Date
June 23, 2025, 7:07 a.m.
| Environment | |
|---|---|
| qemu-x86_64 |
[ 24.163860] ================================================================== [ 24.164438] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 24.165145] Write of size 8 at addr ffff888101bb7fa8 by task kunit_try_catch/290 [ 24.166280] [ 24.166558] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250623 #1 PREEMPT(voluntary) [ 24.166648] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.166671] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.166710] Call Trace: [ 24.166735] <TASK> [ 24.166758] dump_stack_lvl+0x73/0xb0 [ 24.166812] print_report+0xd1/0x650 [ 24.166925] ? __virt_addr_valid+0x1db/0x2d0 [ 24.166972] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 24.167013] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.167051] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 24.167095] kasan_report+0x141/0x180 [ 24.167128] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 24.167165] kasan_check_range+0x10c/0x1c0 [ 24.167194] __kasan_check_write+0x18/0x20 [ 24.167222] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 24.167254] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 24.167277] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.167297] ? trace_hardirqs_on+0x37/0xe0 [ 24.167315] ? kasan_bitops_generic+0x92/0x1c0 [ 24.167337] kasan_bitops_generic+0x116/0x1c0 [ 24.167356] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.167391] ? __pfx_read_tsc+0x10/0x10 [ 24.167413] ? ktime_get_ts64+0x86/0x230 [ 24.167434] kunit_try_run_case+0x1a5/0x480 [ 24.167455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.167473] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.167492] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.167511] ? __kthread_parkme+0x82/0x180 [ 24.167528] ? preempt_count_sub+0x50/0x80 [ 24.167547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.167567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.167587] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.167607] kthread+0x337/0x6f0 [ 24.167623] ? trace_preempt_on+0x20/0xc0 [ 24.167641] ? __pfx_kthread+0x10/0x10 [ 24.167658] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.167676] ? calculate_sigpending+0x7b/0xa0 [ 24.167696] ? __pfx_kthread+0x10/0x10 [ 24.167714] ret_from_fork+0x116/0x1d0 [ 24.167729] ? __pfx_kthread+0x10/0x10 [ 24.167746] ret_from_fork_asm+0x1a/0x30 [ 24.167773] </TASK> [ 24.167783] [ 24.181546] Allocated by task 290: [ 24.182388] kasan_save_stack+0x45/0x70 [ 24.182559] kasan_save_track+0x18/0x40 [ 24.183214] kasan_save_alloc_info+0x3b/0x50 [ 24.183392] __kasan_kmalloc+0xb7/0xc0 [ 24.184048] __kmalloc_cache_noprof+0x189/0x420 [ 24.184219] kasan_bitops_generic+0x92/0x1c0 [ 24.184579] kunit_try_run_case+0x1a5/0x480 [ 24.184811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.185546] kthread+0x337/0x6f0 [ 24.185707] ret_from_fork+0x116/0x1d0 [ 24.185961] ret_from_fork_asm+0x1a/0x30 [ 24.186119] [ 24.186641] The buggy address belongs to the object at ffff888101bb7fa0 [ 24.186641] which belongs to the cache kmalloc-16 of size 16 [ 24.187914] The buggy address is located 8 bytes inside of [ 24.187914] allocated 9-byte region [ffff888101bb7fa0, ffff888101bb7fa9) [ 24.188325] [ 24.188822] The buggy address belongs to the physical page: [ 24.189030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bb7 [ 24.189518] flags: 0x200000000000000(node=0|zone=2) [ 24.189780] page_type: f5(slab) [ 24.190451] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 24.190885] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.191126] page dumped because: kasan: bad access detected [ 24.191792] [ 24.191970] Memory state around the buggy address: [ 24.192542] ffff888101bb7e80: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 24.192907] ffff888101bb7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.193351] >ffff888101bb7f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 24.193915] ^ [ 24.194181] ffff888101bb8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.194827] ffff888101bb8080: 00 fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 24.195375] ================================================================== [ 23.958481] ================================================================== [ 23.958984] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 23.959753] Write of size 8 at addr ffff888101bb7fa8 by task kunit_try_catch/290 [ 23.960459] [ 23.960623] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250623 #1 PREEMPT(voluntary) [ 23.960707] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.960727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.960899] Call Trace: [ 23.960931] <TASK> [ 23.960960] dump_stack_lvl+0x73/0xb0 [ 23.961016] print_report+0xd1/0x650 [ 23.961050] ? __virt_addr_valid+0x1db/0x2d0 [ 23.961097] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 23.961151] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.961291] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 23.961324] kasan_report+0x141/0x180 [ 23.961345] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 23.961372] kasan_check_range+0x10c/0x1c0 [ 23.961421] __kasan_check_write+0x18/0x20 [ 23.961453] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 23.961493] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 23.961532] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.961576] ? trace_hardirqs_on+0x37/0xe0 [ 23.961610] ? kasan_bitops_generic+0x92/0x1c0 [ 23.961672] kasan_bitops_generic+0x116/0x1c0 [ 23.961708] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.961748] ? __pfx_read_tsc+0x10/0x10 [ 23.961784] ? ktime_get_ts64+0x86/0x230 [ 23.961822] kunit_try_run_case+0x1a5/0x480 [ 23.961868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.961904] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.961956] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.961994] ? __kthread_parkme+0x82/0x180 [ 23.962032] ? preempt_count_sub+0x50/0x80 [ 23.962055] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.962085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.962120] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.962149] kthread+0x337/0x6f0 [ 23.962175] ? trace_preempt_on+0x20/0xc0 [ 23.962204] ? __pfx_kthread+0x10/0x10 [ 23.962230] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.962257] ? calculate_sigpending+0x7b/0xa0 [ 23.962290] ? __pfx_kthread+0x10/0x10 [ 23.962319] ret_from_fork+0x116/0x1d0 [ 23.962345] ? __pfx_kthread+0x10/0x10 [ 23.962372] ret_from_fork_asm+0x1a/0x30 [ 23.962433] </TASK> [ 23.962445] [ 23.973914] Allocated by task 290: [ 23.974244] kasan_save_stack+0x45/0x70 [ 23.974517] kasan_save_track+0x18/0x40 [ 23.974906] kasan_save_alloc_info+0x3b/0x50 [ 23.975214] __kasan_kmalloc+0xb7/0xc0 [ 23.975502] __kmalloc_cache_noprof+0x189/0x420 [ 23.975820] kasan_bitops_generic+0x92/0x1c0 [ 23.976122] kunit_try_run_case+0x1a5/0x480 [ 23.976863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.977984] kthread+0x337/0x6f0 [ 23.978301] ret_from_fork+0x116/0x1d0 [ 23.978614] ret_from_fork_asm+0x1a/0x30 [ 23.978957] [ 23.979217] The buggy address belongs to the object at ffff888101bb7fa0 [ 23.979217] which belongs to the cache kmalloc-16 of size 16 [ 23.979798] The buggy address is located 8 bytes inside of [ 23.979798] allocated 9-byte region [ffff888101bb7fa0, ffff888101bb7fa9) [ 23.980781] [ 23.980998] The buggy address belongs to the physical page: [ 23.981351] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bb7 [ 23.982228] flags: 0x200000000000000(node=0|zone=2) [ 23.982637] page_type: f5(slab) [ 23.982940] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 23.983532] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.984040] page dumped because: kasan: bad access detected [ 23.984276] [ 23.984401] Memory state around the buggy address: [ 23.984570] ffff888101bb7e80: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 23.985212] ffff888101bb7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.985691] >ffff888101bb7f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 23.986441] ^ [ 23.986773] ffff888101bb8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 23.987237] ffff888101bb8080: 00 fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 23.987625] ================================================================== [ 24.105682] ================================================================== [ 24.106167] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 24.106826] Write of size 8 at addr ffff888101bb7fa8 by task kunit_try_catch/290 [ 24.107476] [ 24.107693] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250623 #1 PREEMPT(voluntary) [ 24.107776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.107801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.107832] Call Trace: [ 24.107854] <TASK> [ 24.107875] dump_stack_lvl+0x73/0xb0 [ 24.107925] print_report+0xd1/0x650 [ 24.107959] ? __virt_addr_valid+0x1db/0x2d0 [ 24.107993] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 24.108034] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.108075] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 24.108279] kasan_report+0x141/0x180 [ 24.108316] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 24.108367] kasan_check_range+0x10c/0x1c0 [ 24.108423] __kasan_check_write+0x18/0x20 [ 24.108461] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 24.108507] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 