7/0xc0 [ 28.194092] __kmalloc_cache_noprof+0x189/0x420 [ 28.196859] kasan_bitops_generic+0x92/0x1c0 [ 28.197388] kunit_try_run_case+0x1a5/0x480 [ 28.197603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.197822] kthread+0x337/0x6f0 [ 28.197990] ret_from_fork+0x116/0x1d0 [ 28.199027] ret_from_fork_asm+0x1a/0x30 [ 28.199753] [ 28.200210] The buggy address belongs to the object at ffff8881022cf740 [ 28.200210] which belongs to the cache kmalloc-16 of size 16 [ 28.201397] The buggy address is located 8 bytes inside of [ 28.201397] allocated 9-byte region [ffff8881022cf740, ffff8881022cf749) [ 28.202359] [ 28.203249] The buggy address belongs to the physical page: [ 28.203802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022cf [ 28.204251] flags: 0x200000000000000(node=0|zone=2) [ 28.204561] page_type: f5(slab) [ 28.204842] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.205283] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.205728] page dumped because: kasan: bad access detected [ 28.206035] [ 28.206212] Memory state around the buggy address: [ 28.206589] ffff8881022cf600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.206914] ffff8881022cf680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.207549] >ffff8881022cf700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 28.207898] ^ [ 28.208155] ffff8881022cf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.208696] ffff8881022cf800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.209139] ================================================================== [ 28.115111] ================================================================== [ 28.115770] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 28.116477] Write of size 8 at addr ffff8881022cf748 by task kunit_try_catch/290 [ 28.116945] [ 28.117094] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250620 #1 PREEMPT(voluntary) [ 28.117194] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.117217] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.117260] Call Trace: [ 28.117300] <TASK> [ 28.117339] dump_stack_lvl+0x73/0xb0 [ 28.117407] print_report+0xd1/0x650 [ 28.117462] ? __virt_addr_valid+0x1db/0x2d0 [ 28.117513] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 28.117570] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.117629] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 28.117686] kasan_report+0x141/0x180 [ 28.117735] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 28.117803] kasan_check_range+0x10c/0x1c0 [ 28.117858] __kasan_check_write+0x18/0x20 [ 28.117911] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 28.117972] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.118042] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.118101] ? trace_hardirqs_on+0x37/0xe0 [ 28.118154] ? kasan_bitops_generic+0x92/0x1c0 [ 28.118215] kasan_bitops_generic+0x116/0x1c0 [ 28.118268] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.118325] ? __pfx_read_tsc+0x10/0x10 [ 28.118373] ? ktime_get_ts64+0x86/0x230 [ 28.118430] kunit_try_run_case+0x1a5/0x480 [ 28.118486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.118519] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.118554] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.118587] ? __kthread_parkme+0x82/0x180 [ 28.118617] ? preempt_count_sub+0x50/0x80 [ 28.118652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.118687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.118724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.118764] kthread+0x337/0x6f0 [ 28.118797] ? trace_preempt_on+0x20/0xc0 [ 28.118842] ? __pfx_kthread+0x10/0x10 [ 28.118885] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.118929] ? calculate_sigpending+0x7b/0xa0 [ 28.118982] ? __pfx_kthread+0x10/0x10 [ 28.119029] ret_from_fork+0x116/0x1d0 [ 28.119073] ? __pfx_kthread+0x10/0x10 [ 28.119121] ret_from_fork_asm+0x1a/0x30 [ 28.119194] </TASK> [ 28.119222] [ 28.131053] Allocated by task 290: [ 28.131418] kasan_save_stack+0x45/0x70 [ 28.131799] kasan_save_track+0x18/0x40 [ 28.132106] kasan_save_alloc_info+0x3b/0x50 [ 28.132462] __kasan_kmalloc+0xb7/0xc0 [ 28.132644] __kmalloc_cache_noprof+0x189/0x420 [ 28.132849] kasan_bitops_generic+0x92/0x1c0 [ 28.133043] kunit_try_run_case+0x1a5/0x480 [ 28.133234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.133464] kthread+0x337/0x6f0 [ 28.133634] ret_from_fork+0x116/0x1d0 [ 28.133811] ret_from_fork_asm+0x1a/0x30 [ 28.133987] [ 28.134105] The buggy address belongs to the object at ffff8881022cf740 [ 28.134105] which belongs to the cache kmalloc-16 of size 16 [ 28.134611] The buggy address is located 8 bytes inside