Date
July 11, 2025, 10:11 a.m.
| Environment | |
|---|---|
| e850-96 | |
| qemu-arm64 | |
| qemu-x86_64 |
[ 59.575827] ================================================================== [ 59.582927] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 59.591085] Write of size 8 at addr ffff000800b19528 by task kunit_try_catch/345 [ 59.598463] [ 59.599946] CPU: 6 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250711 #1 PREEMPT [ 59.599998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 59.600014] Hardware name: WinLink E850-96 board (DT) [ 59.600034] Call trace: [ 59.600045] show_stack+0x20/0x38 (C) [ 59.600076] dump_stack_lvl+0x8c/0xd0 [ 59.600110] print_report+0x118/0x5d0 [ 59.600138] kasan_report+0xdc/0x128 [ 59.600165] kasan_check_range+0x100/0x1a8 [ 59.600196] __kasan_check_write+0x20/0x30 [ 59.600226] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 59.600261] kasan_bitops_generic+0x110/0x1c8 [ 59.600297] kunit_try_run_case+0x170/0x3f0 [ 59.600331] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.600362] kthread+0x328/0x630 [ 59.600391] ret_from_fork+0x10/0x20 [ 59.600426] [ 59.672854] Allocated by task 345: [ 59.676241] kasan_save_stack+0x3c/0x68 [ 59.680059] kasan_save_track+0x20/0x40 [ 59.683878] kasan_save_alloc_info+0x40/0x58 [ 59.688132] __kasan_kmalloc+0xd4/0xd8 [ 59.691864] __kmalloc_cache_noprof+0x16c/0x3c0 [ 59.696378] kasan_bitops_generic+0xa0/0x1c8 [ 59.700631] kunit_try_run_case+0x170/0x3f0 [ 59.704798] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.710267] kthread+0x328/0x630 [ 59.713478] ret_from_fork+0x10/0x20 [ 59.717037] [ 59.718514] The buggy address belongs to the object at ffff000800b19520 [ 59.718514] which belongs to the cache kmalloc-16 of size 16 [ 59.730840] The buggy address is located 8 bytes inside of [ 59.730840] allocated 9-byte region [ffff000800b19520, ffff000800b19529) [ 59.743079] [ 59.744556] The buggy address belongs to the physical page: [ 59.750112] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x880b19 [ 59.758099] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 59.764607] page_type: f5(slab) [ 59.767741] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 59.775464] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 59.783182] page dumped because: kasan: bad access detected [ 59.788737] [ 59.790213] Memory state around the buggy address: [ 59.794993] ffff000800b19400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 59.802196] ffff000800b19480: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 59.809402] >ffff000800b19500: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 59.816602] ^ [ 59.821119] ffff000800b19580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 59.828324] ffff000800b19600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 59.835527] ================================================================== [ 60.109849] ================================================================== [ 60.116949] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 60.125105] Read of size 8 at addr ffff000800b19528 by task kunit_try_catch/345 [ 60.132396] [ 60.133880] CPU: 6 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250711 #1 PREEMPT [ 60.133930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 60.133948] Hardware name: WinLink E850-96 board (DT) [ 60.133967] Call trace: [ 60.133980] show_stack+0x20/0x38 (C) [ 60.134012] dump_stack_lvl+0x8c/0xd0 [ 60.134045] print_report+0x118/0x5d0 [ 60.134074] kasan_report+0xdc/0x128 [ 60.134102] __asan_report_load8_noabort+0x20/0x30 [ 60.134135] kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 60.134170] kasan_bitops_generic+0x110/0x1c8 [ 60.134205] kunit_try_run_case+0x170/0x3f0 [ 60.134242] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.134274] kthread+0x328/0x630 [ 60.134302] ret_from_fork+0x10/0x20 [ 60.134335] [ 60.203402] Allocated by task 345: [ 60.206787] kasan_save_stack+0x3c/0x68 [ 60.210607] kasan_save_track+0x20/0x40 [ 60.214426] kasan_save_alloc_info+0x40/0x58 [ 60.218679] __kasan_kmalloc+0xd4/0xd8 [ 60.222412] __kmalloc_cache_noprof+0x16c/0x3c0 [ 60.226926] kasan_bitops_generic+0xa0/0x1c8 [ 60.231179] kunit_try_run_case+0x170/0x3f0 [ 60.235346] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.240814] kthread+0x328/0x630 [ 60.244026] ret_from_fork+0x10/0x20 [ 60.247585] [ 60.249062] The buggy address belongs to the object at ffff000800b19520 [ 60.249062] which belongs to the cache kmalloc-16 of size 16 [ 60.261387] The buggy address is located 8 bytes inside of [ 60.261387] allocated 9-byte region [ffff000800b19520, ffff000800b19529) [ 60.273626] [ 60.275104] The buggy address belongs to the physical page: [ 60.280662] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x880b19 [ 60.288646] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 60.295155] page_type: f5(slab) [ 60.298288] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 60.306011] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 60.313730] page dumped because: kasan: bad access detected [ 60.319285] [ 60.320761] Memory state around the buggy address: [ 60.325540] ffff000800b19400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 60.332744] ffff000800b19480: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 60.339950] >ffff000800b19500: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 60.347149] ^ [ 60.351667] ffff000800b19580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 60.358872] ffff000800b19600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 60.366073] ================================================================== [ 59.842838] ================================================================== [ 59.849938] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 59.858095] Write of size 8 at addr ffff000800b19528 by task kunit_try_catch/345 [ 59.865473] [ 59.866957] CPU: 6 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250711 #1 PREEMPT [ 59.867006] Tainted: [B]=BAD_PAGE, [N]=TEST [ 59.867022] Hardware name: WinLink E850-96 board (DT) [ 59.867044] Call trace: [ 59.867056] show_stack+0x20/0x38 (C) [ 59.867090] dump_stack_lvl+0x8c/0xd0 [ 59.867121] print_report+0x118/0x5d0 [ 59.867148] kasan_report+0xdc/0x128 [ 59.867175] kasan_check_range+0x100/0x1a8 [ 59.867203] __kasan_check_write+0x20/0x30 [ 59.867234] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 59.867271] kasan_bitops_generic+0x110/0x1c8 [ 59.867307] kunit_try_run_case+0x170/0x3f0 [ 59.867343] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.867377] kthread+0x328/0x630 [ 59.867404] ret_from_fork+0x10/0x20 [ 59.867439] [ 59.939864] Allocated by task 345: [ 59.943251] kasan_save_stack+0x3c/0x68 [ 59.947069] kasan_save_track+0x20/0x40 [ 59.950888] kasan_save_alloc_info+0x40/0x58 [ 59.955141] __kasan_kmalloc+0xd4/0xd8 [ 59.958874] __kmalloc_cache_noprof+0x16c/0x3c0 [ 59.963388] kasan_bitops_generic+0xa0/0x1c8 [ 59.967641] kunit_try_run_case+0x170/0x3f0 [ 59.971808] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.977276] kthread+0x328/0x630 [ 59.980488] ret_from_fork+0x10/0x20 [ 59.984047] [ 59.985523] The buggy address belongs to the object at ffff000800b19520 [ 59.985523] which belongs to the cache kmalloc-16 of size 16 [ 59.997850] The buggy address is located 8 bytes inside of [ 59.997850] allocated 9-byte region [ffff000800b19520, ffff000800b19529) [ 60.010088] [ 60.011566] The buggy address belongs to the physical page: [ 60.017122] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x880b19 [ 60.025108] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 60.031617] page_type: f5(slab) [ 60.034751] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 