Date
July 14, 2025, 10:38 a.m.
| Environment | |
|---|---|
| e850-96 | |
| qemu-arm64 | |
| qemu-x86_64 |
[ 59.616494] ================================================================== [ 59.623530] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 59.631688] Read of size 8 at addr ffff000806e5df48 by task kunit_try_catch/345 [ 59.638979] [ 59.640461] CPU: 4 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250714 #1 PREEMPT [ 59.640508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 59.640524] Hardware name: WinLink E850-96 board (DT) [ 59.640544] Call trace: [ 59.640556] show_stack+0x20/0x38 (C) [ 59.640591] dump_stack_lvl+0x8c/0xd0 [ 59.640623] print_report+0x118/0x5d0 [ 59.640652] kasan_report+0xdc/0x128 [ 59.640681] __asan_report_load8_noabort+0x20/0x30 [ 59.640713] kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 59.640750] kasan_bitops_generic+0x110/0x1c8 [ 59.640786] kunit_try_run_case+0x170/0x3f0 [ 59.640820] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.640853] kthread+0x328/0x630 [ 59.640881] ret_from_fork+0x10/0x20 [ 59.640911] [ 59.709985] Allocated by task 345: [ 59.713372] kasan_save_stack+0x3c/0x68 [ 59.717190] kasan_save_track+0x20/0x40 [ 59.721010] kasan_save_alloc_info+0x40/0x58 [ 59.725263] __kasan_kmalloc+0xd4/0xd8 [ 59.728996] __kmalloc_cache_noprof+0x16c/0x3c0 [ 59.733509] kasan_bitops_generic+0xa0/0x1c8 [ 59.737763] kunit_try_run_case+0x170/0x3f0 [ 59.741929] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.747398] kthread+0x328/0x630 [ 59.750610] ret_from_fork+0x10/0x20 [ 59.754169] [ 59.755644] The buggy address belongs to the object at ffff000806e5df40 [ 59.755644] which belongs to the cache kmalloc-16 of size 16 [ 59.767971] The buggy address is located 8 bytes inside of [ 59.767971] allocated 9-byte region [ffff000806e5df40, ffff000806e5df49) [ 59.780210] [ 59.781686] The buggy address belongs to the physical page: [ 59.787244] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886e5d [ 59.795227] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 59.801737] page_type: f5(slab) [ 59.804870] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 59.812595] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 59.820314] page dumped because: kasan: bad access detected [ 59.825869] [ 59.827345] Memory state around the buggy address: [ 59.832123] ffff000806e5de00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 59.839327] ffff000806e5de80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 59.846532] >ffff000806e5df00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 59.853733] ^ [ 59.859292] ffff000806e5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 59.866497] ffff000806e5e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 59.873698] ================================================================== [ 59.348420] ================================================================== [ 59.355480] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 59.363637] Write of size 8 at addr ffff000806e5df48 by task kunit_try_catch/345 [ 59.371015] [ 59.372495] CPU: 4 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250714 #1 PREEMPT [ 59.372543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 59.372561] Hardware name: WinLink E850-96 board (DT) [ 59.372580] Call trace: [ 59.372593] show_stack+0x20/0x38 (C) [ 59.372630] dump_stack_lvl+0x8c/0xd0 [ 59.372662] print_report+0x118/0x5d0 [ 59.372691] kasan_report+0xdc/0x128 [ 59.372720] kasan_check_range+0x100/0x1a8 [ 59.372749] __kasan_check_write+0x20/0x30 [ 59.372779] kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 59.372817] kasan_bitops_generic+0x110/0x1c8 [ 59.372852] kunit_try_run_case+0x170/0x3f0 [ 59.372885] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.372917] kthread+0x328/0x630 [ 59.372945] ret_from_fork+0x10/0x20 [ 59.372977] [ 59.445406] Allocated by task 345: [ 59.448793] kasan_save_stack+0x3c/0x68 [ 59.452611] kasan_save_track+0x20/0x40 [ 59.456430] kasan_save_alloc_info+0x40/0x58 [ 59.460684] __kasan_kmalloc+0xd4/0xd8 [ 59.464416] __kmalloc_cache_noprof+0x16c/0x3c0 [ 59.468930] kasan_bitops_generic+0xa0/0x1c8 [ 59.473183] kunit_try_run_case+0x170/0x3f0 [ 59.477350] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.482819] kthread+0x328/0x630 [ 59.486031] ret_from_fork+0x10/0x20 [ 59.489590] [ 59.491065] The buggy address belongs to the object at ffff000806e5df40 [ 59.491065] which belongs to the cache kmalloc-16 of size 16 [ 59.503392] The buggy address is located 8 bytes inside of [ 59.503392] allocated 9-byte region [ffff000806e5df40, ffff000806e5df49) [ 59.515631] [ 59.517106] The buggy address belongs to the physical page: [ 59.522663] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886e5d [ 59.530650] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 59.537158] page_type: f5(slab) [ 59.540291] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 59.548015] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 59.555735] page dumped because: kasan: bad access detected [ 59.561290] [ 59.562765] Memory state around the buggy address: [ 59.567543] ffff000806e5de00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 59.574748] ffff000806e5de80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 59.581953] >ffff000806e5df00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 59.589154] ^ [ 59.594713] ffff000806e5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 59.601918] ffff000806e5e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 59.609119] ================================================================== [ 58.547673] ================================================================== [ 58.554796] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 58.562954] Write of size 8 at addr ffff000806e5df48 by task kunit_try_catch/345 [ 58.570333] [ 58.571815] CPU: 4 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250714 #1 PREEMPT [ 58.571861] Tainted: [B]=BAD_PAGE, [N]=TEST [ 58.571877] Hardware name: WinLink E850-96 board (DT) [ 58.571896] Call trace: [ 58.571912] show_stack+0x20/0x38 (C) [ 58.571945] dump_stack_lvl+0x8c/0xd0 [ 58.571979] print_report+0x118/0x5d0 [ 58.572007] kasan_report+0xdc/0x128 [ 58.572036] kasan_check_range+0x100/0x1a8 [ 58.572067] __kasan_check_write+0x20/0x30 [ 58.572097] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 58.572133] kasan_bitops_generic+0x110/0x1c8 [ 58.572168] kunit_try_run_case+0x170/0x3f0 [ 58.572202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.572234] kthread+0x328/0x630 [ 58.572264] ret_from_fork+0x10/0x20 [ 58.572295] [ 58.644724] Allocated by task 345: [ 58.648111] kasan_save_stack+0x3c/0x68 [ 58.651928] kasan_save_track+0x20/0x40 [ 58.655748] kasan_save_alloc_info+0x40/0x58 [ 58.660001] __kasan_kmalloc+0xd4/0xd8 [ 58.663734] __kmalloc_cache_noprof+0x16c/0x3c0 [ 58.668248] kasan_bitops_generic+0xa0/0x1c8 [ 58.672501] kunit_try_run_case+0x170/0x3f0 [ 58.676667] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.682136] kthread+0x328/0x630 [ 58.685348] ret_from_fork+0x10/0x20 [ 58.688907] [ 58.690383] The buggy address belongs to the object at ffff000806e5df40 [ 58.690383] which belongs to the cache kmalloc-16 of size 16 [ 58.702709] The buggy address is located 8 bytes inside of [ 58.702709] allocated 9-byte region [ffff000806e5df40, ffff000806e5df49) [ 58.714948] [ 58.716424] The buggy address belongs to the physical page: [ 58.721980] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886e5d [ 58.729969] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 58.736476] page_type: f5(slab) [ 58.739609] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 58.747333] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 58.755052] page dumped because: kasan: bad access detected [ 58.760607] [ 58.762083] Memory state around the buggy address: [ 58.766861] ffff000806e5de00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 58.774066] ffff000806e5de80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 58.781270] >ffff000806e5df00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 58.788472] ^ [ 58.794030] ffff000806e5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 58.801236] ffff000806e5e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 58.808437] ================================================================== [ 58.815737] ================================================================== [ 58.822848] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 58.831006] Read of size 8 at addr ffff000806e5df48 by task kunit_try_catch/345 [ 58.838297] [ 58.839778] CPU: 4 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250714 #1 PREEMPT [ 58.839829] Tainted: [B]=BAD_PAGE, [N]=TEST [ 58.839846] Hardware name: WinLink E850-96 board (DT) [ 58.839867] Call trace: [ 58.839880] show_stack+0x20/0x38 (C) [ 58.839915] dump_stack_lvl+0x8c/0xd0 [ 58.839947] print_report+0x118/0x5d0 [ 58.839973] kasan_report+0xdc/0x128 [ 58.840000] __asan_report_load8_noabort+0x20/0x30 [ 58.840035] kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 58.840074] kasan_bitops_generic+0x110/0x1c8 [ 58.840109] kunit_try_run_case+0x170/0x3f0 [ 58.840141] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.840175] kthread+0x328/0x630 [ 58.840204] ret_from_fork+0x10/0x20 [ 58.840238] [ 