Date
July 9, 2025, 1:08 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 31.713376] ================================================================== [ 31.713419] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 31.713697] Call trace: [ 31.714802] kasan_bitops_generic+0x110/0x1c8 [ 31.715791] kasan_save_stack+0x3c/0x68 [ 31.716526] __kmalloc_cache_noprof+0x16c/0x3c0 [ 31.716817] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.718233] [ 31.718815] page_type: f5(slab) [ 31.719225] page dumped because: kasan: bad access detected [ 31.720477] ================================================================== [ 31.685097] ================================================================== [ 31.685479] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 31.685540] Read of size 8 at addr fff00000c7b74d88 by task kunit_try_catch/293 [ 31.685593] [ 31.685632] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250709 #1 PREEMPT [ 31.685724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.685754] Hardware name: linux,dummy-virt (DT) [ 31.685786] Call trace: [ 31.685811] show_stack+0x20/0x38 (C) [ 31.685860] dump_stack_lvl+0x8c/0xd0 [ 31.685910] print_report+0x118/0x5d0 [ 31.685966] kasan_report+0xdc/0x128 [ 31.686023] __asan_report_load8_noabort+0x20/0x30 [ 31.686084] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 31.686141] kasan_bitops_generic+0x110/0x1c8 [ 31.686193] kunit_try_run_case+0x170/0x3f0 [ 31.686253] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.686309] kthread+0x328/0x630 [ 31.686356] ret_from_fork+0x10/0x20 [ 31.686410] [ 31.686431] Allocated by task 293: [ 31.686471] kasan_save_stack+0x3c/0x68 [ 31.686523] kasan_save_track+0x20/0x40 [ 31.686565] kasan_save_alloc_info+0x40/0x58 [ 31.686604] __kasan_kmalloc+0xd4/0xd8 [ 31.686643] __kmalloc_cache_noprof+0x16c/0x3c0 [ 31.686683] kasan_bitops_generic+0xa0/0x1c8 [ 31.686724] kunit_try_run_case+0x170/0x3f0 [ 31.686765] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.686813] kthread+0x328/0x630 [ 31.686848] ret_from_fork+0x10/0x20 [ 31.686885] [ 31.686905] The buggy address belongs to the object at fff00000c7b74d80 [ 31.686905] which belongs to the cache kmalloc-16 of size 16 [ 31.686974] The buggy address is located 8 bytes inside of [ 31.686974] allocated 9-byte region [fff00000c7b74d80, fff00000c7b74d89) [ 31.687039] [ 31.687070] The buggy address belongs to the physical page: [ 31.687711] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107b74 [ 31.687838] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.687907] page_type: f5(slab) [ 31.687976] raw: 0bfffe0000000000 fff00000c0001640 dead000000000100 dead000000000122 [ 31.688223] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 31.688486] page dumped because: kasan: bad access detected [ 31.688529] [ 31.688748] Memory state around the buggy address: [ 31.688814] fff00000c7b74c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.689020] fff00000c7b74d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.689220] >fff00000c7b74d80: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.689403] ^ [ 31.689452] fff00000c7b74e00: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 31.689757] fff00000c7b74e80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.689852] ================================================================== [ 31.690580] ================================================================== [ 31.690633] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 31.690685] Write of size 8 at addr fff00000c7b74d88 by task kunit_try_catch/293 [ 31.691020] [ 31.691748] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250709 #1 PREEMPT [ 31.691893] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.691924] Hardware name: linux,dummy-virt (DT) [ 31.691956] Call trace: [ 31.691980] show_stack+0x20/0x38 (C) [ 31.692560] dump_stack_lvl+0x8c/0xd0 [ 31.693598] __kasan_check_write+0x20/0x30 [ 31.695202] kasan_save_stack+0x3c/0x68 [ 31.696005] kunit_try_run_case+0x170/0x3f0 [ 31.697256] [ 31.698191] page_type: f5(slab) [ 31.698828] [ 31.699372] fff00000c7b74d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.701893] ================================================================== [ 31.674580] ================================================================== [ 31.674896] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 31.675234] Write of size 8 at addr fff00000c7b74d88 by task kunit_try_catch/293 [ 31.675293] [ 31.675330] CPU: 1 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250709 #1 PREEMPT [ 31.675420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.675863] Hardware name: linux,dummy-virt (DT) [ 31.676036] Call trace: [ 31.676131] show_stack+0x20/0x38 (C) [ 31.676244] dump_stack_lvl+0x8c/0xd0 [ 31.676448] print_report+0x118/0x5d0 [ 31.676631] kasan_report+0xdc/0x128 [ 31.676946] kasan_check_range+0x100/0x1a8 [ 31.677112] __kasan_check_write+0x20/0x30 [ 31.677271] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 31.677403] kasan_bitops_generic+0x110/0x1c8 [ 31.677726] kunit_try_run_case+0x170/0x3f0 [ 31.677868] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.678121] kthread+0x328/0x630 [ 31.678499] ret_from_fork+0x10/0x20 [ 31.678613] [ 31.678771] Allocated by task 293: [ 31.679155] kasan_save_stack+0x3c/0x68 [ 31.679243] kasan_save_track+0x20/0x40 [ 31.679452] kasan_save_alloc_info+0x40/0x58 [ 31.679618] __kasan_kmalloc+0xd4/0xd8 [ 31.679740] __kmalloc_cache_noprof+0x16c/0x3c0 [ 31.679981] kasan_bitops_generic+0xa0/0x1c8 [ 31.680246] kunit_try_run_case+0x170/0x3f0 [ 31.680354] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 31.680560] kthread+0x328/0x630 [ 31.680645] ret_from_fork+0x10/0x20 [ 31.680821] [ 31.680980] The buggy address belongs to the object at fff00000c7b74d80 [ 31.680980] which belongs to the cache kmalloc-16 of size 16 [ 31.681105] The buggy address is located 8 bytes inside of [ 31.681105] allocated 9-byte region [fff00000c7b74d80, fff00000c7b74d89) [ 31.681549] [ 31.681679] The buggy address belongs to the physical page: [ 31.681773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107b74 [ 31.681880] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 31.681953] page_type: f5(slab) [ 31.682320] raw: 0bfffe0000000000 fff00000c0001640 dead000000000100 dead000000000122 [ 31.682413] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 31.682820] page dumped because: kasan: bad access detected [ 31.682909] [ 31.683037] Memory state around the buggy address: [ 31.683253] fff00000c7b74c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.683314] fff00000c7b74d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.683358] >fff00000c7b74d80: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 31.683679] ^ [ 31.683902] fff00000c7b74e00: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 31.684104] fff00000c7b74e80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 31.684345] ==================================================================
[ 26.295086] ================================================================== [ 26.295423] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 26.295960] Write of size 8 at addr ffff8881058a8248 by task kunit_try_catch/311 [ 26.296298] [ 26.296403] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc5-next-20250709 #1 PREEMPT(voluntary) [ 26.296450] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 26.296463] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.296484] Call Trace: [ 26.296499] <TASK> [ 26.296514] dump_stack_lvl+0x73/0xb0 [ 26.296543] print_report+0xd1/0x610 [ 26.296564] ? __virt_addr_valid+0x1db/0x2d0 [ 26.296587] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 26.296611] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.296636] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 26.296661] kasan_report+0x141/0x180 [ 26.296682] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 26.296723] kasan_check_range+0x10c/0x1c0 [ 26.296747] __kasan_check_write+0x18/0x20 [ 26.296788] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 26.296814] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.296840] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.296863] ? trace_hardirqs_on+0x37/0xe0 [ 26.296885] ? kasan_bitops_generic+0x92/0x1c0 [ 26.296911] kasan_bitops_generic+0x116/0x1c0 [ 26.296934] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.296958] ? __pfx_read_tsc+0x10/0x10 [ 26.296979] ? ktime_get_ts64+0x86/0x230 [ 26.297004] kunit_try_run_case+0x1a5/0x480 [ 26.297025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.297046] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.297070] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.297093] ? __kthread_parkme+0x82/0x180 [ 26.297113] ? preempt_count_sub+0x50/0x80 [ 26.297136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.297158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.297183] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.297208] kthread+0x337/0x6f0 [ 26.297227] ? trace_preempt_on+0x20/0xc0 [ 26.297249] ? __pfx_kthread+0x10/0x10 [ 26.297269] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.297291] ? calculate_sigpending+0x7b/0xa0 [ 26.297315] ? __pfx_kthread+0x10/0x10 [ 26.297336] ret_from_fork+0x116/0x1d0 [ 26.297355] ? __pfx_kthread+0x10/0x10 [ 26.297375] ret_from_fork_asm+0x1a/0x30 [ 26.297406] </TASK> [ 26.297416] [ 26.304802] Allocated by task 311: [ 26.304982] kasan_save_stack+0x45/0x70 [ 26.305156] kasan_save_track+0x18/0x40 [ 26.305326] kasan_save_alloc_info+0x3b/0x50 [ 26.305504] __kasan_kmalloc+0xb7/0xc0 [ 26.305683] __kmalloc_cache_noprof+0x189/0x420 [ 26.305865] kasan_bitops_generic+0x92/0x1c0 [ 26.306074] kunit_try_run_case+0x1a5/0x480 [ 26.306278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.306493] kthread+0x337/0x6f0 [ 26.306650] ret_from_fork+0x116/0x1d0 [ 26.306808] ret_from_fork_asm+0x1a/0x30 [ 26.307003] [ 26.307090] The buggy address belongs to the object at ffff8881058a8240 [ 26.307090] which belongs to the cache kmalloc-16 of