60.042473] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 60.050192] page dumped because: kasan: bad access detected [ 60.055748] [ 60.057223] Memory state around the buggy address: [ 60.062003] ffff000800b19400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 60.069206] ffff000800b19480: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 60.076412] >ffff000800b19500: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 60.083612] ^ [ 60.088129] ffff000800b19580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 60.095334] ffff000800b19600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 60.102535] ================================================================== [ 58.512551] ================================================================== [ 58.521834] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 58.529992] Write of size 8 at addr ffff000800b19528 by task kunit_try_catch/345 [ 58.537367] [ 58.538853] CPU: 2 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250711 #1 PREEMPT [ 58.538910] Tainted: [B]=BAD_PAGE, [N]=TEST [ 58.538930] Hardware name: WinLink E850-96 board (DT) [ 58.538952] Call trace: [ 58.538965] show_stack+0x20/0x38 (C) [ 58.539004] dump_stack_lvl+0x8c/0xd0 [ 58.539038] print_report+0x118/0x5d0 [ 58.539068] kasan_report+0xdc/0x128 [ 58.539096] kasan_check_range+0x100/0x1a8 [ 58.539128] __kasan_check_write+0x20/0x30 [ 58.539162] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 58.539199] kasan_bitops_generic+0x110/0x1c8 [ 58.539237] kunit_try_run_case+0x170/0x3f0 [ 58.539276] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.539310] kthread+0x328/0x630 [ 58.539339] ret_from_fork+0x10/0x20 [ 58.539376] [ 58.611759] Allocated by task 345: [ 58.615148] kasan_save_stack+0x3c/0x68 [ 58.618963] kasan_save_track+0x20/0x40 [ 58.622783] kasan_save_alloc_info+0x40/0x58 [ 58.627037] __kasan_kmalloc+0xd4/0xd8 [ 58.630769] __kmalloc_cache_noprof+0x16c/0x3c0 [ 58.635283] kasan_bitops_generic+0xa0/0x1c8 [ 58.639536] kunit_try_run_case+0x170/0x3f0 [ 58.643703] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.649173] kthread+0x328/0x630 [ 58.652383] ret_from_fork+0x10/0x20 [ 58.655943] [ 58.657420] The buggy address belongs to the object at ffff000800b19520 [ 58.657420] which belongs to the cache kmalloc-16 of size 16 [ 58.669745] The buggy address is located 8 bytes inside of [ 58.669745] allocated 9-byte region [ffff000800b19520, ffff000800b19529) [ 58.681985] [ 58.683463] The buggy address belongs to the physical page: [ 58.689019] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x880b19 [ 58.697003] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 58.703513] page_type: f5(slab) [ 58.706649] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 58.714368] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 58.722087] page dumped because: kasan: bad access detected [ 58.727642] [ 58.729118] Memory state around the buggy address: [ 58.733898] ffff000800b19400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 58.741101] ffff000800b19480: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 58.748308] >ffff000800b19500: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 58.755507] ^ [ 58.760024] ffff000800b19580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 58.767230] ffff000800b19600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 58.774431] ================================================================== [ 60.640394] ================================================================== [ 60.647494] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 60.655652] Write of size 8 at addr ffff000800b19528 by task kunit_try_catch/345 [ 60.663030] [ 60.664513] CPU: 6 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250711 #1 PREEMPT [ 60.664563] Tainted: [B]=BAD_PAGE, [N]=TEST [ 60.664580] Hardware name: WinLink E850-96 board (DT) [ 60.664597] Call trace: [ 60.664610] show_stack+0x20/0x38 (C) [ 60.664643] dump_stack_lvl+0x8c/0xd0 [ 60.664674] print_report+0x118/0x5d0 [ 60.664701] kasan_report+0xdc/0x128 [ 60.664731] kasan_check_range+0x100/0x1a8 [ 60.664760] __kasan_check_write+0x20/0x30 [ 60.664792] kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 60.664830] kasan_bitops_generic+0x110/0x1c8 [ 60.664865] kunit_try_run_case+0x170/0x3f0 [ 60.664901] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.664934] kthread+0x328/0x630 [ 60.664961] ret_from_fork+0x10/0x20 [ 60.664996] [ 60.737421] Allocated by task 345: [ 60.740806] kasan_save_stack+0x3c/0x68 [ 60.744626] kasan_save_track+0x20/0x40 [ 60.748446] kasan_save_alloc_info+0x40/0x58 [ 60.752699] __kasan_kmalloc+0xd4/0xd8 [ 60.756431] __kmalloc_cache_noprof+0x16c/0x3c0 [ 60.760947] kasan_bitops_generic+0xa0/0x1c8 [ 60.765198] kunit_try_run_case+0x170/0x3f0 [ 60.769365] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.774834] kthread+0x328/0x630 [ 60.778046] ret_from_fork+0x10/0x20 [ 60.781605] [ 60.783080] The buggy address belongs to the object at ffff000800b19520 [ 60.783080] which belongs to the cache kmalloc-16 of size 16 [ 60.795407] The buggy address is located 8 bytes inside of [ 60.795407] allocated 9-byte region [ffff000800b19520, ffff000800b19529) [ 60.807646] [ 60.809122] The buggy address belongs to the physical page: [ 60.814678] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x880b19 [ 60.822665] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 60.829175] page_type: f5(slab) [ 60.832308] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 60.840031] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 60.847750] page dumped because: kasan: bad access detected [ 60.853305] [ 60.854780] Memory state around the buggy address: [ 60.859560] ffff000800b19400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 60.866763] ffff000800b19480: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 60.873970] >ffff000800b19500: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 60.881169] ^ [ 60.885686] ffff000800b19580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 60.892892] ffff000800b19600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 60.900092] ================================================================== [ 59.312332] ================================================================== [ 59.319392] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 59.327547] Read of size 8 at addr ffff000800b19528 by task kunit_try_catch/345 [ 59.334838] [ 59.336323] CPU: 6 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250711 #1 PREEMPT [ 59.336375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 59.336391] Hardware name: WinLink E850-96 board (DT) [ 59.336412] Call trace: [ 59.336427] show_stack+0x20/0x38 (C) [ 59.336459] dump_stack_lvl+0x8c/0xd0 [ 59.336491] print_report+0x118/0x5d0 [ 59.336522] kasan_report+0xdc/0x128 [ 59.336550] __asan_report_load8_noabort+0x20/0x30 [ 59.336585] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 59.336622] kasan_bitops_generic+0x110/0x1c8 [ 59.336657] kunit_try_run_case+0x170/0x3f0 [ 59.336695] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.336729] kthread+0x328/0x630 [ 59.336758] ret_from_fork+0x10/0x20 [ 59.336793] [ 59.405844] Allocated by task 345: [ 59.409233] kasan_save_stack+0x3c/0x68 [ 59.413049] kasan_save_track+0x20/0x40 [ 59.416868] kasan_save_alloc_info+0x40/0x58 [ 59.421122] __kasan_kmalloc+0xd4/0xd8 [ 59.424854] __kmalloc_cache_noprof+0x16c/0x3c0 [ 59.429368] kasan_bitops_generic+0xa0/0x1c8 [ 59.433622] kunit_try_run_case+0x170/0x3f0 [ 59.437788] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.443258] kthread+0x328/0x630 [ 59.446468] ret_from_fork+0x10/0x20 [ 59.450028] [ 59.451505] The buggy address belongs to the object