58.909303] Allocated by task 345: [ 58.912690] kasan_save_stack+0x3c/0x68 [ 58.916508] kasan_save_track+0x20/0x40 [ 58.920327] kasan_save_alloc_info+0x40/0x58 [ 58.924581] __kasan_kmalloc+0xd4/0xd8 [ 58.928313] __kmalloc_cache_noprof+0x16c/0x3c0 [ 58.932827] kasan_bitops_generic+0xa0/0x1c8 [ 58.937080] kunit_try_run_case+0x170/0x3f0 [ 58.941247] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.946716] kthread+0x328/0x630 [ 58.949927] ret_from_fork+0x10/0x20 [ 58.953487] [ 58.954962] The buggy address belongs to the object at ffff000806e5df40 [ 58.954962] which belongs to the cache kmalloc-16 of size 16 [ 58.967289] The buggy address is located 8 bytes inside of [ 58.967289] allocated 9-byte region [ffff000806e5df40, ffff000806e5df49) [ 58.979528] [ 58.981004] The buggy address belongs to the physical page: [ 58.986560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886e5d [ 58.994548] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 59.001055] page_type: f5(slab) [ 59.004188] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 59.011912] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 59.019631] page dumped because: kasan: bad access detected [ 59.025187] [ 59.026662] Memory state around the buggy address: [ 59.031441] ffff000806e5de00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 59.038645] ffff000806e5de80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 59.045850] >ffff000806e5df00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 59.053051] ^ [ 59.058610] ffff000806e5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 59.065815] ffff000806e5e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 59.073016] ================================================================== [ 58.279634] ================================================================== [ 58.286746] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 58.294903] Write of size 8 at addr ffff000806e5df48 by task kunit_try_catch/345 [ 58.302281] [ 58.303763] CPU: 4 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250714 #1 PREEMPT [ 58.303816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 58.303833] Hardware name: WinLink E850-96 board (DT) [ 58.303853] Call trace: [ 58.303865] show_stack+0x20/0x38 (C) [ 58.303900] dump_stack_lvl+0x8c/0xd0 [ 58.303933] print_report+0x118/0x5d0 [ 58.303961] kasan_report+0xdc/0x128 [ 58.303990] kasan_check_range+0x100/0x1a8 [ 58.304020] __kasan_check_write+0x20/0x30 [ 58.304051] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 58.304089] kasan_bitops_generic+0x110/0x1c8 [ 58.304122] kunit_try_run_case+0x170/0x3f0 [ 58.304157] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.304191] kthread+0x328/0x630 [ 58.304220] ret_from_fork+0x10/0x20 [ 58.304251] [ 58.376673] Allocated by task 345: [ 58.380059] kasan_save_stack+0x3c/0x68 [ 58.383877] kasan_save_track+0x20/0x40 [ 58.387697] kasan_save_alloc_info+0x40/0x58 [ 58.391950] __kasan_kmalloc+0xd4/0xd8 [ 58.395682] __kmalloc_cache_noprof+0x16c/0x3c0 [ 58.400196] kasan_bitops_generic+0xa0/0x1c8 [ 58.404449] kunit_try_run_case+0x170/0x3f0 [ 58.408616] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.414085] kthread+0x328/0x630 [ 58.417297] ret_from_fork+0x10/0x20 [ 58.420856] [ 58.422331] The buggy address belongs to the object at ffff000806e5df40 [ 58.422331] which belongs to the cache kmalloc-16 of size 16 [ 58.434658] The buggy address is located 8 bytes inside of [ 58.434658] allocated 9-byte region [ffff000806e5df40, ffff000806e5df49) [ 58.446897] [ 58.448373] The buggy address belongs to the physical page: [ 58.453928] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886e5d [ 58.461916] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 58.468424] page_type: f5(slab) [ 58.471559] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 58.479282] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 58.487000] page dumped because: kasan: bad access detected [ 58.492556] [ 58.494031] Memory state around the buggy address: [ 58.498810] ffff000806e5de00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 58.506014] ffff000806e5de80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 58.513219] >ffff000806e5df00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 58.520420] ^ [ 58.525979] ffff000806e5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 58.533184] ffff000806e5e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 58.540385] ================================================================== [ 59.080421] ================================================================== [ 59.087427] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 59.095585] Write of size 8 at addr ffff000806e5df48 by task kunit_try_catch/345 [ 59.102963] [ 59.104445] CPU: 4 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250714 #1 PREEMPT [ 59.104493] Tainted: [B]=BAD_PAGE, [N]=TEST [ 59.104509] Hardware name: WinLink E850-96 board (DT) [ 59.104529] Call trace: [ 59.104543] show_stack+0x20/0x38 (C) [ 59.104577] dump_stack_lvl+0x8c/0xd0 [ 59.104612] print_report+0x118/0x5d0 [ 59.104641] kasan_report+0xdc/0x128 [ 59.104669] kasan_check_range+0x100/0x1a8 [ 59.104698] __kasan_check_write+0x20/0x30 [ 59.104729] kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 59.104766] kasan_bitops_generic+0x110/0x1c8 [ 59.104800] kunit_try_run_case+0x170/0x3f0 [ 59.104833] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.104866] kthread+0x328/0x630 [ 59.104895] ret_from_fork+0x10/0x20 [ 59.104928] [ 59.177355] Allocated by task 345: [ 59.180742] kasan_save_stack+0x3c/0x68 [ 59.184560] kasan_save_track+0x20/0x40 [ 59.188379] kasan_save_alloc_info+0x40/0x58 [ 59.192632] __kasan_kmalloc+0xd4/0xd8 [ 59.196365] __kmalloc_cache_noprof+0x16c/0x3c0 [ 59.200879] kasan_bitops_generic+0xa0/0x1c8 [ 59.205132] kunit_try_run_case+0x170/0x3f0 [ 59.209298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.214767] kthread+0x328/0x630 [ 59.217979] ret_from_fork+0x10/0x20 [ 59.221538] [ 59.223014] The buggy address belongs to the object at ffff000806e5df40 [ 59.223014] which belongs to the cache kmalloc-16 of size 16 [ 59.235340] The buggy address is located 8 bytes inside of [ 59.235340] allocated 9-byte region [ffff000806e5df40, ffff000806e5df49) [ 59.247579] [ 59.249056] The buggy address belongs to the physical page: [ 59.254611] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886e5d [ 59.262598] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 59.269107] page_type: f5(slab) [ 59.272240] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 59.279964] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 59.287683] page dumped because: kasan: bad access detected [ 59.293238] [ 59.294714] Memory state around the buggy address: [ 59.299492] ffff000806e5de00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 59.306696] ffff000806e5de80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 59.313901] >ffff000806e5df00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 59.321103] ^ [ 59.326662] ffff000806e5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 59.333866] ffff000806e5e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 59.341067] ================================================================== [ 57.482511] ================================================================== [ 57.489537] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 57.497692] Read of size 8 at addr ffff000806e5df48 by task kunit_try_catch/345 [ 57.504984] [ 57.506470] CPU: 4 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250714 #1 PREEMPT [ 57.506531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 57.506550] Hardware name: WinLink E850-96 board (DT) [ 57.506571] Call trace: [ 57.506584] show_stack+0x20/0x38 (C) [ 57.506619] dump_stack_lvl+0x8c/0xd0 [ 57.506654] print_report+0x118/0x5d0 [ 57.506681] kasan_report+0xdc/0x128 [ 57.506708] __asan_report_load8_noabort+0x20/0x30 [ 57.506745] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 57.506783] kasan_bitops_generic+0x110/0x1c8 [ 57.506818] kunit_try_run_case+0x170/0x3f0 [ 57.506855] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 57.506889] kthread+0x328/0x630 [ 57.506920] ret_from_fork+0x10/0x20 [ 57.506954] [ 57.575991] Allocated by task 345: [ 57.579377] kasan_save_stack+0x3c/0x68 [ 57.583194] kasan_save_track+0x20/0x40 [ 57.587014] kasan_save_alloc_info+0x40/0x58 [ 57.591267] __kasan_kmalloc+0xd4/0xd8 [ 57.595000] __kmalloc_cache_noprof+0x16c/0x3c0 [ 57.599514] kasan_bitops_generic+0xa0/0x1c8 [ 57.603767] kunit_try_run_case+0x170/0x3f0 [ 57.607934] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 57.613402] kthread+0x328/0x630 [ 57.616614] ret_from_fork+0x10/0x20 [ 57.620173] [ 57.621650] The buggy address belongs to the object at ffff000806e5df40 [ 57.621650] which belongs to the cache kmalloc-16 of size 16 [ 57.633975] The buggy address is located 8 bytes inside of [ 57.633975] allocated 9-byte region [ffff000806e5df40, ffff000806e5df49) [ 57.646214] [ 57.647693] The buggy address belongs to the physical page: [ 57.653248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886e5d [ 57.661235] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 57.667742] page_type: f5(slab) [ 57.670878] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 