size 16 [ 26.307506] The buggy address is located 8 bytes inside of [ 26.307506] allocated 9-byte region [ffff8881058a8240, ffff8881058a8249) [ 26.308060] [ 26.308138] The buggy address belongs to the physical page: [ 26.308352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a8 [ 26.308656] flags: 0x200000000000000(node=0|zone=2) [ 26.308903] page_type: f5(slab) [ 26.309055] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.309350] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.309654] page dumped because: kasan: bad access detected [ 26.309861] [ 26.309925] Memory state around the buggy address: [ 26.310072] ffff8881058a8100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.310280] ffff8881058a8180: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 26.310486] >ffff8881058a8200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.310745] ^ [ 26.311016] ffff8881058a8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.311326] ffff8881058a8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.311627] ================================================================== [ 26.207251] ================================================================== [ 26.207527] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 26.207879] Write of size 8 at addr ffff8881058a8248 by task kunit_try_catch/311 [ 26.208246] [ 26.208355] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc5-next-20250709 #1 PREEMPT(voluntary) [ 26.208405] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 26.208418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.208440] Call Trace: [ 26.208457] <TASK> [ 26.208474] dump_stack_lvl+0x73/0xb0 [ 26.208504] print_report+0xd1/0x610 [ 26.208525] ? __virt_addr_valid+0x1db/0x2d0 [ 26.208549] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 26.208573] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.208599] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 26.208624] kasan_report+0x141/0x180 [ 26.208645] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 26.208674] kasan_check_range+0x10c/0x1c0 [ 26.208710] __kasan_check_write+0x18/0x20 [ 26.208734] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 26.208759] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.208785] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.208808] ? trace_hardirqs_on+0x37/0xe0 [ 26.208829] ? kasan_bitops_generic+0x92/0x1c0 [ 26.208855] kasan_bitops_generic+0x116/0x1c0 [ 26.208878] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.208902] ? __pfx_read_tsc+0x10/0x10 [ 26.208923] ? ktime_get_ts64+0x86/0x230 [ 26.208947] kunit_try_run_case+0x1a5/0x480 [ 26.208968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.208989] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.209014] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.209037] ? __kthread_parkme+0x82/0x180 [ 26.209058] ? preempt_count_sub+0x50/0x80 [ 26.209081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.209103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.209127] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.209204] kthread+0x337/0x6f0 [ 26.209224] ? trace_preempt_on+0x20/0xc0 [ 26.209246] ? __pfx_kthread+0x10/0x10 [ 26.209266] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.209288] ? calculate_sigpending+0x7b/0xa0 [ 26.209311] ? __pfx_kthread+0x10/0x10 [ 26.209332] ret_from_fork+0x116/0x1d0 [ 26.209351] ? __pfx_kthread+0x10/0x10 [ 26.209371] ret_from_fork_asm+0x1a/0x30 [ 26.209402] </TASK> [ 26.209413] [ 26.217343] Allocated by task 311: [ 26.217523] kasan_save_stack+0x45/0x70 [ 26.217720] kasan_save_track+0x18/0x40 [ 26.218083] kasan_save_alloc_info+0x3b/0x50 [ 26.218241] __kasan_kmalloc+0xb7/0xc0 [ 26.218395] __kmalloc_cache_noprof+0x189/0x420 [ 26.218604] kasan_bitops_generic+0x92/0x1c0 [ 26.218818] kunit_try_run_case+0x1a5/0x480 [ 26.218955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.219124] kthread+0x337/0x6f0 [ 26.219236] ret_from_fork+0x116/0x1d0 [ 26.219360] ret_from_fork_asm+0x1a/0x30 [ 26.219547] [ 26.219639] The buggy address belongs to the object at ffff8881058a8240 [ 26.219639] which belongs to the cache kmalloc-16 of size 16 [ 26.220362] The buggy address is located 8 bytes inside of [ 26.220362] allocated 9-byte region [ffff8881058a8240, ffff8881058a8249) [ 26.220811] [ 26.220927] The buggy address belongs to the physical page: [ 26.221146] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a8 [ 26.221516] flags: 0x200000000000000(node=0|zone=2) [ 26.221809] page_type: f5(slab) [ 26.222008] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.222431] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.222771] page dumped because: kasan: bad access detected [ 26.222947] [ 26.223008] Memory state around the buggy address: [ 26.223418] ffff8881058a8100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.223756] ffff8881058a8180: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 26.224184] >ffff8881058a8200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.224486] ^ [ 