24.108551] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.108592] ? trace_hardirqs_on+0x37/0xe0 [ 24.108629] ? kasan_bitops_generic+0x92/0x1c0 [ 24.108675] kasan_bitops_generic+0x116/0x1c0 [ 24.108709] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.108743] ? __pfx_read_tsc+0x10/0x10 [ 24.108776] ? ktime_get_ts64+0x86/0x230 [ 24.108812] kunit_try_run_case+0x1a5/0x480 [ 24.108849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.108887] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.108927] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.108968] ? __kthread_parkme+0x82/0x180 [ 24.109003] ? preempt_count_sub+0x50/0x80 [ 24.109046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.109088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.109129] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.109171] kthread+0x337/0x6f0 [ 24.109205] ? trace_preempt_on+0x20/0xc0 [ 24.109246] ? __pfx_kthread+0x10/0x10 [ 24.109282] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.109320] ? calculate_sigpending+0x7b/0xa0 [ 24.109486] ? __pfx_kthread+0x10/0x10 [ 24.109514] ret_from_fork+0x116/0x1d0 [ 24.109536] ? __pfx_kthread+0x10/0x10 [ 24.109559] ret_from_fork_asm+0x1a/0x30 [ 24.109595] </TASK> [ 24.109609] [ 24.120914] Allocated by task 290: [ 24.122007] kasan_save_stack+0x45/0x70 [ 24.122330] kasan_save_track+0x18/0x40 [ 24.122477] kasan_save_alloc_info+0x3b/0x50 [ 24.122732] __kasan_kmalloc+0xb7/0xc0 [ 24.123348] __kmalloc_cache_noprof+0x189/0x420 [ 24.123667] kasan_bitops_generic+0x92/0x1c0 [ 24.123853] kunit_try_run_case+0x1a5/0x480 [ 24.124604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.124796] kthread+0x337/0x6f0 [ 24.124986] ret_from_fork+0x116/0x1d0 [ 24.125518] ret_from_fork_asm+0x1a/0x30 [ 24.125792] [ 24.125902] The buggy address belongs to the object at ffff888101bb7fa0 [ 24.125902] which belongs to the cache kmalloc-16 of size 16 [ 24.126805] The buggy address is located 8 bytes inside of [ 24.126805] allocated 9-byte region [ffff888101bb7fa0, ffff888101bb7fa9) [ 24.127540] [ 24.127676] The buggy address belongs to the physical page: [ 24.128068] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bb7 [ 24.128855] flags: 0x200000000000000(node=0|zone=2) [ 24.129221] page_type: f5(slab) [ 24.129504] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 24.129923] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.130236] page dumped because: kasan: bad access detected [ 24.130591] [ 24.130727] Memory state around the buggy address: [ 24.131030] ffff888101bb7e80: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 24.131395] ffff888101bb7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.131809] >ffff888101bb7f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 24.132069] ^ [ 24.132364] ffff888101bb8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.132809] ffff888101bb8080: 00 fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 24.133127] ================================================================== [ 24.074611] ================================================================== [ 24.075582] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 24.076134] Write of size 8 at addr ffff888101bb7fa8 by task kunit_try_catch/290 [ 24.077049] [ 24.077301] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250623 #1 PREEMPT(voluntary) [ 24.077399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.077424] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.077462] Call Trace: [ 24.077488] <TASK> [ 24.077512] dump_stack_lvl+0x73/0xb0 [ 24.077566] print_report+0xd1/0x650 [ 24.077603] ? __virt_addr_valid+0x1db/0x2d0 [ 24.077635] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 24.077671] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.077710] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 24.077745] kasan_report+0x141/0x180 [ 24.078217] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 24.078286] kasan_check_range+0x10c/0x1c0 [ 24.078331] __kasan_check_write+0x18/0x20 [ 24.078394] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 24.078443] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 24.078492] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.078535] ? trace_hardirqs_on+0x37/0xe0 [ 24.078569] ? kasan_bitops_generic+0x92/0x1c0 [ 24.078618] kasan_bitops_generic+0x116/0x1c0 [ 24.078661] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.078715] ? __pfx_read_tsc+0x10/0x10 [ 24.078768] ? ktime_get_ts64+0x86/0x230 [ 24.078814] kunit_try_run_case+0x1a5/0x480 [ 24.078854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.078893] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.078930] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.078976] ? __kthread_parkme+0x82/0x180 [ 