57.678599] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 57.686318] page dumped because: kasan: bad access detected [ 57.691873] [ 57.693349] Memory state around the buggy address: [ 57.698127] ffff000806e5de00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 57.705332] ffff000806e5de80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 57.712538] >ffff000806e5df00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 57.719738] ^ [ 57.725297] ffff000806e5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 57.732503] ffff000806e5e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 57.739703] ================================================================== [ 57.747013] ================================================================== [ 57.754113] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 57.762272] Write of size 8 at addr ffff000806e5df48 by task kunit_try_catch/345 [ 57.769650] [ 57.771134] CPU: 4 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250714 #1 PREEMPT [ 57.771190] Tainted: [B]=BAD_PAGE, [N]=TEST [ 57.771210] Hardware name: WinLink E850-96 board (DT) [ 57.771227] Call trace: [ 57.771241] show_stack+0x20/0x38 (C) [ 57.771275] dump_stack_lvl+0x8c/0xd0 [ 57.771310] print_report+0x118/0x5d0 [ 57.771340] kasan_report+0xdc/0x128 [ 57.771367] kasan_check_range+0x100/0x1a8 [ 57.771399] __kasan_check_write+0x20/0x30 [ 57.771431] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 57.771467] kasan_bitops_generic+0x110/0x1c8 [ 57.771502] kunit_try_run_case+0x170/0x3f0 [ 57.771538] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 57.771572] kthread+0x328/0x630 [ 57.771601] ret_from_fork+0x10/0x20 [ 57.771634] [ 57.844041] Allocated by task 345: [ 57.847428] kasan_save_stack+0x3c/0x68 [ 57.851246] kasan_save_track+0x20/0x40 [ 57.855066] kasan_save_alloc_info+0x40/0x58 [ 57.859319] __kasan_kmalloc+0xd4/0xd8 [ 57.863051] __kmalloc_cache_noprof+0x16c/0x3c0 [ 57.867565] kasan_bitops_generic+0xa0/0x1c8 [ 57.871819] kunit_try_run_case+0x170/0x3f0 [ 57.875985] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 57.881454] kthread+0x328/0x630 [ 57.884666] ret_from_fork+0x10/0x20 [ 57.888225] [ 57.889701] The buggy address belongs to the object at ffff000806e5df40 [ 57.889701] which belongs to the cache kmalloc-16 of size 16 [ 57.902027] The buggy address is located 8 bytes inside of [ 57.902027] allocated 9-byte region [ffff000806e5df40, ffff000806e5df49) [ 57.914266] [ 57.915743] The buggy address belongs to the physical page: [ 57.921299] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886e5d [ 57.929286] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 57.935793] page_type: f5(slab) [ 57.938928] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 57.946651] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 57.954370] page dumped because: kasan: bad access detected [ 57.959925] [ 57.961401] Memory state around the buggy address: [ 57.966179] ffff000806e5de00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 57.973383] ffff000806e5de80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 57.980591] >ffff000806e5df00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 57.987789] ^ [ 57.993348] ffff000806e5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 58.000553] ffff000806e5e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 58.007754] ================================================================== [ 58.015050] ================================================================== [ 58.022165] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 58.030323] Read of size 8 at addr ffff000806e5df48 by task kunit_try_catch/345 [ 58.037614] [ 58.039098] CPU: 4 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250714 #1 PREEMPT [ 58.039153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 58.039172] Hardware name: WinLink E850-96 board (DT) [ 58.039191] Call trace: [ 58.039204] show_stack+0x20/0x38 (C) [ 58.039243] dump_stack_lvl+0x8c/0xd0 [ 58.039278] print_report+0x118/0x5d0 [ 58.039307] kasan_report+0xdc/0x128 [ 58.039334] __asan_report_load8_noabort+0x20/0x30 [ 58.039368] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 58.039405] kasan_bitops_generic+0x110/0x1c8 [ 58.039440] kunit_try_run_case+0x170/0x3f0 [ 58.039475] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.039509] kthread+0x328/0x630 [ 58.039537] ret_from_fork+0x10/0x20 [ 58.039567] [ 58.108621] Allocated by task 345: [ 58.112007] kasan_save_stack+0x3c/0x68 [ 58.115825] kasan_save_track+0x20/0x40 [ 58.119645] kasan_save_alloc_info+0x40/0x58 [ 58.123898] __kasan_kmalloc+0xd4/0xd8 [ 58.127631] __kmalloc_cache_noprof+0x16c/0x3c0 [ 58.132145] kasan_bitops_generic+0xa0/0x1c8 [ 58.136398] kunit_try_run_case+0x170/0x3f0 [ 58.140565] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.146033] kthread+0x328/0x630 [ 58.149245] ret_from_fork+0x10/0x20 [ 58.152804] [ 58.154280] The buggy address belongs to the object at ffff000806e5df40 [ 58.154280] which belongs to the cache kmalloc-16 of size 16 [ 58.166606] The buggy address is located 8 bytes inside of [ 58.166606] allocated 9-byte region [ffff000806e5df40, ffff000806e5df49) [ 58.178845] [ 58.180321] The buggy address belongs to the physical page: [ 58.185879] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886e5d [ 58.193865] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 58.200373] page_type: f5(slab) [ 58.203507] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 58.211230] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 58.218949] page dumped because: kasan: bad access detected [ 58.224504] [ 58.225980] Memory state around the buggy address: [ 58.230758] ffff000806e5de00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 58.237963] ffff000806e5de80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 58.245168] >ffff000806e5df00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 58.252368] ^ [ 58.257928] ffff000806e5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 58.265132] ffff000806e5e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 58.272334] ================================================================== [ 57.211887] ================================================================== [ 57.221485] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 57.229642] Write of size 8 at addr ffff000806e5df48 by task kunit_try_catch/345 [ 57.237019] [ 57.238507] CPU: 4 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250714 #1 PREEMPT [ 57.238566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 57.238586] Hardware name: WinLink E850-96 board (DT) [ 57.238609] Call trace: [ 57.238624] show_stack+0x20/0x38 (C) [ 57.238664] dump_stack_lvl+0x8c/0xd0 [ 57.238698] print_report+0x118/0x5d0 [ 57.238729] kasan_report+0xdc/0x128 [ 57.238757] kasan_check_range+0x100/0x1a8 [ 57.238791] __kasan_check_write+0x20/0x30 [ 57.238822] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 57.238858] kasan_bitops_generic+0x110/0x1c8 [ 57.238894] kunit_try_run_case+0x170/0x3f0 [ 57.238935] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 57.238970] kthread+0x328/0x630 [ 57.239001] ret_from_fork+0x10/0x20 [ 57.239037] [ 57.311412] Allocated by task 345: [ 57.314799] kasan_save_stack+0x3c/0x68 [ 57.318615] kasan_save_track+0x20/0x40 [ 57.322435] kasan_save_alloc_info+0x40/0x58 [ 57.326688] __kasan_kmalloc+0xd4/0xd8 [ 57.330422] __kmalloc_cache_noprof+0x16c/0x3c0 [ 57.334935] kasan_bitops_generic+0xa0/0x1c8 [ 57.339188] kunit_try_run_case+0x170/0x3f0 [ 57.343354] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 57.348823] kthread+0x328/0x630 [ 57.352035] ret_from_fork+0x10/0x20 [ 57.355594] [ 57.357072] The buggy address belongs to the object at ffff000806e5df40 [ 57.357072] which belongs to the cache kmalloc-16 of size 16 [ 57.369399] The buggy address is located 8 bytes inside of [ 57.369399] allocated 9-byte region [ffff000806e5df40, ffff000806e5df49) [ 57.381635] [ 57.383114] The buggy address belongs to the physical page: [ 57.388671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886e5d [ 57.396655] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 57.403164] page_type: f5(slab) [ 57.406300] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 57.414020] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 57.421740] page dumped because: kasan: bad access detected [ 57.427294] [ 57.428769] Memory state around the buggy address: [ 57.433551] ffff000806e5de00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 57.440753] ffff000806e5de80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 57.447959] >ffff000806e5df00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 57.455158] ^ [ 57.460718] ffff000806e5df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 57.467923] ffff000806e5e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 57.475124] ==================================================================