26.224733] ffff8881058a8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.225148] ffff8881058a8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.225459] ================================================================== [ 26.226919] ================================================================== [ 26.227749] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 26.229183] Write of size 8 at addr ffff8881058a8248 by task kunit_try_catch/311 [ 26.229551] [ 26.229640] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc5-next-20250709 #1 PREEMPT(voluntary) [ 26.229691] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 26.229716] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.229737] Call Trace: [ 26.229751] <TASK> [ 26.229767] dump_stack_lvl+0x73/0xb0 [ 26.229796] print_report+0xd1/0x610 [ 26.229819] ? __virt_addr_valid+0x1db/0x2d0 [ 26.229841] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 26.229866] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.230228] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 26.230258] kasan_report+0x141/0x180 [ 26.230297] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 26.230329] kasan_check_range+0x10c/0x1c0 [ 26.230359] __kasan_check_write+0x18/0x20 [ 26.230382] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 26.230407] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.230432] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.230456] ? trace_hardirqs_on+0x37/0xe0 [ 26.230478] ? kasan_bitops_generic+0x92/0x1c0 [ 26.230504] kasan_bitops_generic+0x116/0x1c0 [ 26.230528] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.230553] ? __pfx_read_tsc+0x10/0x10 [ 26.230575] ? ktime_get_ts64+0x86/0x230 [ 26.230600] kunit_try_run_case+0x1a5/0x480 [ 26.230623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.230644] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.230667] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.230691] ? __kthread_parkme+0x82/0x180 [ 26.230720] ? preempt_count_sub+0x50/0x80 [ 26.230744] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.230766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.230823] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.230847] kthread+0x337/0x6f0 [ 26.230867] ? trace_preempt_on+0x20/0xc0 [ 26.230890] ? __pfx_kthread+0x10/0x10 [ 26.230920] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.230943] ? calculate_sigpending+0x7b/0xa0 [ 26.230967] ? __pfx_kthread+0x10/0x10 [ 26.230988] ret_from_fork+0x116/0x1d0 [ 26.231007] ? __pfx_kthread+0x10/0x10 [ 26.231026] ret_from_fork_asm+0x1a/0x30 [ 26.231056] </TASK> [ 26.231068] [ 26.246193] Allocated by task 311: [ 26.246383] kasan_save_stack+0x45/0x70 [ 26.246783] kasan_save_track+0x18/0x40 [ 26.247223] kasan_save_alloc_info+0x3b/0x50 [ 26.247456] __kasan_kmalloc+0xb7/0xc0 [ 26.247847] __kmalloc_cache_noprof+0x189/0x420 [ 26.248302] kasan_bitops_generic+0x92/0x1c0 [ 26.248636] kunit_try_run_case+0x1a5/0x480 [ 26.249023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.249204] kthread+0x337/0x6f0 [ 26.249320] ret_from_fork+0x116/0x1d0 [ 26.249446] ret_from_fork_asm+0x1a/0x30 [ 26.249578] [ 26.249642] The buggy address belongs to the object at ffff8881058a8240 [ 26.249642] which belongs to the cache kmalloc-16 of size 16 [ 26.250040] The buggy address is located 8 bytes inside of [ 26.250040] allocated 9-byte region [ffff8881058a8240, ffff8881058a8249) [ 26.250599] [ 26.250668] The buggy address belongs to the physical page: [ 26.250843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a8 [ 26.251280] flags: 0x200000000000000(node=0|zone=2) [ 26.251590] page_type: f5(slab) [ 26.251748] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.252215] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.252490] page dumped because: kasan: bad access detected [ 26.253125] [ 26.253393] Memory state around the buggy address: [ 26.253633] ffff8881058a8100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.254543] ffff8881058a8180: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 26.254979] >ffff8881058a8200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.256260] ^ [ 26.257120] ffff8881058a8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.257355] ffff8881058a8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.257568] ================================================================== [ 26.278229] ================================================================== [ 26.278563] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 26.279100] Write of size 8 at addr ffff8881058a8248 by task kunit_try_catch/311 [ 26.279439] [ 26.279534] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc5-next-20250709 #1 PREEMPT(voluntary) [ 26.279580] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 26.279593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.279614] Call Trace: [ 26.279628] <TASK> [ 26.279642] dump_stack_lvl+0x73/0xb0 [ 26.279672] print_report+0xd1/0x610 [ 26.279704] ? __virt_addr_valid+0x1db/0x2d0 [ 