24.079025] ? preempt_count_sub+0x50/0x80 [ 24.079067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.079257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.079303] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.079334] kthread+0x337/0x6f0 [ 24.079357] ? trace_preempt_on+0x20/0xc0 [ 24.079396] ? __pfx_kthread+0x10/0x10 [ 24.079422] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.079447] ? calculate_sigpending+0x7b/0xa0 [ 24.079479] ? __pfx_kthread+0x10/0x10 [ 24.079510] ret_from_fork+0x116/0x1d0 [ 24.079543] ? __pfx_kthread+0x10/0x10 [ 24.079576] ret_from_fork_asm+0x1a/0x30 [ 24.079635] </TASK> [ 24.079656] [ 24.092637] Allocated by task 290: [ 24.092759] kasan_save_stack+0x45/0x70 [ 24.093043] kasan_save_track+0x18/0x40 [ 24.093401] kasan_save_alloc_info+0x3b/0x50 [ 24.094423] __kasan_kmalloc+0xb7/0xc0 [ 24.094665] __kmalloc_cache_noprof+0x189/0x420 [ 24.094824] kasan_bitops_generic+0x92/0x1c0 [ 24.095108] kunit_try_run_case+0x1a5/0x480 [ 24.095401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.095705] kthread+0x337/0x6f0 [ 24.095947] ret_from_fork+0x116/0x1d0 [ 24.096703] ret_from_fork_asm+0x1a/0x30 [ 24.096957] [ 24.097065] The buggy address belongs to the object at ffff888101bb7fa0 [ 24.097065] which belongs to the cache kmalloc-16 of size 16 [ 24.097643] The buggy address is located 8 bytes inside of [ 24.097643] allocated 9-byte region [ffff888101bb7fa0, ffff888101bb7fa9) [ 24.098767] [ 24.098859] The buggy address belongs to the physical page: [ 24.099585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bb7 [ 24.099997] flags: 0x200000000000000(node=0|zone=2) [ 24.100242] page_type: f5(slab) [ 24.100559] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 24.101117] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.101486] page dumped because: kasan: bad access detected [ 24.101759] [ 24.101879] Memory state around the buggy address: [ 24.102184] ffff888101bb7e80: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 24.102531] ffff888101bb7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.103035] >ffff888101bb7f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 24.103352] ^ [ 24.104044] ffff888101bb8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.104509] ffff888101bb8080: 00 fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 24.104835] ================================================================== [ 24.134956] ================================================================== [ 24.135411] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 24.135736] Write of size 8 at addr ffff888101bb7fa8 by task kunit_try_catch/290 [ 24.136169] [ 24.136489] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250623 #1 PREEMPT(voluntary) [ 24.136591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.136616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.136651] Call Trace: [ 24.136676] <TASK> [ 24.136704] dump_stack_lvl+0x73/0xb0 [ 24.136759] print_report+0xd1/0x650 [ 24.136800] ? __virt_addr_valid+0x1db/0x2d0 [ 24.136838] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 24.136880] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.136925] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 24.136968] kasan_report+0x141/0x180 [ 24.137009] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 24.137062] kasan_check_range+0x10c/0x1c0 [ 24.137098] __kasan_check_write+0x18/0x20 [ 24.137134] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 24.137171] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 24.137209] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.137903] ? trace_hardirqs_on+0x37/0xe0 [ 24.137951] ? kasan_bitops_generic+0x92/0x1c0 [ 24.137977] kasan_bitops_generic+0x116/0x1c0 [ 24.137999] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.138033] ? __pfx_read_tsc+0x10/0x10 [ 24.138055] ? ktime_get_ts64+0x86/0x230 [ 24.138099] kunit_try_run_case+0x1a5/0x480 [ 24.138135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.138163] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.138193] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.138224] ? __kthread_parkme+0x82/0x180 [ 24.138252] ? preempt_count_sub+0x50/0x80 [ 24.138285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.138307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.138329] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.138351] kthread+0x337/0x6f0 [ 24.138368] ? trace_preempt_on+0x20/0xc0 [ 24.138410] ? __pfx_kthread+0x10/0x10 [ 24.138429] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.138449] ? calculate_sigpending+0x7b/0xa0 [ 24.138471] ? __pfx_kthread+0x10/0x10 [ 24.138490] ret_from_fork+0x116/0x1d0 [ 24.138507] ? __pfx_kthread+0x10/0x10 [ 24.138526] ret_from_fork_asm+0x1a/0x30 [ 24.138556] </TASK> [ 