[ 32.023967] ================================================================== [ 32.024032] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 32.024528] Write of size 8 at addr fff00000c64c1b48 by task kunit_try_catch/292 [ 32.024604] [ 32.024644] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250714 #1 PREEMPT [ 32.025083] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.025217] Hardware name: linux,dummy-virt (DT) [ 32.025254] Call trace: [ 32.025297] show_stack+0x20/0x38 (C) [ 32.025729] dump_stack_lvl+0x8c/0xd0 [ 32.025837] print_report+0x118/0x5d0 [ 32.025988] kasan_report+0xdc/0x128 [ 32.026064] kasan_check_range+0x100/0x1a8 [ 32.026207] __kasan_check_write+0x20/0x30 [ 32.026296] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 32.026372] kasan_bitops_generic+0x110/0x1c8 [ 32.026689] kunit_try_run_case+0x170/0x3f0 [ 32.026804] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.026923] kthread+0x328/0x630 [ 32.027005] ret_from_fork+0x10/0x20 [ 32.027076] [ 32.027099] Allocated by task 292: [ 32.027142] kasan_save_stack+0x3c/0x68 [ 32.027202] kasan_save_track+0x20/0x40 [ 32.027247] kasan_save_alloc_info+0x40/0x58 [ 32.027288] __kasan_kmalloc+0xd4/0xd8 [ 32.027747] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.027835] kasan_bitops_generic+0xa0/0x1c8 [ 32.028156] kunit_try_run_case+0x170/0x3f0 [ 32.028298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.028395] kthread+0x328/0x630 [ 32.028451] ret_from_fork+0x10/0x20 [ 32.028735] [ 32.028821] The buggy address belongs to the object at fff00000c64c1b40 [ 32.028821] which belongs to the cache kmalloc-16 of size 16 [ 32.028949] The buggy address is located 8 bytes inside of [ 32.028949] allocated 9-byte region [fff00000c64c1b40, fff00000c64c1b49) [ 32.029306] [ 32.029359] The buggy address belongs to the physical page: [ 32.029449] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xfff00000c64c1a40 pfn:0x1064c1 [ 32.029683] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.029881] page_type: f5(slab) [ 32.029956] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 32.030248] raw: fff00000c64c1a40 000000008080007f 00000000f5000000 0000000000000000 [ 32.030552] page dumped because: kasan: bad access detected [ 32.030681] [ 32.030749] Memory state around the buggy address: [ 32.030863] fff00000c64c1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 32.030959] fff00000c64c1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 32.031122] >fff00000c64c1b00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 32.031179] ^ [ 32.031342] fff00000c64c1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.031553] fff00000c64c1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.031653] ================================================================== [ 32.055799] ================================================================== [ 32.055930] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 32.055984] Write of size 8 at addr fff00000c64c1b48 by task kunit_try_catch/292 [ 32.056036] [ 32.056082] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250714 #1 PREEMPT [ 32.056167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.056312] Hardware name: linux,dummy-virt (DT) [ 32.056694] Call trace: [ 32.056922] show_stack+0x20/0x38 (C) [ 32.057114] dump_stack_lvl+0x8c/0xd0 [ 32.057239] print_report+0x118/0x5d0 [ 32.057629] kasan_report+0xdc/0x128 [ 32.057763] kasan_check_range+0x100/0x1a8 [ 32.057954] __kasan_check_write+0x20/0x30 [ 32.058115] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 32.058235] kasan_bitops_generic+0x110/0x1c8 [ 32.058490] kunit_try_run_case+0x170/0x3f0 [ 32.058780] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.058904] kthread+0x328/0x630 [ 32.059029] ret_from_fork+0x10/0x20 [ 32.059210] [ 32.059233] Allocated by task 292: [ 32.059468] kasan_save_stack+0x3c/0x68 [ 32.059568] kasan_save_track+0x20/0x40 [ 32.059723] kasan_save_alloc_info+0x40/0x58 [ 32.059929] __kasan_kmalloc+0xd4/0xd8 [ 32.060099] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.060227] kasan_bitops_generic+0xa0/0x1c8 [ 32.060902] [ 32.062421] page_type: f5(slab) [ 32.062767] page dumped because: kasan: bad access detected [ 32.063668] ^ [ 32.065448] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 32.066380] show_stack+0x20/0x38 (C) [ 32.066643] kasan_check_range+0x100/0x1a8 [ 32.067446] kthread+0x328/0x630 [ 32.068209] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.068428] kthread+0x328/0x630 [ 32.068891] [ 32.069704] The buggy address is located 8 bytes inside of [ 32.069704] allocated 9-byte region [fff00000c64c1b40, fff00000c64c1b49) [ 32.070996] fff00000c64c1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 32.072808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.073229] Call trace: [ 32.073298] show_stack+0x20/0x38 (C) [ 32.074182] kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 32.075489] Allocated by task 292: [ 32.076464] kasan_bitops_generic+0xa0/0x1c8 [ 32.076909] kthread+0x328/0x630 [ 32.077572] The buggy address is located 8 bytes inside of [ 32.077572] allocated 9-byte region [fff00000c64c1b40, fff00000c64c1b49) [ 32.078967] fff00000c64c1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 32.080088] ================================================================== [ 32.048918] ================================================================== [ 32.048971] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 32.049474] Read of size 8 at addr fff00000c64c1b48 by task kunit_try_catch/292 [ 32.049546] [ 32.049823] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250714 #1 PREEMPT [ 32.049927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.050024] Hardware name: linux,dummy-virt (DT) [ 32.050116] Call trace: [ 32.050461] show_stack+0x20/0x38 (C) [ 32.050571] dump_stack_lvl+0x8c/0xd0 [ 32.050692] print_report+0x118/0x5d0 [ 32.050744] kasan_report+0xdc/0x128 [ 32.050789] __asan_report_load8_noabort+0x20/0x30 [ 32.050984] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 32.051070] kasan_bitops_generic+0x110/0x1c8 [ 32.051267] kunit_try_run_case+0x170/0x3f0 [ 32.051335] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.051389] kthread+0x328/0x630 [ 32.051672] ret_from_fork+0x10/0x20 [ 32.051736] [ 32.051816] Allocated by task 292: [ 32.051872] kasan_save_stack+0x3c/0x68 [ 32.051946] kasan_save_track+0x20/0x40 [ 32.052126] kasan_save_alloc_info+0x40/0x58 [ 32.052367] __kasan_kmalloc+0xd4/0xd8 [ 32.052480] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.052832] kasan_bitops_generic+0xa0/0x1c8 [ 32.052948] kunit_try_run_case+0x170/0x3f0 [ 32.053070] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.053186] kthread+0x328/0x630 [ 32.053384] ret_from_fork+0x10/0x20 [ 32.053564] [ 32.053668] The buggy address belongs to the object at fff00000c64c1b40 [ 32.053668] which belongs to the cache kmalloc-16 of size 16 [ 32.053750] The buggy address is located 8 bytes inside of [ 32.053750] allocated 9-byte region [fff00000c64c1b40, fff00000c64c1b49) [ 32.053815] [ 32.053981] The buggy address belongs to the physical page: [ 32.054028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xfff00000c64c1a40 pfn:0x1064c1 [ 32.054193] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.054278] page_type: f5(slab) [ 32.054336] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 32.054391] raw: fff00000c64c1a40 000000008080007f 00000000f5000000 0000000000000000 [ 32.054445] page dumped because: kasan: bad access detected [ 32.054488] [ 32.054510] Memory state around the buggy address: [ 32.054544] fff00000c64c1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 32.054590] fff00000c64c1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 32.054644] >fff00000c64c1b00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 32.054699] ^ [ 32.054738] fff00000c64c1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.054781] fff00000c64c1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.054835] ================================================================== [ 32.039570] ================================================================== [ 32.039621] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 32.039675] Write of size 8 at addr fff00000c64c1b48 by task kunit_try_catch/292 [ 32.039808] [ 32.039844] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250714 #1 PREEMPT [ 32.039932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.040222] Hardware name: linux,dummy-virt (DT) [ 32.040380] Call trace: [ 32.040454] show_stack+0x20/0x38 (C) [ 32.040569] dump_stack_lvl+0x8c/0xd0 [ 32.040686] print_report+0x118/0x5d0 [ 32.040854] kasan_report+0xdc/0x128 [ 32.040908] kasan_check_range+0x100/0x1a8 [ 32.040954] __kasan_check_write+0x20/0x30 [ 32.041185] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 32.041382] kasan_bitops_generic+0x110/0x1c8 [ 32.041580] kunit_try_run_case+0x170/0x3f0 [ 32.041763] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.041879] kthread+0x328/0x630 [ 32.042081] ret_from_fork+0x10/0x20 [ 32.042296] [ 32.042384] Allocated by task 292: [ 32.042417] kasan_save_stack+0x3c/0x68 [ 32.042869] kasan_save_track+0x20/0x40 [ 32.043256] kasan_save_alloc_info+0x40/0x58 [ 32.043343] __kasan_kmalloc+0xd4/0xd8 [ 32.043406] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.043488] kasan_bitops_generic+0xa0/0x1c8 [ 32.043562] kunit_try_run_case+0x170/0x3f0 [ 32.044242] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.044305] kthread+0x328/0x630 [ 32.044343] ret_from_fork+0x10/0x20 [ 32.044540] [ 32.044789] The buggy address belongs to the object at fff00000c64c1b40 [ 32.044789] which belongs to the cache kmalloc-16 of