of [ 28.134611] allocated 9-byte region [ffff8881022cf740, ffff8881022cf749) [ 28.135453] [ 28.135677] The buggy address belongs to the physical page: [ 28.136099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022cf [ 28.136663] flags: 0x200000000000000(node=0|zone=2) [ 28.137020] page_type: f5(slab) [ 28.137305] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.137834] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.138500] page dumped because: kasan: bad access detected [ 28.138893] [ 28.139059] Memory state around the buggy address: [ 28.139521] ffff8881022cf600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.139837] ffff8881022cf680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.140124] >ffff8881022cf700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 28.140591] ^ [ 28.140861] ffff8881022cf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.141119] ffff8881022cf800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.141646] ================================================================== [ 28.089596] ================================================================== [ 28.089915] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 28.090597] Write of size 8 at addr ffff8881022cf748 by task kunit_try_catch/290 [ 28.090980] [ 28.091129] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250620 #1 PREEMPT(voluntary) [ 28.091227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.091256] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.091306] Call Trace: [ 28.091350] <TASK> [ 28.091392] dump_stack_lvl+0x73/0xb0 [ 28.091466] print_report+0xd1/0x650 [ 28.091510] ? __virt_addr_valid+0x1db/0x2d0 [ 28.091558] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 28.091605] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.091650] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 28.091689] kasan_report+0x141/0x180 [ 28.091725] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 28.091776] kasan_check_range+0x10c/0x1c0 [ 28.091820] __kasan_check_write+0x18/0x20 [ 28.091866] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 28.091913] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.091966] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.092017] ? trace_hardirqs_on+0x37/0xe0 [ 28.092064] ? kasan_bitops_generic+0x92/0x1c0 [ 28.092126] kasan_bitops_generic+0x116/0x1c0 [ 28.092170] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.092217] ? __pfx_read_tsc+0x10/0x10 [ 28.092264] ? ktime_get_ts64+0x86/0x230 [ 28.092315] kunit_try_run_case+0x1a5/0x480 [ 28.092360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.092404] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.092467] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.092513] ? __kthread_parkme+0x82/0x180 [ 28.092558] ? preempt_count_sub+0x50/0x80 [ 28.092606] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.092656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.092712] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.092764] kthread+0x337/0x6f0 [ 28.092812] ? trace_preempt_on+0x20/0xc0 [ 28.092863] ? __pfx_kthread+0x10/0x10 [ 28.092913] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.092961] ? calculate_sigpending+0x7b/0xa0 [ 28.093016] ? __pfx_kthread+0x10/0x10 [ 28.093066] ret_from_fork+0x116/0x1d0 [ 28.093112] ? __pfx_kthread+0x10/0x10 [ 28.093157] ret_from_fork_asm+0x1a/0x30 [ 28.093231] </TASK> [ 28.093259] [ 28.102940] Allocated by task 290: [ 28.103147] kasan_save_stack+0x45/0x70 [ 28.103515] kasan_save_track+0x18/0x40 [ 28.103948] kasan_save_alloc_info+0x3b/0x50 [ 28.104354] __kasan_kmalloc+0xb7/0xc0 [ 28.104671] __kmalloc_cache_noprof+0x189/0x420 [ 28.105033] kasan_bitops_generic+0x92/0x1c0 [ 28.105504] kunit_try_run_case+0x1a5/0x480 [ 28.105743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.106068] kthread+0x337/0x6f0 [ 28.106423] ret_from_fork+0x116/0x1d0 [ 28.106650] ret_from_fork_asm+0x1a/0x30 [ 28.106903] [ 28.107009] The buggy address belongs to the object at ffff8881022cf740 [ 28.107009] which belongs to the cache kmalloc-16 of size 16 [ 28.107881] The buggy address is located 8 bytes inside of [ 28.107881] allocated 9-byte region [ffff8881022cf740, ffff8881022cf749) [ 28.108575] [ 28.108753] The buggy address belongs to the physical page: [ 28.109021] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022cf [ 28.109673] flags: 0x200000000000000(node=0|zone=2) [ 28.109924] page_type: f5(slab) [ 28.110142] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.110547] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.111050] page dumped because: kasan: bad access detected [ 28.111242] [ 28.111336] Memory