24.138567] [ 24.148975] Allocated by task 290: [ 24.149619] kasan_save_stack+0x45/0x70 [ 24.150008] kasan_save_track+0x18/0x40 [ 24.150317] kasan_save_alloc_info+0x3b/0x50 [ 24.150592] __kasan_kmalloc+0xb7/0xc0 [ 24.150919] __kmalloc_cache_noprof+0x189/0x420 [ 24.151477] kasan_bitops_generic+0x92/0x1c0 [ 24.151874] kunit_try_run_case+0x1a5/0x480 [ 24.152355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.152717] kthread+0x337/0x6f0 [ 24.152872] ret_from_fork+0x116/0x1d0 [ 24.153017] ret_from_fork_asm+0x1a/0x30 [ 24.153168] [ 24.153252] The buggy address belongs to the object at ffff888101bb7fa0 [ 24.153252] which belongs to the cache kmalloc-16 of size 16 [ 24.154698] The buggy address is located 8 bytes inside of [ 24.154698] allocated 9-byte region [ffff888101bb7fa0, ffff888101bb7fa9) [ 24.155772] [ 24.156011] The buggy address belongs to the physical page: [ 24.156512] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bb7 [ 24.156900] flags: 0x200000000000000(node=0|zone=2) [ 24.157674] page_type: f5(slab) [ 24.157869] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 24.158454] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.159020] page dumped because: kasan: bad access detected [ 24.159566] [ 24.159704] Memory state around the buggy address: [ 24.160028] ffff888101bb7e80: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 24.160686] ffff888101bb7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.161482] >ffff888101bb7f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 24.161911] ^ [ 24.162100] ffff888101bb8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.162605] ffff888101bb8080: 00 fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 24.163133] ================================================================== [ 23.988711] ================================================================== [ 23.989208] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 23.989563] Write of size 8 at addr ffff888101bb7fa8 by task kunit_try_catch/290 [ 23.989969] [ 23.990080] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250623 #1 PREEMPT(voluntary) [ 23.990165] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.990189] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.990224] Call Trace: [ 23.990251] <TASK> [ 23.990278] dump_stack_lvl+0x73/0xb0 [ 23.990328] print_report+0xd1/0x650 [ 23.990368] ? __virt_addr_valid+0x1db/0x2d0 [ 23.990652] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 23.990700] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.990746] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 23.990791] kasan_report+0x141/0x180 [ 23.990841] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 23.990898] kasan_check_range+0x10c/0x1c0 [ 23.990942] __kasan_check_write+0x18/0x20 [ 23.990983] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 23.991029] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 23.991077] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.991120] ? trace_hardirqs_on+0x37/0xe0 [ 23.991159] ? kasan_bitops_generic+0x92/0x1c0 [ 23.991198] kasan_bitops_generic+0x116/0x1c0 [ 23.991227] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.991248] ? __pfx_read_tsc+0x10/0x10 [ 23.991266] ? ktime_get_ts64+0x86/0x230 [ 23.991287] kunit_try_run_case+0x1a5/0x480 [ 23.991308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.991326] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.991345] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.991365] ? __kthread_parkme+0x82/0x180 [ 23.991399] ? preempt_count_sub+0x50/0x80 [ 23.991420] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.991441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.991460] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.991480] kthread+0x337/0x6f0 [ 23.991496] ? trace_preempt_on+0x20/0xc0 [ 23.991514] ? __pfx_kthread+0x10/0x10 [ 23.991531] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.991549] ? calculate_sigpending+0x7b/0xa0 [ 23.991568] ? __pfx_kthread+0x10/0x10 [ 23.991586] ret_from_fork+0x116/0x1d0 [ 23.991602] ? __pfx_kthread+0x10/0x10 [ 23.991619] ret_from_fork_asm+0x1a/0x30 [ 23.991645] </TASK> [ 23.991656] [ 24.003324] Allocated by task 290: [ 24.003629] kasan_save_stack+0x45/0x70 [ 24.003884] kasan_save_track+0x18/0x40 [ 24.004033] kasan_save_alloc_info+0x3b/0x50 [ 24.004970] __kasan_kmalloc+0xb7/0xc0 [ 24.005409] __kmalloc_cache_noprof+0x189/0x420 [ 24.005781] kasan_bitops_generic+0x92/0x1c0 [ 24.006333] kunit_try_run_case+0x1a5/0x480 [ 24.006645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.006880] kthread+0x337/0x6f0 [ 24.007292] ret_from_fork+0x116/0x1d0 [ 24.007600] ret_from_fork_asm+0x1a/0x30 [ 24.007934] [ 24.008375] The buggy address belongs to the object at