26.279728] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 26.279753] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.279799] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 26.279829] kasan_report+0x141/0x180 [ 26.279851] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 26.279879] kasan_check_range+0x10c/0x1c0 [ 26.279902] __kasan_check_write+0x18/0x20 [ 26.279924] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 26.279949] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.279974] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.279997] ? trace_hardirqs_on+0x37/0xe0 [ 26.280018] ? kasan_bitops_generic+0x92/0x1c0 [ 26.280044] kasan_bitops_generic+0x116/0x1c0 [ 26.280067] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.280091] ? __pfx_read_tsc+0x10/0x10 [ 26.280111] ? ktime_get_ts64+0x86/0x230 [ 26.280135] kunit_try_run_case+0x1a5/0x480 [ 26.280157] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.280176] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.280200] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.280224] ? __kthread_parkme+0x82/0x180 [ 26.280244] ? preempt_count_sub+0x50/0x80 [ 26.280267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.280289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.280313] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.280338] kthread+0x337/0x6f0 [ 26.280358] ? trace_preempt_on+0x20/0xc0 [ 26.280379] ? __pfx_kthread+0x10/0x10 [ 26.280399] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.280421] ? calculate_sigpending+0x7b/0xa0 [ 26.280444] ? __pfx_kthread+0x10/0x10 [ 26.280465] ret_from_fork+0x116/0x1d0 [ 26.280483] ? __pfx_kthread+0x10/0x10 [ 26.280504] ret_from_fork_asm+0x1a/0x30 [ 26.280535] </TASK> [ 26.280546] [ 26.287932] Allocated by task 311: [ 26.288085] kasan_save_stack+0x45/0x70 [ 26.288220] kasan_save_track+0x18/0x40 [ 26.288346] kasan_save_alloc_info+0x3b/0x50 [ 26.288531] __kasan_kmalloc+0xb7/0xc0 [ 26.288715] __kmalloc_cache_noprof+0x189/0x420 [ 26.288954] kasan_bitops_generic+0x92/0x1c0 [ 26.289154] kunit_try_run_case+0x1a5/0x480 [ 26.289348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.289538] kthread+0x337/0x6f0 [ 26.289656] ret_from_fork+0x116/0x1d0 [ 26.289861] ret_from_fork_asm+0x1a/0x30 [ 26.290055] [ 26.290144] The buggy address belongs to the object at ffff8881058a8240 [ 26.290144] which belongs to the cache kmalloc-16 of size 16 [ 26.290646] The buggy address is located 8 bytes inside of [ 26.290646] allocated 9-byte region [ffff8881058a8240, ffff8881058a8249) [ 26.291134] [ 26.291227] The buggy address belongs to the physical page: [ 26.291393] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a8 [ 26.291625] flags: 0x200000000000000(node=0|zone=2) [ 26.291812] page_type: f5(slab) [ 26.291927] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.292212] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.292534] page dumped because: kasan: bad access detected [ 26.292802] [ 26.292887] Memory state around the buggy address: [ 26.293098] ffff8881058a8100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.293374] ffff8881058a8180: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 26.293580] >ffff8881058a8200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.293817] ^ [ 26.293982] ffff8881058a8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.294237] ffff8881058a8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.294547] ================================================================== [ 26.135649] ================================================================== [ 26.136247] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 26.136624] Write of size 8 at addr ffff8881058a8248 by task kunit_try_catch/311 [ 26.137615] [ 26.137758] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc5-next-20250709 #1 PREEMPT(voluntary) [ 26.137816] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 26.137830] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.137853] Call Trace: [ 26.137866] <TASK> [ 26.137887] dump_stack_lvl+0x73/0xb0 [ 26.137921] print_report+0xd1/0x610 [ 26.137944] ? __virt_addr_valid+0x1db/0x2d0 [ 26.137970] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 26.138186] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.138215] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 26.138239] kasan_report+0x141/0x180 [ 26.138263] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 26.138292] kasan_check_range+0x10c/0x1c0 [ 26.138314] __kasan_check_write+0x18/0x20 [ 26.138338] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 26.138363] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.138388] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.138412] ? trace_hardirqs_on+0x37/0xe0 [ 26.138436] ? kasan_bitops_generic+0x92/0x1c0 [ 26.138462] kasan_bitops_generic+0x116/0x1c0 [ 26.138485] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.138509] ? __pfx_read_tsc+0x10/0x10 [ 26.138532] ? ktime_get_ts64+0x86/0x230 [ 26.138557] kunit_try_run_case+0x1a5/0x480 [ 26.138580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.138600] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.138625] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.138648] ? __kthread_parkme+0x82/0x180 [ 26.138669] ? preempt_count_sub+0x50/0x80 [ 26.138709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.138731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.138756] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.138781] kthread+0x337/0x6f0 [ 26.138801] ? trace_preempt_on+0x20/0xc0 [ 26.138822] ? __pfx_kthread+0x10/0x10 [ 26.138843] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.138864] ? calculate_sigpending+0x7b/0xa0 [ 26.138900] ? __pfx_kthread+0x10/0x10 [ 26.138922] ret_from_fork+0x116/0x1d0 [ 26.138940] ? __pfx_kthread+0x10/0x10 [ 26.138961] ret_from_fork_asm+0x1a/0x30 [ 26.138992] </TASK> [ 26.139004] [ 26.147562] Allocated by task 311: [ 26.147707] kasan_save_stack+0x45/0x70 [ 26.147904] kasan_save_track+0x18/0x40 [ 26.148089] kasan_save_alloc_info+0x3b/0x50 [ 26.148297] __kasan_kmalloc+0xb7/0xc0 [ 26.148532] __kmalloc_cache_noprof+0x189/0x420 [ 26.148733] kasan_bitops_generic+0x92/0x1c0 [ 26.149092] kunit_try_run_case+0x1a5/0x480 [ 26.149262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.149469] kthread+0x337/0x6f0 [ 26.149587] ret_from_fork+0x116/0x1d0 [ 26.149722] ret_from_fork_asm+0x1a/0x30 [ 26.149855] [ 26.149921] The buggy address belongs to the object at ffff8881058a8240 [ 26.149921] which belongs to the cache kmalloc-16 of size 16 [ 26.150452] The buggy address is located 8 bytes inside of [ 26.150452] allocated 9-byte region [ffff8881058a8240, ffff8881058a8249) [ 26.150960] [ 26.151059] The buggy address belongs to the physical page: [ 26.151301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a8 [ 26.151615] flags: 0x200000000000000(node=0|zone=2) [ 26.153057] page_type: f5(slab) [ 26.153232] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.153685] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.154141] page dumped because: kasan: bad access detected [ 26.154461] [ 26.154535] Memory state around the buggy address: [ 26.154837] ffff8881058a8100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.155470] ffff8881058a8180: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 26.155901] >ffff8881058a8200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.156298] ^ [ 26.156644] ffff8881058a8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.157098] ffff8881058a8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.157494] ================================================================== [ 26.259352] ================================================================== [ 26.260682] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 26.261810] Write of size 8 at addr ffff8881058a8248 by task kunit_try_catch/311 [ 26.262357] [ 26.262467] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc5-next-20250709 #1 PREEMPT(voluntary) [ 26.262521] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 26.262535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.262557] Call Trace: [ 26.262572] <TASK> [ 26.262589] dump_stack_lvl+0x73/0xb0 [ 26.262622] print_report+0xd1/0x610 [ 26.262643] ? __virt_addr_valid+0x1db/0x2d0 [ 26.262666] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 26.262721] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.262746] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 26.262794] kasan_report+0x141/0x180 [ 26.262816] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 26.262844] kasan_check_range+0x10c/0x1c0 [ 26.262867] __kasan_check_write+0x18/0x20 [ 26.262890] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 26.262915] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.262941] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.262964] ? trace_hardirqs_on+0x37/0xe0 [ 26.262986] ? kasan_bitops_generic+0x92/0x1c0 [ 26.263012] kasan_bitops_generic+0x116/0x1c0 [ 26.263035] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.263059] ? __pfx_read_tsc+0x10/0x10 [ 26.263080] ? ktime_get_ts64+0x86/0x230 [ 26.263105] kunit_try_run_case+0x1a5/0x480 [ 26.263126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.263146] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.263170] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.263193] ? __kthread_parkme+0x82/0x180 [ 26.263215] ? preempt_count_sub+0x50/0x80 [ 26.263239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.263261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.263286] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.263311] kthread+0x337/0x6f0 [ 26.263331] ? trace_preempt_on+0x20/0xc0 [ 26.263355] ? __pfx_kthread+0x10/0x10 [ 26.263377] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.263398] ? calculate_sigpending+0x7b/0xa0 [ 26.263423] ? __pfx_kthread+0x10/0x10 [ 26.263444] ret_from_fork+0x116/0x1d0 [ 26.263463] ? __pfx_kthread+0x10/0x10 [ 26.263483] ret_from_fork_asm+0x1a/0x30 [ 26.263514] </TASK> [ 26.263526] [ 