size 16 [ 32.044963] The buggy address is located 8 bytes inside of [ 32.044963] allocated 9-byte region [fff00000c64c1b40, fff00000c64c1b49) [ 32.045098] [ 32.045188] The buggy address belongs to the physical page: [ 32.045301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xfff00000c64c1a40 pfn:0x1064c1 [ 32.045404] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.045952] page_type: f5(slab) [ 32.046128] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 32.046249] raw: fff00000c64c1a40 000000008080007f 00000000f5000000 0000000000000000 [ 32.046348] page dumped because: kasan: bad access detected [ 32.046477] [ 32.046667] Memory state around the buggy address: [ 32.046734] fff00000c64c1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 32.046849] fff00000c64c1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 32.046922] >fff00000c64c1b00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 32.047252] ^ [ 32.047460] fff00000c64c1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.047523] fff00000c64c1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.047689] ================================================================== [ 32.033722] ================================================================== [ 32.033798] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 32.033857] Read of size 8 at addr fff00000c64c1b48 by task kunit_try_catch/292 [ 32.033909] [ 32.033941] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250714 #1 PREEMPT [ 32.034025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.034066] Hardware name: linux,dummy-virt (DT) [ 32.034099] Call trace: [ 32.034122] show_stack+0x20/0x38 (C) [ 32.034182] dump_stack_lvl+0x8c/0xd0 [ 32.034232] print_report+0x118/0x5d0 [ 32.034276] kasan_report+0xdc/0x128 [ 32.034320] __asan_report_load8_noabort+0x20/0x30 [ 32.034380] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 32.034436] kasan_bitops_generic+0x110/0x1c8 [ 32.034487] kunit_try_run_case+0x170/0x3f0 [ 32.034537] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.034589] kthread+0x328/0x630 [ 32.034632] ret_from_fork+0x10/0x20 [ 32.034689] [ 32.034709] Allocated by task 292: [ 32.034741] kasan_save_stack+0x3c/0x68 [ 32.034782] kasan_save_track+0x20/0x40 [ 32.034821] kasan_save_alloc_info+0x40/0x58 [ 32.034860] __kasan_kmalloc+0xd4/0xd8 [ 32.034900] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.034942] kasan_bitops_generic+0xa0/0x1c8 [ 32.034984] kunit_try_run_case+0x170/0x3f0 [ 32.035025] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.035713] kthread+0x328/0x630 [ 32.035775] ret_from_fork+0x10/0x20 [ 32.035825] [ 32.035856] The buggy address belongs to the object at fff00000c64c1b40 [ 32.035856] which belongs to the cache kmalloc-16 of size 16 [ 32.035918] The buggy address is located 8 bytes inside of [ 32.035918] allocated 9-byte region [fff00000c64c1b40, fff00000c64c1b49) [ 32.035981] [ 32.036203] The buggy address belongs to the physical page: [ 32.036304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xfff00000c64c1a40 pfn:0x1064c1 [ 32.036762] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.036981] page_type: f5(slab) [ 32.037174] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 32.037332] raw: fff00000c64c1a40 000000008080007f 00000000f5000000 0000000000000000 [ 32.037432] page dumped because: kasan: bad access detected [ 32.037498] [ 32.037521] Memory state around the buggy address: [ 32.037994] fff00000c64c1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 32.038169] fff00000c64c1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 32.038291] >fff00000c64c1b00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 32.038378] ^ [ 32.038484] fff00000c64c1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.038797] fff00000c64c1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.038929] ==================================================================
[ 26.529234] ================================================================== [ 26.529526] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 26.529916] Write of size 8 at addr ffff8881058422c8 by task kunit_try_catch/310 [ 26.530386] [ 26.530778] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc6-next-20250714 #1 PREEMPT(voluntary) [ 26.530837] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 26.530851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.530875] Call Trace: [ 26.530894] <TASK> [ 26.530915] dump_stack_lvl+0x73/0xb0 [ 26.530947] print_report+0xd1/0x610 [ 26.530970] ? __virt_addr_valid+0x1db/0x2d0 [ 26.530993] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 26.531017] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.531043] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 26.531068] kasan_report+0x141/0x180 [ 26.531088] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 26.531117] kasan_check_range+0x10c/0x1c0 [ 26.531140] __kasan_check_write+0x18/0x20 [ 26.531162] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 26.531187] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.531212] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.531236] ? trace_hardirqs_on+0x37/0xe0 [ 26.531258] ? kasan_bitops_generic+0x92/0x1c0 [ 26.531284] kasan_bitops_generic+0x116/0x1c0 [ 26.531307] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.531330] ? __pfx_read_tsc+0x10/0x10 [ 26.531352] ? ktime_get_ts64+0x86/0x230 [ 26.531376] kunit_try_run_case+0x1a5/0x480 [ 26.531399] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.531418] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.531443] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.531465] ? __kthread_parkme+0x82/0x180 [ 26.531551] ? preempt_count_sub+0x50/0x80 [ 26.531575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.531597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.531623] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.531648] kthread+0x337/0x6f0 [ 26.531679] ? trace_preempt_on+0x20/0xc0 [ 26.531701] ? __pfx_kthread+0x10/0x10 [ 26.531722] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.531744] ? calculate_sigpending+0x7b/0xa0 [ 26.531769] ? __pfx_kthread+0x10/0x10 [ 26.531791] ret_from_fork+0x116/0x1d0 [ 26.531810] ? __pfx_kthread+0x10/0x10 [ 26.531831] ret_from_fork_asm+0x1a/0x30 [ 26.531861] </TASK> [ 26.531872] [ 26.540306] Allocated by task 310: [ 26.540502] kasan_save_stack+0x45/0x70 [ 26.540702] kasan_save_track+0x18/0x40 [ 26.541043] kasan_save_alloc_info+0x3b/0x50 [ 26.541228] __kasan_kmalloc+0xb7/0xc0 [ 26.541398] __kmalloc_cache_noprof+0x189/0x420 [ 26.541597] kasan_bitops_generic+0x92/0x1c0 [ 26.541835] kunit_try_run_case+0x1a5/0x480 [ 26.542058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.542297] kthread+0x337/0x6f0 [ 26.542462] ret_from_fork+0x116/0x1d0 [ 26.542629] ret_from_fork_asm+0x1a/0x30 [ 26.542837] [ 26.542927] The buggy address belongs to the object at ffff8881058422c0 [ 26.542927] which belongs to the cache kmalloc-16 of size 16 [ 26.543379] The buggy address is located 8 bytes inside of [ 26.543379] allocated 9-byte region [ffff8881058422c0, ffff8881058422c9) [ 26.544099] [ 26.544208] The buggy address belongs to the physical page: [ 26.544455] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105842 [ 26.544746] flags: 0x200000000000000(node=0|zone=2) [ 26.545075] page_type: f5(slab) [ 26.545366] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 26.545600] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.545831] page dumped because: kasan: bad access detected [ 26.545996] [ 26.546063] Memory state around the buggy address: [ 26.546384] ffff888105842180: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.546740] ffff888105842200: fa fb fc fc 00 06 fc fc 00 06 fc fc 00 06 fc fc [ 26.547383] >ffff888105842280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.547646] ^ [ 26.547830] ffff888105842300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.548037] ffff888105842380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.548464] ================================================================== [ 26.549220] ================================================================== [ 26.549533] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 26.549809] Write of size 8 at addr ffff8881058422c8 by task kunit_try_catch/310 [ 26.550357] [ 26.550477] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc6-next-20250714 #1 PREEMPT(voluntary) [ 26.550533] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 26.550547] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.550570] Call Trace: [ 26.550590] <TASK> [ 26.550611] dump_stack_lvl+0x73/0xb0 [ 26.550642] print_report+0xd1/0x610 [ 26.550678] ? __virt_addr_valid+0x1db/0x2d0 [ 26.550702] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 26.550726] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.550752] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 26.550776] kasan_report+0x141/0x180 [ 26.550797] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 26.550826] kasan_check_range+0x10c/0x1c0 [ 26.550849] __kasan_check_write+0x18/0x20 [ 26.550871] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 26.550897] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.550921] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.550946] ? trace_hardirqs_on+0x37/0xe0 [ 26.550969] ? kasan_bitops_generic+0x92/0x1c0 [ 26.550995] kasan_bitops_generic+0x116/0x1c0 [ 26.551018] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.551043] ? __pfx_read_tsc+0x10/0x10 [ 26.551064] ? ktime_get_ts64+0x86/0x230 [ 26.551088] kunit_try_run_case+0x1a5/0x480 [ 26.551112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.551132] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.551156] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.551180] ? __kthread_parkme+0x82/0x180 [ 26.551201] ? preempt_count_sub+0x50/0x80 [ 26.551224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.551246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.551560] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.551592] kthread+0x337/0x6f0 [ 26.551613] ? trace_preempt_on+0x20/0xc0 [ 26.551635] ? __pfx_kthread+0x10/0x10 [ 26.551669] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.551691] ? calculate_sigpending+0x7b/0xa0 [ 26.551716] ? __pfx_kthread+0x10/0x10 [ 26.551737] ret_from_fork+0x116/0x1d0 [ 26.551756] ? __pfx_kthread+0x10/0x10 [ 26.551777] ret_from_fork_asm+0x1a/0x30 [ 26.551810] </TASK> [ 26.551821] [ 26.561156] Allocated by task 310: [ 26.561318] kasan_save_stack+0x45/0x70 [ 26.561531] kasan_save_track+0x18/0x40 [ 26.561730] kasan_save_alloc_info+0x3b/0x50 [ 26.562059] __kasan_kmalloc+0xb7/0xc0 [ 26.562277] __kmalloc_cache_noprof+0x189/0x420 [ 26.562423] kasan_bitops_generic+0x92/0x1c0 [ 26.562561] kunit_try_run_case+0x1a5/0x480 [ 26.562709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.562929] kthread+0x337/0x6f0 [ 26.563093] ret_from_fork+0x116/0x1d0 [ 26.563318] ret_from_fork_asm+0x1a/0x30 [ 26.563524] [ 26.563742] The buggy address belongs to the object at ffff8881058422c0 [ 26.563742] which belongs to the cache kmalloc-16 of size 16 [ 26.564456] The buggy address is located 8 bytes inside of [ 26.564456] allocated 9-byte region [ffff8881058422c0, ffff8881058422c9) [ 26.565107] [ 26.565208] The buggy address belongs to the physical page: [ 26.565403] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105842 [ 26.565640] flags: 0x200000000000000(node=0|zone=2) [ 26.566010] page_type: f5(slab) [ 26.566207] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 26.566550] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.566882] page dumped because: kasan: bad access detected [ 26.567046] [ 26.567108] Memory state around the buggy address: [ 26.567264] ffff888105842180: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.567576] ffff888105842200: fa fb fc fc 00 06 fc fc 00 06 fc fc 00 06 fc fc [ 26.567965] >ffff888105842280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.568272] ^ [ 26.568487] ffff888105842300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.568705] ffff888105842380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.569213] ================================================================== [ 26.387642] ================================================================== [ 26.388294] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 26.388678] Write of size 8 at addr ffff8881058422c8 by task kunit_try_catch/310 [ 26.389081] [ 26.389188] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc6-next-20250714 #1 PREEMPT(voluntary) [ 26.389245] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 26.389259] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.389286] Call Trace: [ 26.389301] <TASK> [ 26.389322] dump_stack_lvl+0x73/0xb0 [ 26.389358] print_report+0xd1/0x610 [ 26.389382] ? __virt_addr_valid+0x1db/0x2d0 [ 26.389408] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 26.389432] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.389458] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 26.389483] kasan_report+0x141/0x180 [ 26.389505] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 26.389534] kasan_check_range+0x10c/0x1c0 [ 26.389558] __kasan_check_write+0x18/0x20 [ 26.389580] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 26.389604] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.389630] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.389668] ? trace_hardirqs_on+0x37/0xe0 [ 26.389692] ? kasan_bitops_generic+0x92/0x1c0 [ 26.389719] kasan_bitops_generic+0x116/0x1c0 [ 26.389742] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.389765] ? __pfx_read_tsc+0x10/0x10 [ 26.389789] ? ktime_get_ts64+0x86/0x230 [ 26.389815] kunit_try_run_case+0x1a5/0x480 [ 26.389840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.389861] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.389886] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.389910] ? __kthread_parkme+0x82/0x180 [ 26.390154] ? preempt_count_sub+0x50/0x80 [ 26.390183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.390205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.390231] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.390256] kthread+0x337/0x6f0 [ 26.390276] ? trace_preempt_on+0x20/0xc0 [ 26.390298] ? __pfx_kthread+0x10/0x10 [ 26.390319] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.390341] ? calculate_sigpending+0x7b/0xa0 [ 26.390366] ? __pfx_kthread+0x10/0x10 [ 26.390387] ret_from_fork+0x116/0x1d0 [ 26.390407] ? __pfx_kthread+0x10/0x10 [ 26.390427] ret_from_fork_asm+0x1a/0x30 [ 26.390460] </TASK> [ 26.390472] [ 26.401578] Allocated by task 310: [ 26.401774] kasan_save_stack+0x45/0x70 [ 26.401982] kasan_save_track+0x18/0x40 [ 26.402241] kasan_save_alloc_info+0x3b/0x50 [ 26.402470] __kasan_kmalloc+0xb7/0xc0 [ 26.402638] __kmalloc_cache_noprof+0x189/0x420 [ 26.402870] kasan_bitops_generic+0x92/0x1c0 [ 26.403036] kunit_try_run_case+0x1a5/0x480 [ 26.403237] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.403444] kthread+0x337/0x6f0 [ 26.403615] ret_from_fork+0x116/0x1d0 [ 26.403768] ret_from_fork_asm+0x1a/0x30 [ 26.403905] [ 26.403970] The buggy address belongs to the object at ffff8881058422c0 [ 26.403970] which belongs to the cache kmalloc-16 of size 16 [ 26.404380] The buggy address is located 8 bytes inside of [ 26.404380] allocated 9-byte region [ffff8881058422c0, ffff8881058422c9) [ 26.405266] [ 26.405349] The buggy address belongs to the physical page: [ 26.405522] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105842 [ 26.406015] flags: 0x200000000000000(node=0|zone=2) [ 26.406270] page_type: f5(slab) [ 26.406439] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 26.406852] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.407171] page dumped because: kasan: bad access detected [ 26.407396] [ 26.407459] Memory state around the buggy address: [ 26.407683] ffff888105842180: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.408228] ffff888105842200: fa fb fc fc 00 06 fc fc 00 06 fc fc 00 06 fc fc [ 26.408493] >ffff888105842280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.408751] ^ [ 26.409104] ffff888105842300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.409457] ffff888105842380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.409716] ================================================================== [ 26.476601] ================================================================== [ 26.478520] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 26.479372] Write of size 8 at addr ffff8881058422c8 by task kunit_try_catch/310 [ 26.479819] [ 26.479935] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc6-next-20250714 #1 PREEMPT(voluntary) [ 26.479991] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 26.480005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.480028] Call Trace: [ 26.480049] <TASK> [ 26.480069] dump_stack_lvl+0x73/0xb0 [ 26.480370] print_report+0xd1/0x610 [ 26.480396] ? __virt_addr_valid+0x1db/0x2d0 [ 26.480421] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 26.480446] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.480471] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 26.480496] kasan_report+0x141/0x180 [ 26.480519] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 26.480548] kasan_check_range+0x10c/0x1c0 [ 26.480571] __kasan_check_write+0x18/0x20 [ 26.480593] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 26.480617] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.480643] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.480681] ? trace_hardirqs_on+0x37/0xe0 [ 26.480704] ? kasan_bitops_generic+0x92/0x1c0 [ 26.480730] kasan_bitops_generic+0x116/0x1c0 [ 26.480762] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.480786] ? __pfx_read_tsc+0x10/0x10 [ 26.480807] ? ktime_get_ts64+0x86/0x230 [ 26.480832] kunit_try_run_case+0x1a5/0x480 [ 26.480854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.480874] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.480898] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.480921] ? __kthread_parkme+0x82/0x180 [ 26.481210] ? preempt_count_sub+0x50/0x80 [ 26.481240] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.481262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.481288] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.481313] kthread+0x337/0x6f0 [ 26.481332] ? trace_preempt_on+0x20/0xc0 [ 26.481355] ? __pfx_kthread+0x10/0x10 [ 26.481377] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.481399] ? calculate_sigpending+0x7b/0xa0 [ 