ffff888101bb7fa0 [ 24.008375] which belongs to the cache kmalloc-16 of size 16 [ 24.008941] The buggy address is located 8 bytes inside of [ 24.008941] allocated 9-byte region [ffff888101bb7fa0, ffff888101bb7fa9) [ 24.009863] [ 24.010040] The buggy address belongs to the physical page: [ 24.010589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bb7 [ 24.011037] flags: 0x200000000000000(node=0|zone=2) [ 24.011576] page_type: f5(slab) [ 24.011743] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 24.012552] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.012954] page dumped because: kasan: bad access detected [ 24.013282] [ 24.013445] Memory state around the buggy address: [ 24.013708] ffff888101bb7e80: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 24.014417] ffff888101bb7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.014887] >ffff888101bb7f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 24.015449] ^ [ 24.015725] ffff888101bb8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.016321] ffff888101bb8080: 00 fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 24.016729] ================================================================== [ 24.046742] ================================================================== [ 24.047299] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 24.047580] Write of size 8 at addr ffff888101bb7fa8 by task kunit_try_catch/290 [ 24.048240] [ 24.048429] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250623 #1 PREEMPT(voluntary) [ 24.048504] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.048525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.048560] Call Trace: [ 24.048586] <TASK> [ 24.048612] dump_stack_lvl+0x73/0xb0 [ 24.048665] print_report+0xd1/0x650 [ 24.048705] ? __virt_addr_valid+0x1db/0x2d0 [ 24.048741] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 24.048914] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.048969] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 24.049017] kasan_report+0x141/0x180 [ 24.049059] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 24.049107] kasan_check_range+0x10c/0x1c0 [ 24.049149] __kasan_check_write+0x18/0x20 [ 24.049199] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 24.049240] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 24.049275] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.049307] ? trace_hardirqs_on+0x37/0xe0 [ 24.049340] ? kasan_bitops_generic+0x92/0x1c0 [ 24.049398] kasan_bitops_generic+0x116/0x1c0 [ 24.049774] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.049864] ? __pfx_read_tsc+0x10/0x10 [ 24.049901] ? ktime_get_ts64+0x86/0x230 [ 24.049949] kunit_try_run_case+0x1a5/0x480 [ 24.050014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.050057] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.050106] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.050145] ? __kthread_parkme+0x82/0x180 [ 24.050181] ? preempt_count_sub+0x50/0x80 [ 24.050222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.050489] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.050544] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.050587] kthread+0x337/0x6f0 [ 24.050641] ? trace_preempt_on+0x20/0xc0 [ 24.050682] ? __pfx_kthread+0x10/0x10 [ 24.050720] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.050759] ? calculate_sigpending+0x7b/0xa0 [ 24.050798] ? __pfx_kthread+0x10/0x10 [ 24.050844] ret_from_fork+0x116/0x1d0 [ 24.050881] ? __pfx_kthread+0x10/0x10 [ 24.050935] ret_from_fork_asm+0x1a/0x30 [ 24.050977] </TASK> [ 24.050990] [ 24.061587] Allocated by task 290: [ 24.061850] kasan_save_stack+0x45/0x70 [ 24.062193] kasan_save_track+0x18/0x40 [ 24.062471] kasan_save_alloc_info+0x3b/0x50 [ 24.062773] __kasan_kmalloc+0xb7/0xc0 [ 24.063251] __kmalloc_cache_noprof+0x189/0x420 [ 24.063438] kasan_bitops_generic+0x92/0x1c0 [ 24.063691] kunit_try_run_case+0x1a5/0x480 [ 24.063999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.064276] kthread+0x337/0x6f0 [ 24.064976] ret_from_fork+0x116/0x1d0 [ 24.065171] ret_from_fork_asm+0x1a/0x30 [ 24.065320] [ 24.065442] The buggy address belongs to the object at ffff888101bb7fa0 [ 24.065442] which belongs to the cache kmalloc-16 of size 16 [ 24.066149] The buggy address is located 8 bytes inside of [ 24.066149] allocated 9-byte region [ffff888101bb7fa0, ffff888101bb7fa9) [ 24.066774] [ 24.066937] The buggy address belongs to the physical page: [ 24.067395] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bb7 [ 24.067848] flags: 0x200000000000000(node=0|zone=2) [ 24.068570] page_type: f5(slab) [ 24.068770] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 24.069451] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.070052] page dumped because: kasan: bad