26.270981] Allocated by task 311: [ 26.271120] kasan_save_stack+0x45/0x70 [ 26.271295] kasan_save_track+0x18/0x40 [ 26.271464] kasan_save_alloc_info+0x3b/0x50 [ 26.271656] __kasan_kmalloc+0xb7/0xc0 [ 26.271857] __kmalloc_cache_noprof+0x189/0x420 [ 26.272012] kasan_bitops_generic+0x92/0x1c0 [ 26.272170] kunit_try_run_case+0x1a5/0x480 [ 26.272375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.272625] kthread+0x337/0x6f0 [ 26.272824] ret_from_fork+0x116/0x1d0 [ 26.272953] ret_from_fork_asm+0x1a/0x30 [ 26.273085] [ 26.273174] The buggy address belongs to the object at ffff8881058a8240 [ 26.273174] which belongs to the cache kmalloc-16 of size 16 [ 26.273712] The buggy address is located 8 bytes inside of [ 26.273712] allocated 9-byte region [ffff8881058a8240, ffff8881058a8249) [ 26.274171] [ 26.274262] The buggy address belongs to the physical page: [ 26.274487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a8 [ 26.274782] flags: 0x200000000000000(node=0|zone=2) [ 26.274936] page_type: f5(slab) [ 26.275047] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.275268] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.275563] page dumped because: kasan: bad access detected [ 26.275837] [ 26.275924] Memory state around the buggy address: [ 26.276137] ffff8881058a8100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.276445] ffff8881058a8180: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 26.276783] >ffff8881058a8200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.277080] ^ [ 26.277244] ffff8881058a8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.277448] ffff8881058a8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.277650] ================================================================== [ 26.158277] ================================================================== [ 26.158834] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 26.159334] Write of size 8 at addr ffff8881058a8248 by task kunit_try_catch/311 [ 26.159731] [ 26.159828] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc5-next-20250709 #1 PREEMPT(voluntary) [ 26.160149] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 26.160170] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.160194] Call Trace: [ 26.160209] <TASK> [ 26.160227] dump_stack_lvl+0x73/0xb0 [ 26.160260] print_report+0xd1/0x610 [ 26.160283] ? __virt_addr_valid+0x1db/0x2d0 [ 26.160307] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 26.160331] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.160357] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 26.160382] kasan_report+0x141/0x180 [ 26.160403] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 26.160433] kasan_check_range+0x10c/0x1c0 [ 26.160456] __kasan_check_write+0x18/0x20 [ 26.160478] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 26.160502] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.160527] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.160550] ? trace_hardirqs_on+0x37/0xe0 [ 26.160574] ? kasan_bitops_generic+0x92/0x1c0 [ 26.160600] kasan_bitops_generic+0x116/0x1c0 [ 26.160622] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.160646] ? __pfx_read_tsc+0x10/0x10 [ 26.160668] ? ktime_get_ts64+0x86/0x230 [ 26.160708] kunit_try_run_case+0x1a5/0x480 [ 26.160732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.160752] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.160776] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.160799] ? __kthread_parkme+0x82/0x180 [ 26.160843] ? preempt_count_sub+0x50/0x80 [ 26.160866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.160952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.160978] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.161002] kthread+0x337/0x6f0 [ 26.161022] ? trace_preempt_on+0x20/0xc0 [ 26.161043] ? __pfx_kthread+0x10/0x10 [ 26.161064] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.161087] ? calculate_sigpending+0x7b/0xa0 [ 26.161111] ? __pfx_kthread+0x10/0x10 [ 26.161133] ret_from_fork+0x116/0x1d0 [ 26.161151] ? __pfx_kthread+0x10/0x10 [ 26.161172] ret_from_fork_asm+0x1a/0x30 [ 26.161202] </TASK> [ 26.161213] [ 26.172447] Allocated by task 311: [ 26.172622] kasan_save_stack+0x45/0x70 [ 26.173078] kasan_save_track+0x18/0x40 [ 26.173340] kasan_save_alloc_info+0x3b/0x50 [ 26.173599] __kasan_kmalloc+0xb7/0xc0 [ 26.173865] __kmalloc_cache_noprof+0x189/0x420 [ 26.174272] kasan_bitops_generic+0x92/0x1c0 [ 26.174463] kunit_try_run_case+0x1a5/0x480 [ 26.174665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.175089] kthread+0x337/0x6f0 [ 26.175218] ret_from_fork+0x116/0x1d0 [ 26.175398] ret_from_fork_asm+0x1a/0x30 [ 26.175597] [ 26.175691] The buggy address belongs to the object at ffff8881058a8240 [ 26.175691] which belongs to the cache kmalloc-16 of size 16 [ 26.176247] The buggy address is located 8 bytes inside of [ 26.176247] allocated 9-byte region [ffff8881058a8240, ffff8881058a8249) [ 26.176654] [ 26.176757] The buggy address belongs to the physical page: [ 