at ffff000800b19520 [ 59.451505] which belongs to the cache kmalloc-16 of size 16 [ 59.463830] The buggy address is located 8 bytes inside of [ 59.463830] allocated 9-byte region [ffff000800b19520, ffff000800b19529) [ 59.476069] [ 59.477546] The buggy address belongs to the physical page: [ 59.483102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x880b19 [ 59.491088] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 59.497598] page_type: f5(slab) [ 59.500731] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 59.508453] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 59.516172] page dumped because: kasan: bad access detected [ 59.521728] [ 59.523203] Memory state around the buggy address: [ 59.527983] ffff000800b19400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 59.535186] ffff000800b19480: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 59.542392] >ffff000800b19500: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 59.549592] ^ [ 59.554110] ffff000800b19580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 59.561316] ffff000800b19600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 59.568516] ================================================================== [ 60.373370] ================================================================== [ 60.380485] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 60.388642] Write of size 8 at addr ffff000800b19528 by task kunit_try_catch/345 [ 60.396020] [ 60.397504] CPU: 6 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250711 #1 PREEMPT [ 60.397557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 60.397573] Hardware name: WinLink E850-96 board (DT) [ 60.397595] Call trace: [ 60.397608] show_stack+0x20/0x38 (C) [ 60.397640] dump_stack_lvl+0x8c/0xd0 [ 60.397669] print_report+0x118/0x5d0 [ 60.397698] kasan_report+0xdc/0x128 [ 60.397728] kasan_check_range+0x100/0x1a8 [ 60.397761] __kasan_check_write+0x20/0x30 [ 60.397790] kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 60.397826] kasan_bitops_generic+0x110/0x1c8 [ 60.397859] kunit_try_run_case+0x170/0x3f0 [ 60.397895] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.397929] kthread+0x328/0x630 [ 60.397955] ret_from_fork+0x10/0x20 [ 60.397986] [ 60.470411] Allocated by task 345: [ 60.473797] kasan_save_stack+0x3c/0x68 [ 60.477616] kasan_save_track+0x20/0x40 [ 60.481436] kasan_save_alloc_info+0x40/0x58 [ 60.485689] __kasan_kmalloc+0xd4/0xd8 [ 60.489422] __kmalloc_cache_noprof+0x16c/0x3c0 [ 60.493935] kasan_bitops_generic+0xa0/0x1c8 [ 60.498189] kunit_try_run_case+0x170/0x3f0 [ 60.502356] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.507824] kthread+0x328/0x630 [ 60.511036] ret_from_fork+0x10/0x20 [ 60.514595] [ 60.516071] The buggy address belongs to the object at ffff000800b19520 [ 60.516071] which belongs to the cache kmalloc-16 of size 16 [ 60.528397] The buggy address is located 8 bytes inside of [ 60.528397] allocated 9-byte region [ffff000800b19520, ffff000800b19529) [ 60.540636] [ 60.542113] The buggy address belongs to the physical page: [ 60.547668] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x880b19 [ 60.555655] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 60.562164] page_type: f5(slab) [ 60.565299] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 60.573020] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 60.580740] page dumped because: kasan: bad access detected [ 60.586295] [ 60.587771] Memory state around the buggy address: [ 60.592550] ffff000800b19400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 60.599753] ffff000800b19480: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 60.606960] >ffff000800b19500: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 60.614159] ^ [ 60.618677] ffff000800b19580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 60.625882] ffff000800b19600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 60.633083] ================================================================== [ 58.781942] ================================================================== [ 58.788844] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 58.796999] Read of size 8 at addr ffff000800b19528 by task kunit_try_catch/345 [ 58.804290] [ 58.805775] CPU: 2 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250711 #1 PREEMPT [ 58.805832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 58.805849] Hardware name: WinLink E850-96 board (DT) [ 58.805871] Call trace: [ 58.805884] show_stack+0x20/0x38 (C) [ 58.805919] dump_stack_lvl+0x8c/0xd0 [ 58.805953] print_report+0x118/0x5d0 [ 58.805979] kasan_report+0xdc/0x128 [ 58.806007] __asan_report_load8_noabort+0x20/0x30 [ 58.806043] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 58.806080] kasan_bitops_generic+0x110/0x1c8 [ 58.806119] kunit_try_run_case+0x170/0x3f0 [ 58.806156] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.806190] kthread+0x328/0x630 [ 58.806221] ret_from_fork+0x10/0x20 [ 58.806255] [ 58.875297] Allocated by task 345: [ 58.878685] kasan_save_stack+0x3c/0x68 [ 58.882503] kasan_save_track+0x20/0x40 [ 58.886321] kasan_save_alloc_info+0x40/0x58 [ 58.890574] __kasan_kmalloc+0xd4/0xd8 [ 58.894307] __kmalloc_cache_noprof+0x16c/0x3c0 [ 58.898821] kasan_bitops_generic+0xa0/0x1c8 [ 58.903074] kunit_try_run_case+0x170/0x3f0 [ 58.907241] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.912711] kthread+0x328/0x630 [ 58.915921] ret_from_fork+0x10/0x20 [ 58.919480] [ 58.920957] The buggy address belongs to the object at ffff000800b19520 [ 58.920957] which belongs to the cache kmalloc-16 of size 16 [ 58.933283] The buggy address is located 8 bytes inside of [ 58.933283] allocated 9-byte region [ffff000800b19520, ffff000800b19529) [ 58.945521] [ 58.946999] The buggy address belongs to the physical page: [ 58.952555] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x880b19 [ 58.960541] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 58.967050] page_type: f5(slab) [ 58.970185] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 58.977906] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 58.985624] page dumped because: kasan: bad access detected [ 58.991180] [ 58.992655] Memory state around the buggy address: [ 58.997437] ffff000800b19400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 59.004639] ffff000800b19480: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 59.011846] >ffff000800b19500: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 59.019044] ^ [ 59.023562] ffff000800b19580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 59.030768] ffff000800b19600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 59.037968] ================================================================== [ 59.045415] ================================================================== [ 59.052381] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 59.060537] Write of size 8 at addr ffff000800b19528 by task kunit_try_catch/345 [ 59.067915] [ 59.069399] CPU: 6 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250711 #1 PREEMPT [ 59.069453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 59.069471] Hardware name: WinLink E850-96 board (DT) [ 59.069496] Call trace: [ 59.069510] show_stack+0x20/0x38 (C) [ 59.069548] dump_stack_lvl+0x8c/0xd0 [ 59.069582] print_report+0x118/0x5d0 [ 59.069613] kasan_report+0xdc/0x128 [ 59.069642] kasan_check_range+0x100/0x1a8 [ 59.069672] __kasan_check_write+0x20/0x30 [ 59.069708] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 59.069748] kasan_bitops_generic+0x110/0x1c8 [ 59.069784] kunit_try_run_case+0x170/0x3f0 [ 59.069823] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.069857] kthread+0x328/0x630 [ 