access detected [ 24.070574] [ 24.070682] Memory state around the buggy address: [ 24.070853] ffff888101bb7e80: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 24.071424] ffff888101bb7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.072038] >ffff888101bb7f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 24.072757] ^ [ 24.073013] ffff888101bb8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.073559] ffff888101bb8080: 00 fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 24.074001] ================================================================== [ 24.017508] ================================================================== [ 24.017780] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 24.018606] Write of size 8 at addr ffff888101bb7fa8 by task kunit_try_catch/290 [ 24.019041] [ 24.019361] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc3-next-20250623 #1 PREEMPT(voluntary) [ 24.019469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.019493] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.019542] Call Trace: [ 24.019568] <TASK> [ 24.019592] dump_stack_lvl+0x73/0xb0 [ 24.019652] print_report+0xd1/0x650 [ 24.019705] ? __virt_addr_valid+0x1db/0x2d0 [ 24.019742] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 24.019783] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.019823] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 24.019897] kasan_report+0x141/0x180 [ 24.019956] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 24.020007] kasan_check_range+0x10c/0x1c0 [ 24.020061] __kasan_check_write+0x18/0x20 [ 24.020420] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 24.020468] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 24.020516] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.020557] ? trace_hardirqs_on+0x37/0xe0 [ 24.020608] ? kasan_bitops_generic+0x92/0x1c0 [ 24.020653] kasan_bitops_generic+0x116/0x1c0 [ 24.020696] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 24.020747] ? __pfx_read_tsc+0x10/0x10 [ 24.020788] ? ktime_get_ts64+0x86/0x230 [ 24.020860] kunit_try_run_case+0x1a5/0x480 [ 24.020893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.020913] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.020932] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.020952] ? __kthread_parkme+0x82/0x180 [ 24.020970] ? preempt_count_sub+0x50/0x80 [ 24.020989] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.021008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.021028] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.021047] kthread+0x337/0x6f0 [ 24.021064] ? trace_preempt_on+0x20/0xc0 [ 24.021107] ? __pfx_kthread+0x10/0x10 [ 24.021125] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.021143] ? calculate_sigpending+0x7b/0xa0 [ 24.021162] ? __pfx_kthread+0x10/0x10 [ 24.021180] ret_from_fork+0x116/0x1d0 [ 24.021196] ? __pfx_kthread+0x10/0x10 [ 24.021213] ret_from_fork_asm+0x1a/0x30 [ 24.021240] </TASK> [ 24.021250] [ 24.033707] Allocated by task 290: [ 24.033854] kasan_save_stack+0x45/0x70 [ 24.034163] kasan_save_track+0x18/0x40 [ 24.034484] kasan_save_alloc_info+0x3b/0x50 [ 24.035147] __kasan_kmalloc+0xb7/0xc0 [ 24.035468] __kmalloc_cache_noprof+0x189/0x420 [ 24.035807] kasan_bitops_generic+0x92/0x1c0 [ 24.036026] kunit_try_run_case+0x1a5/0x480 [ 24.036326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.036678] kthread+0x337/0x6f0 [ 24.036834] ret_from_fork+0x116/0x1d0 [ 24.037334] ret_from_fork_asm+0x1a/0x30 [ 24.037660] [ 24.037996] The buggy address belongs to the object at ffff888101bb7fa0 [ 24.037996] which belongs to the cache kmalloc-16 of size 16 [ 24.038806] The buggy address is located 8 bytes inside of [ 24.038806] allocated 9-byte region [ffff888101bb7fa0, ffff888101bb7fa9) [ 24.039409] [ 24.039682] The buggy address belongs to the physical page: [ 24.039971] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bb7 [ 24.040295] flags: 0x200000000000000(node=0|zone=2) [ 24.040795] page_type: f5(slab) [ 24.041061] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 24.041329] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 24.042040] page dumped because: kasan: bad access detected [ 24.042660] [ 24.042826] Memory state around the buggy address: [ 24.043122] ffff888101bb7e80: fa fb fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 24.043339] ffff888101bb7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 24.043925] >ffff888101bb7f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 24.044529] ^ [ 24.044692] ffff888101bb8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 24.045493] ffff888101bb8080: 00 fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 24.045908] ==================================================================