26.481423] ? __pfx_kthread+0x10/0x10 [ 26.481444] ret_from_fork+0x116/0x1d0 [ 26.481463] ? __pfx_kthread+0x10/0x10 [ 26.481483] ret_from_fork_asm+0x1a/0x30 [ 26.481513] </TASK> [ 26.481525] [ 26.493369] Allocated by task 310: [ 26.493533] kasan_save_stack+0x45/0x70 [ 26.493714] kasan_save_track+0x18/0x40 [ 26.494453] kasan_save_alloc_info+0x3b/0x50 [ 26.495096] __kasan_kmalloc+0xb7/0xc0 [ 26.495246] __kmalloc_cache_noprof+0x189/0x420 [ 26.495400] kasan_bitops_generic+0x92/0x1c0 [ 26.495544] kunit_try_run_case+0x1a5/0x480 [ 26.495700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.495875] kthread+0x337/0x6f0 [ 26.495991] ret_from_fork+0x116/0x1d0 [ 26.496250] ret_from_fork_asm+0x1a/0x30 [ 26.496446] [ 26.496538] The buggy address belongs to the object at ffff8881058422c0 [ 26.496538] which belongs to the cache kmalloc-16 of size 16 [ 26.497012] The buggy address is located 8 bytes inside of [ 26.497012] allocated 9-byte region [ffff8881058422c0, ffff8881058422c9) [ 26.497911] [ 26.498295] The buggy address belongs to the physical page: [ 26.498508] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105842 [ 26.498930] flags: 0x200000000000000(node=0|zone=2) [ 26.499115] page_type: f5(slab) [ 26.499283] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 26.499612] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.499967] page dumped because: kasan: bad access detected [ 26.500135] [ 26.500198] Memory state around the buggy address: [ 26.500603] ffff888105842180: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.501000] ffff888105842200: fa fb fc fc 00 06 fc fc 00 06 fc fc 00 06 fc fc [ 26.501347] >ffff888105842280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.501707] ^ [ 26.502339] ffff888105842300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.502797] ffff888105842380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.503361] ================================================================== [ 26.410379] ================================================================== [ 26.410693] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 26.411290] Write of size 8 at addr ffff8881058422c8 by task kunit_try_catch/310 [ 26.411540] [ 26.411627] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc6-next-20250714 #1 PREEMPT(voluntary) [ 26.411695] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 26.411708] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.411732] Call Trace: [ 26.411752] <TASK> [ 26.411771] dump_stack_lvl+0x73/0xb0 [ 26.411803] print_report+0xd1/0x610 [ 26.411826] ? __virt_addr_valid+0x1db/0x2d0 [ 26.411850] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 26.411875] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.411913] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 26.411938] kasan_report+0x141/0x180 [ 26.411959] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 26.411989] kasan_check_range+0x10c/0x1c0 [ 26.412127] __kasan_check_write+0x18/0x20 [ 26.412152] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 26.412177] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.412204] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.412228] ? trace_hardirqs_on+0x37/0xe0 [ 26.412251] ? kasan_bitops_generic+0x92/0x1c0 [ 26.412278] kasan_bitops_generic+0x116/0x1c0 [ 26.412301] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.412325] ? __pfx_read_tsc+0x10/0x10 [ 26.412346] ? ktime_get_ts64+0x86/0x230 [ 26.412370] kunit_try_run_case+0x1a5/0x480 [ 26.412393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.412414] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.412438] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.412461] ? __kthread_parkme+0x82/0x180 [ 26.412483] ? preempt_count_sub+0x50/0x80 [ 26.412505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.412527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.412552] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.412577] kthread+0x337/0x6f0 [ 26.412596] ? trace_preempt_on+0x20/0xc0 [ 26.412618] ? __pfx_kthread+0x10/0x10 [ 26.412638] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.412674] ? calculate_sigpending+0x7b/0xa0 [ 26.412697] ? __pfx_kthread+0x10/0x10 [ 26.412719] ret_from_fork+0x116/0x1d0 [ 26.412737] ? __pfx_kthread+0x10/0x10 [ 26.412765] ret_from_fork_asm+0x1a/0x30 [ 26.412796] </TASK> [ 26.412807] [ 26.425016] Allocated by task 310: [ 26.425609] kasan_save_stack+0x45/0x70 [ 26.425877] kasan_save_track+0x18/0x40 [ 26.426192] kasan_save_alloc_info+0x3b/0x50 [ 26.426356] __kasan_kmalloc+0xb7/0xc0 [ 26.426547] __kmalloc_cache_noprof+0x189/0x420 [ 26.426770] kasan_bitops_generic+0x92/0x1c0 [ 26.427280] kunit_try_run_case+0x1a5/0x480 [ 26.427494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.427923] kthread+0x337/0x6f0 [ 26.428258] ret_from_fork+0x116/0x1d0 [ 26.428456] ret_from_fork_asm+0x1a/0x30 [ 26.428932] [ 26.429017] The buggy address belongs to the object at ffff8881058422c0 [ 26.429017] which belongs to the cache kmalloc-16 of size 16 [ 26.429751] The buggy address is located 8 bytes inside of [ 26.429751] allocated 9-byte region [ffff8881058422c0, ffff8881058422c9) [ 26.430626] [ 26.430737] The buggy address belongs to the physical page: [ 26.431132] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105842 [ 26.431537] flags: 0x200000000000000(node=0|zone=2) [ 26.431725] page_type: f5(slab) [ 26.431942] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 26.432520] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.432834] page dumped because: kasan: bad access detected [ 26.433118] [ 26.433204] Memory state around the buggy address: [ 26.433440] ffff888105842180: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.433707] ffff888105842200: fa fb fc fc 00 06 fc fc 00 06 fc fc 00 06 fc fc [ 26.434131] >ffff888105842280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.434906] ^ [ 26.435285] ffff888105842300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.435680] ffff888105842380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.436433] ================================================================== [ 26.437439] ================================================================== [ 26.437724] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 26.438080] Write of size 8 at addr ffff8881058422c8 by task kunit_try_catch/310 [ 26.438604] [ 26.438712] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc6-next-20250714 #1 PREEMPT(voluntary) [ 26.438768] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 26.438782] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.438806] Call Trace: [ 26.438821] <TASK> [ 26.438841] dump_stack_lvl+0x73/0xb0 [ 26.438874] print_report+0xd1/0x610 [ 26.438898] ? __virt_addr_valid+0x1db/0x2d0 [ 26.438922] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 26.439046] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.439075] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 26.439099] kasan_report+0x141/0x180 [ 26.439121] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 26.439150] kasan_check_range+0x10c/0x1c0 [ 26.439173] __kasan_check_write+0x18/0x20 [ 26.439196] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 26.439221] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.439246] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.439270] ? trace_hardirqs_on+0x37/0xe0 [ 26.439294] ? kasan_bitops_generic+0x92/0x1c0 [ 26.439320] kasan_bitops_generic+0x116/0x1c0 [ 26.439343] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.439367] ? __pfx_read_tsc+0x10/0x10 [ 26.439389] ? ktime_get_ts64+0x86/0x230 [ 26.439414] kunit_try_run_case+0x1a5/0x480 [ 26.439437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.439458] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.439482] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.439504] ? __kthread_parkme+0x82/0x180 [ 26.439526] ? preempt_count_sub+0x50/0x80 [ 26.439549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.439571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.439596] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.439621] kthread+0x337/0x6f0 [ 26.439640] ? trace_preempt_on+0x20/0xc0 [ 26.439677] ? __pfx_kthread+0x10/0x10 [ 26.439697] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.439719] ? calculate_sigpending+0x7b/0xa0 [ 26.439743] ? __pfx_kthread+0x10/0x10 [ 26.439764] ret_from_fork+0x116/0x1d0 [ 26.439783] ? __pfx_kthread+0x10/0x10 [ 26.439802] ret_from_fork_asm+0x1a/0x30 [ 26.439833] </TASK> [ 26.439844] [ 26.448296] Allocated by task 310: [ 26.448511] kasan_save_stack+0x45/0x70 [ 26.448746] kasan_save_track+0x18/0x40 [ 26.448914] kasan_save_alloc_info+0x3b/0x50 [ 26.449056] __kasan_kmalloc+0xb7/0xc0 [ 26.449299] __kmalloc_cache_noprof+0x189/0x420 [ 26.449539] kasan_bitops_generic+0x92/0x1c0 [ 26.449733] kunit_try_run_case+0x1a5/0x480 [ 26.449875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.450051] kthread+0x337/0x6f0 [ 26.450168] ret_from_fork+0x116/0x1d0 [ 26.450387] ret_from_fork_asm+0x1a/0x30 [ 26.450702] [ 26.450793] The buggy address belongs to the object at ffff8881058422c0 [ 26.450793] which belongs to the cache kmalloc-16 of size 16 [ 26.451360] The buggy address is located 8 bytes inside of [ 26.451360] allocated 9-byte region [ffff8881058422c0, ffff8881058422c9) [ 