59.069886] ret_from_fork+0x10/0x20 [ 59.069924] [ 59.142306] Allocated by task 345: [ 59.145695] kasan_save_stack+0x3c/0x68 [ 59.149511] kasan_save_track+0x20/0x40 [ 59.153331] kasan_save_alloc_info+0x40/0x58 [ 59.157584] __kasan_kmalloc+0xd4/0xd8 [ 59.161317] __kmalloc_cache_noprof+0x16c/0x3c0 [ 59.165830] kasan_bitops_generic+0xa0/0x1c8 [ 59.170083] kunit_try_run_case+0x170/0x3f0 [ 59.174252] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.179720] kthread+0x328/0x630 [ 59.182931] ret_from_fork+0x10/0x20 [ 59.186490] [ 59.187967] The buggy address belongs to the object at ffff000800b19520 [ 59.187967] which belongs to the cache kmalloc-16 of size 16 [ 59.200292] The buggy address is located 8 bytes inside of [ 59.200292] allocated 9-byte region [ffff000800b19520, ffff000800b19529) [ 59.212531] [ 59.214009] The buggy address belongs to the physical page: [ 59.219567] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x880b19 [ 59.227550] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 59.234060] page_type: f5(slab) [ 59.237194] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 59.244916] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 59.252634] page dumped because: kasan: bad access detected [ 59.258190] [ 59.259665] Memory state around the buggy address: [ 59.264447] ffff000800b19400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 59.271649] ffff000800b19480: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 59.278854] >ffff000800b19500: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 59.286054] ^ [ 59.290573] ffff000800b19580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 59.297778] ffff000800b19600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 59.304978] ================================================================== [ 60.907491] ================================================================== [ 60.914504] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 60.922662] Read of size 8 at addr ffff000800b19528 by task kunit_try_catch/345 [ 60.929953] [ 60.931436] CPU: 6 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250711 #1 PREEMPT [ 60.931485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 60.931501] Hardware name: WinLink E850-96 board (DT) [ 60.931521] Call trace: [ 60.931533] show_stack+0x20/0x38 (C) [ 60.931565] dump_stack_lvl+0x8c/0xd0 [ 60.931598] print_report+0x118/0x5d0 [ 60.931627] kasan_report+0xdc/0x128 [ 60.931654] __asan_report_load8_noabort+0x20/0x30 [ 60.931687] kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 60.931724] kasan_bitops_generic+0x110/0x1c8 [ 60.931759] kunit_try_run_case+0x170/0x3f0 [ 60.931793] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.931826] kthread+0x328/0x630 [ 60.931855] ret_from_fork+0x10/0x20 [ 60.931888] [ 61.000959] Allocated by task 345: [ 61.004345] kasan_save_stack+0x3c/0x68 [ 61.008164] kasan_save_track+0x20/0x40 [ 61.011983] kasan_save_alloc_info+0x40/0x58 [ 61.016237] __kasan_kmalloc+0xd4/0xd8 [ 61.019969] __kmalloc_cache_noprof+0x16c/0x3c0 [ 61.024483] kasan_bitops_generic+0xa0/0x1c8 [ 61.028737] kunit_try_run_case+0x170/0x3f0 [ 61.032903] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 61.038372] kthread+0x328/0x630 [ 61.041583] ret_from_fork+0x10/0x20 [ 61.045143] [ 61.046618] The buggy address belongs to the object at ffff000800b19520 [ 61.046618] which belongs to the cache kmalloc-16 of size 16 [ 61.058945] The buggy address is located 8 bytes inside of [ 61.058945] allocated 9-byte region [ffff000800b19520, ffff000800b19529) [ 61.071184] [ 61.072659] The buggy address belongs to the physical page: [ 61.078217] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x880b19 [ 61.086203] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 61.092711] page_type: f5(slab) [ 61.095846] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 61.103568] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 61.111287] page dumped because: kasan: bad access detected [ 61.116843] [ 61.118318] Memory state around the buggy address: [ 61.123098] ffff000800b19400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 61.130301] ffff000800b19480: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 61.137506] >ffff000800b19500: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 61.144707] ^ [ 61.149224] ffff000800b19580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 61.156429] ffff000800b19600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 61.163630] ==================================================================
[ 32.735381] ================================================================== [ 32.735996] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 32.736406] dump_stack_lvl+0x8c/0xd0 [ 32.736718] kunit_try_run_case+0x170/0x3f0 [ 32.736950] Allocated by task 292: [ 32.737149] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.737860] The buggy address belongs to the object at fff00000c63ef120 [ 32.737860] which belongs to the cache kmalloc-16 of size 16 [ 32.740457] ^ [ 32.741313] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 32.742448] [ 32.742669] show_stack+0x20/0x38 (C) [ 32.743067] kunit_try_run_case+0x170/0x3f0 [ 32.743536] kasan_bitops_generic+0xa0/0x1c8 [ 32.743735] [ 32.744081] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 32.748779] ==================================================================
[ 26.078588] ================================================================== [ 26.078942] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 26.079545] Write of size 8 at addr ffff888104c83b88 by task kunit_try_catch/311 [ 26.079945] [ 26.080071] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250711 #1 PREEMPT(voluntary) [ 26.080134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.080147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.080170] Call Trace: [ 26.080184] <TASK> [ 26.080213] dump_stack_lvl+0x73/0xb0 [ 26.080245] print_report+0xd1/0x610 [ 26.080285] ? __virt_addr_valid+0x1db/0x2d0 [ 26.080311] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 26.080343] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.080368] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 26.080393] kasan_report+0x141/0x180 [ 26.080433] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 26.080462] kasan_check_range+0x10c/0x1c0 [ 26.080493] __kasan_check_write+0x18/0x20 [ 26.080516] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 26.080542] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.080579] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.080603] ? trace_hardirqs_on+0x37/0xe0 [ 26.080626] ? kasan_bitops_generic+0x92/0x1c0 [ 26.080664] kasan_bitops_generic+0x116/0x1c0 [ 26.080687] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.080721] ? __pfx_read_tsc+0x10/0x10 [ 26.080751] ? ktime_get_ts64+0x86/0x230 [ 26.080777] kunit_try_run_case+0x1a5/0x480 [ 26.080811] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.080832] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.080856] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.080890] ? __kthread_parkme+0x82/0x180 [ 26.080912] ? preempt_count_sub+0x50/0x80 [ 26.080936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.080957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.080991] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.081016] kthread+0x337/0x6f0 [ 26.081036] ? trace_preempt_on+0x20/0xc0 [ 26.081069] ? __pfx_kthread+0x10/0x10 [ 26.081091] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.081113] ? calculate_sigpending+0x7b/0xa0 [ 26.081139] ? __pfx_kthread+0x10/0x10 [ 26.081160] ret_from_fork+0x116/0x1d0 [ 26.081179] ? __pfx_kthread+0x10/0x10 [ 