state around the buggy address: [ 28.111537] ffff8881022cf600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.111787] ffff8881022cf680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.112048] >ffff8881022cf700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 28.112302] ^ [ 28.112607] ffff8881022cf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.113146] ffff8881022cf800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.113740] ================================================================== [ 27.971414] ================================================================== [ 27.972002] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 27.972375] Write of size 8 at addr ffff8881022cf748 by task kunit_try_catch/290 [ 27.972951] [ 27.973167] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250620 #1 PREEMPT(voluntary) [ 27.973280] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.973338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.973381] Call Trace: [ 27.973409] <TASK> [ 27.973455] dump_stack_lvl+0x73/0xb0 [ 27.973534] print_report+0xd1/0x650 [ 27.973602] ? __virt_addr_valid+0x1db/0x2d0 [ 27.973647] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 27.973698] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.973747] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 27.973798] kasan_report+0x141/0x180 [ 27.973846] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 27.973904] kasan_check_range+0x10c/0x1c0 [ 27.973946] __kasan_check_write+0x18/0x20 [ 27.973989] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 27.974048] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.974106] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.974193] ? trace_hardirqs_on+0x37/0xe0 [ 27.974247] ? kasan_bitops_generic+0x92/0x1c0 [ 27.974294] kasan_bitops_generic+0x116/0x1c0 [ 27.974341] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.974398] ? __pfx_read_tsc+0x10/0x10 [ 27.974457] ? ktime_get_ts64+0x86/0x230 [ 27.974519] kunit_try_run_case+0x1a5/0x480 [ 27.974575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.974613] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.974654] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.974691] ? __kthread_parkme+0x82/0x180 [ 27.974725] ? preempt_count_sub+0x50/0x80 [ 27.974764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.974805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.974842] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.974883] kthread+0x337/0x6f0 [ 27.974916] ? trace_preempt_on+0x20/0xc0 [ 27.974956] ? __pfx_kthread+0x10/0x10 [ 27.975001] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.975043] ? calculate_sigpending+0x7b/0xa0 [ 27.975084] ? __pfx_kthread+0x10/0x10 [ 27.975125] ret_from_fork+0x116/0x1d0 [ 27.975203] ? __pfx_kthread+0x10/0x10 [ 27.975253] ret_from_fork_asm+0x1a/0x30 [ 27.975317] </TASK> [ 27.975338] [ 27.990220] Allocated by task 290: [ 27.990611] kasan_save_stack+0x45/0x70 [ 27.990990] kasan_save_track+0x18/0x40 [ 27.991498] kasan_save_alloc_info+0x3b/0x50 [ 27.992016] __kasan_kmalloc+0xb7/0xc0 [ 27.992394] __kmalloc_cache_noprof+0x189/0x420 [ 27.992864] kasan_bitops_generic+0x92/0x1c0 [ 27.993079] kunit_try_run_case+0x1a5/0x480 [ 27.993466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.994438] kthread+0x337/0x6f0 [ 27.994900] ret_from_fork+0x116/0x1d0 [ 27.995138] ret_from_fork_asm+0x1a/0x30 [ 27.995469] [ 27.995771] The buggy address belongs to the object at ffff8881022cf740 [ 27.995771] which belongs to the cache kmalloc-16 of size 16 [ 27.996587] The buggy address is located 8 bytes inside of [ 27.996587] allocated 9-byte region [ffff8881022cf740, ffff8881022cf749) [ 27.997086] [ 27.997205] The buggy address belongs to the physical page: [ 27.998222] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022cf [ 27.999029] flags: 0x200000000000000(node=0|zone=2) [ 27.999496] page_type: f5(slab) [ 27.999846] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.000456] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.000869] page dumped because: kasan: bad access detected [ 28.001450] [ 28.001561] Memory state around the buggy address: [ 28.002098] ffff8881022cf600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.003168] ffff8881022cf680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.003532] >ffff8881022cf700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 28.003749] ^ [ 28.004179] ffff8881022cf780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.005089] ffff8881022cf800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.005706] ==================================================================