26.451840] [ 26.451937] The buggy address belongs to the physical page: [ 26.452399] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105842 [ 26.452789] flags: 0x200000000000000(node=0|zone=2) [ 26.453078] page_type: f5(slab) [ 26.453207] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 26.453433] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.453818] page dumped because: kasan: bad access detected [ 26.454223] [ 26.454316] Memory state around the buggy address: [ 26.454537] ffff888105842180: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.455026] ffff888105842200: fa fb fc fc 00 06 fc fc 00 06 fc fc 00 06 fc fc [ 26.455245] >ffff888105842280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.455451] ^ [ 26.455718] ffff888105842300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.456500] ffff888105842380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.456734] ================================================================== [ 26.504168] ================================================================== [ 26.504836] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 26.505892] Write of size 8 at addr ffff8881058422c8 by task kunit_try_catch/310 [ 26.506634] [ 26.507027] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc6-next-20250714 #1 PREEMPT(voluntary) [ 26.507089] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 26.507126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.507150] Call Trace: [ 26.507170] <TASK> [ 26.507190] dump_stack_lvl+0x73/0xb0 [ 26.507229] print_report+0xd1/0x610 [ 26.507251] ? __virt_addr_valid+0x1db/0x2d0 [ 26.507275] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 26.507301] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.507326] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 26.507350] kasan_report+0x141/0x180 [ 26.507371] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 26.507400] kasan_check_range+0x10c/0x1c0 [ 26.507423] __kasan_check_write+0x18/0x20 [ 26.507444] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 26.507469] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.507494] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.507518] ? trace_hardirqs_on+0x37/0xe0 [ 26.507540] ? kasan_bitops_generic+0x92/0x1c0 [ 26.507566] kasan_bitops_generic+0x116/0x1c0 [ 26.507589] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.507614] ? __pfx_read_tsc+0x10/0x10 [ 26.507635] ? ktime_get_ts64+0x86/0x230 [ 26.507672] kunit_try_run_case+0x1a5/0x480 [ 26.507695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.507715] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.507739] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.507762] ? __kthread_parkme+0x82/0x180 [ 26.507783] ? preempt_count_sub+0x50/0x80 [ 26.507806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.507828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.507853] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.507877] kthread+0x337/0x6f0 [ 26.507897] ? trace_preempt_on+0x20/0xc0 [ 26.507918] ? __pfx_kthread+0x10/0x10 [ 26.507939] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.508016] ? calculate_sigpending+0x7b/0xa0 [ 26.508041] ? __pfx_kthread+0x10/0x10 [ 26.508063] ret_from_fork+0x116/0x1d0 [ 26.508081] ? __pfx_kthread+0x10/0x10 [ 26.508102] ret_from_fork_asm+0x1a/0x30 [ 26.508132] </TASK> [ 26.508144] [ 26.519236] Allocated by task 310: [ 26.519611] kasan_save_stack+0x45/0x70 [ 26.519877] kasan_save_track+0x18/0x40 [ 26.520280] kasan_save_alloc_info+0x3b/0x50 [ 26.520473] __kasan_kmalloc+0xb7/0xc0 [ 26.520597] __kmalloc_cache_noprof+0x189/0x420 [ 26.520752] kasan_bitops_generic+0x92/0x1c0 [ 26.520919] kunit_try_run_case+0x1a5/0x480 [ 26.521185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.521580] kthread+0x337/0x6f0 [ 26.521908] ret_from_fork+0x116/0x1d0 [ 26.522278] ret_from_fork_asm+0x1a/0x30 [ 26.522483] [ 26.522596] The buggy address belongs to the object at ffff8881058422c0 [ 26.522596] which belongs to the cache kmalloc-16 of size 16 [ 26.522982] The buggy address is located 8 bytes inside of [ 26.522982] allocated 9-byte region [ffff8881058422c0, ffff8881058422c9) [ 26.523610] [ 26.523751] The buggy address belongs to the physical page: [ 26.524055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105842 [ 26.524359] flags: 0x200000000000000(node=0|zone=2) [ 26.524686] page_type: f5(slab) [ 26.524871] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 26.525398] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.525756] page dumped because: kasan: bad access detected [ 26.526029] [ 26.526135] Memory state around the buggy address: [ 26.526559] ffff888105842180: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.526937] ffff888105842200: fa fb fc fc 00 06 fc fc 00 06 fc fc 00 06 fc fc [ 26.527296] >ffff888105842280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.527647] ^ [ 26.528036] ffff888105842300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.528310] ffff888105842380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.528624] ================================================================== [ 26.457407] ================================================================== [ 26.457729] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 26.457999] Write of size 8 at addr ffff8881058422c8 by task kunit_try_catch/310 [ 26.458383] [ 26.458496] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc6-next-20250714 #1 PREEMPT(voluntary) [ 26.458550] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 26.458563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.458587] Call Trace: [ 26.458606] <TASK> [ 26.458626] dump_stack_lvl+0x73/0xb0 [ 26.458669] print_report+0xd1/0x610 [ 26.458693] ? __virt_addr_valid+0x1db/0x2d0 [ 26.458718] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 26.458742] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.458777] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 26.458801] kasan_report+0x141/0x180 [ 26.458822] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 26.458851] kasan_check_range+0x10c/0x1c0 [ 26.458873] __kasan_check_write+0x18/0x20 [ 26.458896] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 26.458922] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.458947] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.459016] ? trace_hardirqs_on+0x37/0xe0 [ 26.459041] ? kasan_bitops_generic+0x92/0x1c0 [ 26.459067] kasan_bitops_generic+0x116/0x1c0 [ 26.459090] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.459115] ? __pfx_read_tsc+0x10/0x10 [ 26.459136] ? ktime_get_ts64+0x86/0x230 [ 26.459160] kunit_try_run_case+0x1a5/0x480 [ 26.459183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.459203] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.459227] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.459250] ? __kthread_parkme+0x82/0x180 [ 26.459271] ? preempt_count_sub+0x50/0x80 [ 26.459294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.459315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.459340] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.459365] kthread+0x337/0x6f0 [ 26.459385] ? trace_preempt_on+0x20/0xc0 [ 26.459406] ? __pfx_kthread+0x10/0x10 [ 26.459426] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.459448] ? calculate_sigpending+0x7b/0xa0 [ 26.459471] ? __pfx_kthread+0x10/0x10 [ 26.459492] ret_from_fork+0x116/0x1d0 [ 26.459510] ? __pfx_kthread+0x10/0x10 [ 26.459531] ret_from_fork_asm+0x1a/0x30 [ 26.459561] </TASK> [ 26.459573] [ 26.468446] Allocated by task 310: [ 26.468631] kasan_save_stack+0x45/0x70 [ 26.468879] kasan_save_track+0x18/0x40 [ 26.469146] kasan_save_alloc_info+0x3b/0x50 [ 26.469299] __kasan_kmalloc+0xb7/0xc0 [ 26.469424] __kmalloc_cache_noprof+0x189/0x420 [ 26.469626] kasan_bitops_generic+0x92/0x1c0 [ 26.469957] kunit_try_run_case+0x1a5/0x480 [ 26.470179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.470411] kthread+0x337/0x6f0 [ 26.470568] ret_from_fork+0x116/0x1d0 [ 26.470750] ret_from_fork_asm+0x1a/0x30 [ 26.471027] [ 26.471125] The buggy address belongs to the object at ffff8881058422c0 [ 26.471125] which belongs to the cache kmalloc-16 of size 16 [ 26.471545] The buggy address is located 8 bytes inside of [ 26.471545] allocated 9-byte region [ffff8881058422c0, ffff8881058422c9) [ 26.472442] [ 26.472529] The buggy address belongs to the physical page: [ 26.472745] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105842 [ 26.473065] flags: 0x200000000000000(node=0|zone=2) [ 26.473274] page_type: f5(slab) [ 26.473392] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 26.473616] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.473850] page dumped because: kasan: bad access detected [ 26.474202] [ 26.474302] Memory state around the buggy address: [ 26.474519] ffff888105842180: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.474951] ffff888105842200: fa fb fc fc 00 06 fc fc 00 06 fc fc 00 06 fc fc [ 26.475260] >ffff888105842280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 26.475480] ^ [ 26.475649] ffff888105842300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.475865] ffff888105842380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.476070] ==================================================================