26.081200] ret_from_fork_asm+0x1a/0x30 [ 26.081231] </TASK> [ 26.081243] [ 26.088974] Allocated by task 311: [ 26.089159] kasan_save_stack+0x45/0x70 [ 26.089344] kasan_save_track+0x18/0x40 [ 26.089568] kasan_save_alloc_info+0x3b/0x50 [ 26.089792] __kasan_kmalloc+0xb7/0xc0 [ 26.089971] __kmalloc_cache_noprof+0x189/0x420 [ 26.090175] kasan_bitops_generic+0x92/0x1c0 [ 26.090389] kunit_try_run_case+0x1a5/0x480 [ 26.090602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.090847] kthread+0x337/0x6f0 [ 26.091024] ret_from_fork+0x116/0x1d0 [ 26.091188] ret_from_fork_asm+0x1a/0x30 [ 26.091385] [ 26.091487] The buggy address belongs to the object at ffff888104c83b80 [ 26.091487] which belongs to the cache kmalloc-16 of size 16 [ 26.091851] The buggy address is located 8 bytes inside of [ 26.091851] allocated 9-byte region [ffff888104c83b80, ffff888104c83b89) [ 26.092191] [ 26.092259] The buggy address belongs to the physical page: [ 26.092516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104c83 [ 26.092868] flags: 0x200000000000000(node=0|zone=2) [ 26.093107] page_type: f5(slab) [ 26.093272] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.093654] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.093994] page dumped because: kasan: bad access detected [ 26.094223] [ 26.094331] Memory state around the buggy address: [ 26.094573] ffff888104c83a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.094805] ffff888104c83b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.095012] >ffff888104c83b80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.095216] ^ [ 26.095331] ffff888104c83c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.095623] ffff888104c83c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.095964] ================================================================== [ 25.880532] ================================================================== [ 25.880980] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 25.881390] Write of size 8 at addr ffff888104c83b88 by task kunit_try_catch/311 [ 25.881795] [ 25.881920] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250711 #1 PREEMPT(voluntary) [ 25.881979] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.881993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.882016] Call Trace: [ 25.882030] <TASK> [ 25.882051] dump_stack_lvl+0x73/0xb0 [ 25.882084] print_report+0xd1/0x610 [ 25.882107] ? __virt_addr_valid+0x1db/0x2d0 [ 25.882132] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 25.882158] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.882184] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 25.882210] kasan_report+0x141/0x180 [ 25.882232] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 25.882262] kasan_check_range+0x10c/0x1c0 [ 25.882331] __kasan_check_write+0x18/0x20 [ 25.882355] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 25.882380] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 25.882406] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.882433] ? trace_hardirqs_on+0x37/0xe0 [ 25.882456] ? kasan_bitops_generic+0x92/0x1c0 [ 25.882483] kasan_bitops_generic+0x116/0x1c0 [ 25.882507] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.882532] ? __pfx_read_tsc+0x10/0x10 [ 25.882554] ? ktime_get_ts64+0x86/0x230 [ 25.882581] kunit_try_run_case+0x1a5/0x480 [ 25.882603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.882623] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.882648] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.882670] ? __kthread_parkme+0x82/0x180 [ 25.882692] ? preempt_count_sub+0x50/0x80 [ 25.882716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.882749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.882774] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.882798] kthread+0x337/0x6f0 [ 25.882818] ? trace_preempt_on+0x20/0xc0 [ 25.882843] ? __pfx_kthread+0x10/0x10 [ 25.882865] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.882887] ? calculate_sigpending+0x7b/0xa0 [ 25.882912] ? __pfx_kthread+0x10/0x10 [ 25.882933] ret_from_fork+0x116/0x1d0 [ 25.882952] ? __pfx_kthread+0x10/0x10 [ 25.882973] ret_from_fork_asm+0x1a/0x30 [ 25.883004] </TASK> [ 25.883017] [ 25.891299] Allocated by task 311: [ 25.891440] kasan_save_stack+0x45/0x70 [ 25.891703] kasan_save_track+0x18/0x40 [ 25.891908] kasan_save_alloc_info+0x3b/0x50 [ 25.892072] __kasan_kmalloc+0xb7/0xc0 [ 25.892198] __kmalloc_cache_noprof+0x189/0x420 [ 25.892405] kasan_bitops_generic+0x92/0x1c0 [ 25.892693] kunit_try_run_case+0x1a5/0x480 [ 25.892922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.893156] kthread+0x337/0x6f0 [ 25.893381] ret_from_fork+0x116/0x1d0 [ 25.893568] ret_from_fork_asm+0x1a/0x30 [ 25.893747] [ 25.893824] The buggy address belongs to the object at ffff888104c83b80 [ 25.893824] which belongs to the cache kmalloc-16 of size 16 [ 25.894201] The buggy address is located 8 bytes inside of [ 25.894201] allocated 9-byte region [ffff888104c83b80, ffff888104c83b89) [ 25.894912] [ 25.894984] The buggy address belongs to the physical page: [ 25.895152] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104c83 [ 25.895623] flags: 0x200000000000000(node=0|zone=2) [ 25.895872] page_type: f5(slab) [ 25.896038] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.896581] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.896864] page dumped because: kasan: bad access detected [ 25.897030] [ 25.897093] Memory state around the buggy address: [ 25.897268] ffff888104c83a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.897894] ffff888104c83b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.898218] >ffff888104c83b80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.898623] ^ [ 25.898768] ffff888104c83c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.899002] ffff888104c83c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.899306] ================================================================== [ 25.930671] ================================================================== [ 25.931179] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 25.932709] Write of size 8 at addr ffff888104c83b88 by task kunit_try_catch/311 [ 25.933247] [ 25.933629] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250711 #1 PREEMPT(voluntary) [ 25.933691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.933704] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.933728] Call Trace: [ 25.933864] <TASK> [ 25.933885] dump_stack_lvl+0x73/0xb0 [ 25.933924] print_report+0xd1/0x610 [ 25.933951] ? __virt_addr_valid+0x1db/0x2d0 [ 25.933977] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 25.934003] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.934029] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 25.934054] kasan_report+0x141/0x180 [ 25.934076] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 25.934105] kasan_check_range+0x10c/0x1c0 [ 25.934128] __kasan_check_write+0x18/0x20 [ 25.934151] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 25.934176] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 25.934201] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.934226] ? trace_hardirqs_on+0x37/0xe0 [ 25.934250] ? kasan_bitops_generic+0x92/0x1c0 [ 25.934340] kasan_bitops_generic+0x116/0x1c0 [ 25.934366] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.934391] ? __pfx_read_tsc+0x10/0x10 [ 25.934413] ? ktime_get_ts64+0x86/0x230 [ 25.934440] kunit_try_run_case+0x1a5/0x480 [ 25.934464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.934485] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.934509] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.934532] ? __kthread_parkme+0x82/0x180 [ 25.934554] ? preempt_count_sub+0x50/0x80 [ 25.934578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.934600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.934626] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.934651] kthread+0x337/0x6f0 [ 25.934671] ? trace_preempt_on+0x20/0xc0 [ 25.934694] ? __pfx_kthread+0x10/0x10 [ 25.934715] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.934751] ? calculate_sigpending+0x7b/0xa0 [ 25.934775] ? __pfx_kthread+0x10/0x10 [ 25.934796] ret_from_fork+0x116/0x1d0 [ 25.934815] ? __pfx_kthread+0x10/0x10 [ 25.934835] ret_from_fork_asm+0x1a/0x30 [ 25.934865] </TASK> [ 25.934877] [ 25.951674] Allocated by task 311: [ 25.951829] kasan_save_stack+0x45/0x70 [ 25.951984] kasan_save_track+0x18/0x40 [ 25.952112] kasan_save_alloc_info+0x3b/0x50 [ 25.952256] __kasan_kmalloc+0xb7/0xc0 [ 25.952386] __kmalloc_cache_noprof+0x189/0x420 [ 25.953383] kasan_bitops_generic+0x92/0x1c0 [ 25.953894] kunit_try_run_case+0x1a5/0x480 [ 25.954351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.954953] kthread+0x337/0x6f0 [ 25.955256] ret_from_fork+0x116/0x1d0 [ 25.955687] ret_from_fork_asm+0x1a/0x30 [ 25.956080] [ 25.956260] The buggy address belongs to the object at ffff888104c83b80 [ 25.956260] which belongs to the cache kmalloc-16 of size 16 [ 25.957486] The buggy address is located 8 bytes inside of [ 25.957486] allocated 9-byte region [ffff888104c83b80, ffff888104c83b89) [ 25.958133] [ 25.958209] The buggy address belongs to the physical page: [ 25.958715] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104c83 [ 25.959685] flags: 0x200000000000000(node=0|zone=2) [ 25.960196] page_type: f5(slab) [ 25.960711] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.961082] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.961453] page dumped because: kasan: bad access detected [ 25.961986] [ 25.962159] Memory state around the buggy address: [ 25.962701] ffff888104c83a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.963433] ffff888104c83b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.963907] >ffff888104c83b80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.964234] ^ [ 25.964359] ffff888104c83c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.965197] ffff888104c83c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.966071] ================================================================== [ 25.996174] ================================================================== [ 25.996405] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 25.996648] Write of size 8 at addr ffff888104c83b88 by task kunit_try_catch/311 [ 25.997222] [ 25.997393] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250711 #1 PREEMPT(voluntary) [ 25.997454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.997467] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.997491] Call Trace: [ 25.997511] <TASK> [ 25.997527] dump_stack_lvl+0x73/0xb0 [ 25.997557] print_report+0xd1/0x610 [ 25.997582] ? __virt_addr_valid+0x1db/0x2d0 [ 25.997609] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 25.997636] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.997662] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 25.997687] kasan_report+0x141/0x180 [ 25.997709] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 25.997748] kasan_check_range+0x10c/0x1c0 [ 25.997772] __kasan_check_write+0x18/0x20 [ 25.997795] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 25.997821] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 25.997848] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.997874] ? trace_hardirqs_on+0x37/0xe0 [ 25.997896] ? kasan_bitops_generic+0x92/0x1c0 [ 25.997922] kasan_bitops_generic+0x116/0x1c0 [ 25.997947] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.997971] ? __pfx_read_tsc+0x10/0x10 [ 25.997994] ? ktime_get_ts64+0x86/0x230 [ 25.998019] kunit_try_run_case+0x1a5/0x480 [ 25.998041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.998060] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.998084] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.998108] ? __kthread_parkme+0x82/0x180 [ 25.998129] ? preempt_count_sub+0x50/0x80 [ 25.998153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.998174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.998199] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.998224] kthread+0x337/0x6f0 [ 25.998243] ? trace_preempt_on+0x20/0xc0 [ 25.998265] ? __pfx_kthread+0x10/0x10 [ 25.998285] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.998307] ? calculate_sigpending+0x7b/0xa0 [ 25.998331] ? __pfx_kthread+0x10/0x10 [ 25.998353] ret_from_fork+0x116/0x1d0 [ 25.998371] ? __pfx_kthread+0x10/0x10 [ 25.998392] ret_from_fork_asm+0x1a/0x30 [ 25.998422] </TASK> [ 25.998433] [ 26.016445] Allocated by task 311: [ 26.016765] kasan_save_stack+0x45/0x70 [ 26.017139] kasan_save_track+0x18/0x40 [ 26.017540] kasan_save_alloc_info+0x3b/0x50 [ 26.017944] __kasan_kmalloc+0xb7/0xc0 [ 26.018147] __kmalloc_cache_noprof+0x189/0x420 [ 26.018599] kasan_bitops_generic+0x92/0x1c0 [ 26.019003] kunit_try_run_case+0x1a5/0x480 [ 26.019156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.019327] kthread+0x337/0x6f0 [ 26.019441] ret_from_fork+0x116/0x1d0 [ 26.019566] ret_from_fork_asm+0x1a/0x30 [ 26.019698] [ 26.019807] The buggy address belongs to the object at ffff888104c83b80 [ 26.019807] which belongs to the cache kmalloc-16 of size 16 [ 26.020446] The buggy address is located 8 bytes inside of [ 26.020446] allocated 9-byte region [ffff888104c83b80, ffff888104c83b89) [ 26.021591] [ 26.021666] The buggy address belongs to the physical page: [ 26.021845] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104c83 [ 26.022080] flags: 0x200000000000000(node=0|zone=2) [ 26.022239] page_type: f5(slab) [ 26.022691] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.023315] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.023980] page dumped because: kasan: bad access detected [ 26.024404] [ 26.024566] Memory state around the buggy address: [ 26.024801] ffff888104c83a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.025414] ffff888104c83b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.025629] >ffff888104c83b80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.025847] ^ [ 26.025964] ffff888104c83c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.026172] ffff888104c83c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.026635] ================================================================== [ 25.966980] ================================================================== [ 25.967469] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 25.967927] Write of size 8 at addr ffff888104c83b88 by task kunit_try_catch/311 [ 25.968228] [ 25.968411] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250711 #1 PREEMPT(voluntary) [ 25.968643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.968660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.968685] Call Trace: [ 25.968707] <TASK> [ 25.968749] dump_stack_lvl+0x73/0xb0 [ 25.968784] print_report+0xd1/0x610 [ 25.968813] ? __virt_addr_valid+0x1db/0x2d0 [ 25.968839] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 25.968864] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.968890] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 25.968915] kasan_report+0x141/0x180 [ 25.968936] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 25.968965] kasan_check_range+0x10c/0x1c0 [ 25.968989] __kasan_check_write+0x18/0x20 [ 25.969013] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 25.969038] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 