26.177108] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a8 [ 26.177384] flags: 0x200000000000000(node=0|zone=2) [ 26.177611] page_type: f5(slab) [ 26.177741] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.178233] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.178482] page dumped because: kasan: bad access detected [ 26.178732] [ 26.178873] Memory state around the buggy address: [ 26.179078] ffff8881058a8100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.179390] ffff8881058a8180: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 26.179635] >ffff8881058a8200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.179926] ^ [ 26.180399] ffff8881058a8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.180622] ffff8881058a8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.181155] ================================================================== [ 26.181581] ================================================================== [ 26.181906] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 26.182235] Write of size 8 at addr ffff8881058a8248 by task kunit_try_catch/311 [ 26.182569] [ 26.182669] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc5-next-20250709 #1 PREEMPT(voluntary) [ 26.182729] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 26.182743] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.182766] Call Trace: [ 26.182783] <TASK> [ 26.182801] dump_stack_lvl+0x73/0xb0 [ 26.182830] print_report+0xd1/0x610 [ 26.182852] ? __virt_addr_valid+0x1db/0x2d0 [ 26.182875] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 26.182900] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.182926] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 26.182951] kasan_report+0x141/0x180 [ 26.182972] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 26.183001] kasan_check_range+0x10c/0x1c0 [ 26.183024] __kasan_check_write+0x18/0x20 [ 26.183048] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 26.183073] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.183148] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.183172] ? trace_hardirqs_on+0x37/0xe0 [ 26.183194] ? kasan_bitops_generic+0x92/0x1c0 [ 26.183220] kasan_bitops_generic+0x116/0x1c0 [ 26.183243] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.183266] ? __pfx_read_tsc+0x10/0x10 [ 26.183287] ? ktime_get_ts64+0x86/0x230 [ 26.183312] kunit_try_run_case+0x1a5/0x480 [ 26.183334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.183353] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.183377] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.183400] ? __kthread_parkme+0x82/0x180 [ 26.183420] ? preempt_count_sub+0x50/0x80 [ 26.183444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.183465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.183489] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.183513] kthread+0x337/0x6f0 [ 26.183532] ? trace_preempt_on+0x20/0xc0 [ 26.183554] ? __pfx_kthread+0x10/0x10 [ 26.183574] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.183596] ? calculate_sigpending+0x7b/0xa0 [ 26.183619] ? __pfx_kthread+0x10/0x10 [ 26.183641] ret_from_fork+0x116/0x1d0 [ 26.183659] ? __pfx_kthread+0x10/0x10 [ 26.183680] ret_from_fork_asm+0x1a/0x30 [ 26.183722] </TASK> [ 26.183733] [ 26.194765] Allocated by task 311: [ 26.195214] kasan_save_stack+0x45/0x70 [ 26.195473] kasan_save_track+0x18/0x40 [ 26.195662] kasan_save_alloc_info+0x3b/0x50 [ 26.196081] __kasan_kmalloc+0xb7/0xc0 [ 26.196401] __kmalloc_cache_noprof+0x189/0x420 [ 26.196598] kasan_bitops_generic+0x92/0x1c0 [ 26.197040] kunit_try_run_case+0x1a5/0x480 [ 26.197291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.197705] kthread+0x337/0x6f0 [ 26.197993] ret_from_fork+0x116/0x1d0 [ 26.198174] ret_from_fork_asm+0x1a/0x30 [ 26.198353] [ 26.198434] The buggy address belongs to the object at ffff8881058a8240 [ 26.198434] which belongs to the cache kmalloc-16 of size 16 [ 26.199480] The buggy address is located 8 bytes inside of [ 26.199480] allocated 9-byte region [ffff8881058a8240, ffff8881058a8249) [ 26.200401] [ 26.200621] The buggy address belongs to the physical page: [ 26.201132] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058a8 [ 26.201569] flags: 0x200000000000000(node=0|zone=2) [ 26.201980] page_type: f5(slab) [ 26.202170] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.202445] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.202742] page dumped because: kasan: bad access detected [ 26.203230] [ 26.203322] Memory state around the buggy address: [ 26.203754] ffff8881058a8100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.204281] ffff8881058a8180: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 26.204752] >ffff8881058a8200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.205307] ^ [ 26.205540] ffff8881058a8280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.206033] ffff8881058a8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.206555] ==================================================================