25.969063] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.969087] ? trace_hardirqs_on+0x37/0xe0 [ 25.969110] ? kasan_bitops_generic+0x92/0x1c0 [ 25.969137] kasan_bitops_generic+0x116/0x1c0 [ 25.969160] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.969184] ? __pfx_read_tsc+0x10/0x10 [ 25.969206] ? ktime_get_ts64+0x86/0x230 [ 25.969231] kunit_try_run_case+0x1a5/0x480 [ 25.969253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.969323] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.969351] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.969375] ? __kthread_parkme+0x82/0x180 [ 25.969396] ? preempt_count_sub+0x50/0x80 [ 25.969427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.969449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.969475] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.969501] kthread+0x337/0x6f0 [ 25.969522] ? trace_preempt_on+0x20/0xc0 [ 25.969543] ? __pfx_kthread+0x10/0x10 [ 25.969564] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.969585] ? calculate_sigpending+0x7b/0xa0 [ 25.969611] ? __pfx_kthread+0x10/0x10 [ 25.969632] ret_from_fork+0x116/0x1d0 [ 25.969652] ? __pfx_kthread+0x10/0x10 [ 25.969672] ret_from_fork_asm+0x1a/0x30 [ 25.969702] </TASK> [ 25.969714] [ 25.983694] Allocated by task 311: [ 25.983836] kasan_save_stack+0x45/0x70 [ 25.983980] kasan_save_track+0x18/0x40 [ 25.984106] kasan_save_alloc_info+0x3b/0x50 [ 25.984246] __kasan_kmalloc+0xb7/0xc0 [ 25.984653] __kmalloc_cache_noprof+0x189/0x420 [ 25.985076] kasan_bitops_generic+0x92/0x1c0 [ 25.985532] kunit_try_run_case+0x1a5/0x480 [ 25.986098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.986630] kthread+0x337/0x6f0 [ 25.987089] ret_from_fork+0x116/0x1d0 [ 25.987532] ret_from_fork_asm+0x1a/0x30 [ 25.987928] [ 25.988098] The buggy address belongs to the object at ffff888104c83b80 [ 25.988098] which belongs to the cache kmalloc-16 of size 16 [ 25.989507] The buggy address is located 8 bytes inside of [ 25.989507] allocated 9-byte region [ffff888104c83b80, ffff888104c83b89) [ 25.990187] [ 25.990333] The buggy address belongs to the physical page: [ 25.990829] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104c83 [ 25.991509] flags: 0x200000000000000(node=0|zone=2) [ 25.991962] page_type: f5(slab) [ 25.992211] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.992939] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.993338] page dumped because: kasan: bad access detected [ 25.994017] [ 25.994171] Memory state around the buggy address: [ 25.994616] ffff888104c83a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.994841] ffff888104c83b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.995046] >ffff888104c83b80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.995248] ^ [ 25.995362] ffff888104c83c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.995567] ffff888104c83c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.995782] ================================================================== [ 25.899761] ================================================================== [ 25.900100] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 25.900597] Write of size 8 at addr ffff888104c83b88 by task kunit_try_catch/311 [ 25.901267] [ 25.901632] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250711 #1 PREEMPT(voluntary) [ 25.901690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.901703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.901726] Call Trace: [ 25.901761] <TASK> [ 25.901779] dump_stack_lvl+0x73/0xb0 [ 25.901810] print_report+0xd1/0x610 [ 25.901832] ? __virt_addr_valid+0x1db/0x2d0 [ 25.901857] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 25.901882] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.901907] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 25.901932] kasan_report+0x141/0x180 [ 25.901954] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 25.901984] kasan_check_range+0x10c/0x1c0 [ 25.902007] __kasan_check_write+0x18/0x20 [ 25.902030] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 25.902055] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 25.902082] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.902106] ? trace_hardirqs_on+0x37/0xe0 [ 25.902130] ? kasan_bitops_generic+0x92/0x1c0 [ 25.902156] kasan_bitops_generic+0x116/0x1c0 [ 25.902180] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.902204] ? __pfx_read_tsc+0x10/0x10 [ 25.902227] ? ktime_get_ts64+0x86/0x230 [ 25.902252] kunit_try_run_case+0x1a5/0x480 [ 25.902275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.902296] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.902321] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.902344] ? __kthread_parkme+0x82/0x180 [ 25.902366] ? preempt_count_sub+0x50/0x80 [ 25.902390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.902412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.902585] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.902611] kthread+0x337/0x6f0 [ 25.902630] ? trace_preempt_on+0x20/0xc0 [ 25.902654] ? __pfx_kthread+0x10/0x10 [ 25.902675] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.902697] ? calculate_sigpending+0x7b/0xa0 [ 25.902722] ? __pfx_kthread+0x10/0x10 [ 25.902754] ret_from_fork+0x116/0x1d0 [ 25.902772] ? __pfx_kthread+0x10/0x10 [ 25.902794] ret_from_fork_asm+0x1a/0x30 [ 25.902824] </TASK> [ 25.902836] [ 25.911097] Allocated by task 311: [ 25.911329] kasan_save_stack+0x45/0x70 [ 25.911556] kasan_save_track+0x18/0x40 [ 25.911749] kasan_save_alloc_info+0x3b/0x50 [ 25.911890] __kasan_kmalloc+0xb7/0xc0 [ 25.912015] __kmalloc_cache_noprof+0x189/0x420 [ 25.912199] kasan_bitops_generic+0x92/0x1c0 [ 25.912600] kunit_try_run_case+0x1a5/0x480 [ 25.912964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.913176] kthread+0x337/0x6f0 [ 25.913421] ret_from_fork+0x116/0x1d0 [ 25.913588] ret_from_fork_asm+0x1a/0x30 [ 25.913782] [ 25.913854] The buggy address belongs to the object at ffff888104c83b80 [ 25.913854] which belongs to the cache kmalloc-16 of size 16 [ 25.914351] The buggy address is located 8 bytes inside of [ 25.914351] allocated 9-byte region [ffff888104c83b80, ffff888104c83b89) [ 25.914946] [ 25.915016] The buggy address belongs to the physical page: [ 25.915182] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104c83 [ 25.915415] flags: 0x200000000000000(node=0|zone=2) [ 25.915618] page_type: f5(slab) [ 25.915792] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.920518] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.921810] page dumped because: kasan: bad access detected [ 25.923364] [ 25.924349] Memory state around the buggy address: [ 25.925168] ffff888104c83a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.926229] ffff888104c83b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.926457] >ffff888104c83b80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.926658] ^ [ 25.926878] ffff888104c83c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.927849] ffff888104c83c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.928960] ================================================================== [ 26.027590] ================================================================== [ 26.027991] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 26.028744] Write of size 8 at addr ffff888104c83b88 by task kunit_try_catch/311 [ 26.029175] [ 26.029279] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250711 #1 PREEMPT(voluntary) [ 26.029332] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.029344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.029411] Call Trace: [ 26.029435] <TASK> [ 26.029469] dump_stack_lvl+0x73/0xb0 [ 26.029509] print_report+0xd1/0x610 [ 26.029532] ? __virt_addr_valid+0x1db/0x2d0 [ 26.029557] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 26.029592] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.029618] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 26.029643] kasan_report+0x141/0x180 [ 26.029676] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 26.029706] kasan_check_range+0x10c/0x1c0 [ 26.029740] __kasan_check_write+0x18/0x20 [ 26.029762] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 26.029789] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.029815] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.029838] ? trace_hardirqs_on+0x37/0xe0 [ 26.029862] ? kasan_bitops_generic+0x92/0x1c0 [ 26.029889] kasan_bitops_generic+0x116/0x1c0 [ 26.029912] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.029946] ? __pfx_read_tsc+0x10/0x10 [ 26.029968] ? ktime_get_ts64+0x86/0x230 [ 26.029993] kunit_try_run_case+0x1a5/0x480 [ 26.030025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.030046] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.030069] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.030093] ? __kthread_parkme+0x82/0x180 [ 26.030113] ? preempt_count_sub+0x50/0x80 [ 26.030137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.030168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.030193] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.030219] kthread+0x337/0x6f0 [ 26.030248] ? trace_preempt_on+0x20/0xc0 [ 26.030471] ? __pfx_kthread+0x10/0x10 [ 26.030507] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.030531] ? calculate_sigpending+0x7b/0xa0 [ 26.030555] ? __pfx_kthread+0x10/0x10 [ 26.030577] ret_from_fork+0x116/0x1d0 [ 26.030596] ? __pfx_kthread+0x10/0x10 [ 26.030618] ret_from_fork_asm+0x1a/0x30 [ 26.030649] </TASK> [ 26.030661] [ 26.045001] Allocated by task 311: [ 26.045324] kasan_save_stack+0x45/0x70 [ 26.045824] kasan_save_track+0x18/0x40 [ 26.046201] kasan_save_alloc_info+0x3b/0x50 [ 26.046854] __kasan_kmalloc+0xb7/0xc0 [ 26.047236] __kmalloc_cache_noprof+0x189/0x420 [ 26.048285] kasan_bitops_generic+0x92/0x1c0 [ 26.048707] kunit_try_run_case+0x1a5/0x480 [ 26.049386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.049847] kthread+0x337/0x6f0 [ 26.049968] ret_from_fork+0x116/0x1d0 [ 26.050094] ret_from_fork_asm+0x1a/0x30 [ 26.050226] [ 26.050473] The buggy address belongs to the object at ffff888104c83b80 [ 26.050473] which belongs to the cache kmalloc-16 of size 16 [ 26.051751] The buggy address is located 8 bytes inside of [ 26.051751] allocated 9-byte region [ffff888104c83b80, ffff888104c83b89) [ 26.052989] [ 26.053216] The buggy address belongs to the physical page: [ 26.053703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104c83 [ 26.053955] flags: 0x200000000000000(node=0|zone=2) [ 26.054115] page_type: f5(slab) [ 26.054232] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.054470] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.055058] page dumped because: kasan: bad access detected [ 26.055389] [ 26.055476] Memory state around the buggy address: [ 26.055713] ffff888104c83a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.056005] ffff888104c83b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.056338] >ffff888104c83b80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.056680] ^ [ 26.056867] ffff888104c83c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.057170] ffff888104c83c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.057446] ================================================================== [ 26.058043] ================================================================== [ 26.058402] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 26.058811] Write of size 8 at addr ffff888104c83b88 by task kunit_try_catch/311 [ 26.059112] [ 26.059222] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250711 #1 PREEMPT(voluntary) [ 26.059274] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.059287] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.059311] Call Trace: [ 26.059332] <TASK> [ 26.059353] dump_stack_lvl+0x73/0xb0 [ 26.059381] print_report+0xd1/0x610 [ 26.059403] ? __virt_addr_valid+0x1db/0x2d0 [ 26.059631] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 26.059667] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.059708] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 26.059744] kasan_report+0x141/0x180 [ 26.059767] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 26.059819] kasan_check_range+0x10c/0x1c0 [ 26.059842] __kasan_check_write+0x18/0x20 [ 26.059864] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 26.059900] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.059926] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.059950] ? trace_hardirqs_on+0x37/0xe0 [ 26.059973] ? kasan_bitops_generic+0x92/0x1c0 [ 26.059999] kasan_bitops_generic+0x116/0x1c0 [ 26.060022] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.060048] ? __pfx_read_tsc+0x10/0x10 [ 26.060070] ? ktime_get_ts64+0x86/0x230 [ 26.060095] kunit_try_run_case+0x1a5/0x480 [ 26.060118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.060137] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.060162] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.060186] ? __kthread_parkme+0x82/0x180 [ 26.060209] ? preempt_count_sub+0x50/0x80 [ 26.060233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.060264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.060350] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.060375] kthread+0x337/0x6f0 [ 26.060395] ? trace_preempt_on+0x20/0xc0 [ 26.060417] ? __pfx_kthread+0x10/0x10 [ 26.060439] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.060492] ? calculate_sigpending+0x7b/0xa0 [ 26.060519] ? __pfx_kthread+0x10/0x10 [ 26.060553] ret_from_fork+0x116/0x1d0 [ 26.060573] ? __pfx_kthread+0x10/0x10 [ 26.060593] ret_from_fork_asm+0x1a/0x30 [ 26.060624] </TASK> [ 26.060636] [ 26.069439] Allocated by task 311: [ 26.069672] kasan_save_stack+0x45/0x70 [ 26.069878] kasan_save_track+0x18/0x40 [ 26.070080] kasan_save_alloc_info+0x3b/0x50 [ 26.070323] __kasan_kmalloc+0xb7/0xc0 [ 26.070548] __kmalloc_cache_noprof+0x189/0x420 [ 26.070775] kasan_bitops_generic+0x92/0x1c0 [ 26.070956] kunit_try_run_case+0x1a5/0x480 [ 26.071136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.071471] kthread+0x337/0x6f0 [ 26.071681] ret_from_fork+0x116/0x1d0 [ 26.071827] ret_from_fork_asm+0x1a/0x30 [ 26.071965] [ 26.072035] The buggy address belongs to the object at ffff888104c83b80 [ 26.072035] which belongs to the cache kmalloc-16 of size 16 [ 26.072476] The buggy address is located 8 bytes inside of [ 26.072476] allocated 9-byte region [ffff888104c83b80, ffff888104c83b89) [ 26.073384] [ 26.073509] The buggy address belongs to the physical page: [ 26.073755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104c83 [ 26.074062] flags: 0x200000000000000(node=0|zone=2) [ 26.074230] page_type: f5(slab) [ 26.074354] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 26.074581] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.074933] page dumped because: kasan: bad access detected [ 26.075227] [ 26.075322] Memory state around the buggy address: [ 26.075720] ffff888104c83a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.076089] ffff888104c83b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.076525] >ffff888104c83b80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.076868] ^ [ 26.076987] ffff888104c83c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.077193] ffff888104c83c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.077763] ==================================================================