Date
July 15, 2025, 11:35 a.m.
| Environment | |
|---|---|
| e850-96 | |
| qemu-x86_64 |
[ 59.782788] ================================================================== [ 59.789893] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 59.798052] Write of size 8 at addr ffff000806093fe8 by task kunit_try_catch/342 [ 59.805429] [ 59.806912] CPU: 7 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250715 #1 PREEMPT [ 59.806963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 59.806981] Hardware name: WinLink E850-96 board (DT) [ 59.807001] Call trace: [ 59.807014] show_stack+0x20/0x38 (C) [ 59.807047] dump_stack_lvl+0x8c/0xd0 [ 59.807081] print_report+0x118/0x5d0 [ 59.807109] kasan_report+0xdc/0x128 [ 59.807134] kasan_check_range+0x100/0x1a8 [ 59.807165] __kasan_check_write+0x20/0x30 [ 59.807196] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 59.807234] kasan_bitops_generic+0x110/0x1c8 [ 59.807268] kunit_try_run_case+0x170/0x3f0 [ 59.807298] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.807333] kthread+0x328/0x630 [ 59.807359] ret_from_fork+0x10/0x20 [ 59.807392] [ 59.879820] Allocated by task 342: [ 59.883207] kasan_save_stack+0x3c/0x68 [ 59.887025] kasan_save_track+0x20/0x40 [ 59.890844] kasan_save_alloc_info+0x40/0x58 [ 59.895098] __kasan_kmalloc+0xd4/0xd8 [ 59.898830] __kmalloc_cache_noprof+0x16c/0x3c0 [ 59.903344] kasan_bitops_generic+0xa0/0x1c8 [ 59.907597] kunit_try_run_case+0x170/0x3f0 [ 59.911764] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.917233] kthread+0x328/0x630 [ 59.920444] ret_from_fork+0x10/0x20 [ 59.924003] [ 59.925479] The buggy address belongs to the object at ffff000806093fe0 [ 59.925479] which belongs to the cache kmalloc-16 of size 16 [ 59.937806] The buggy address is located 8 bytes inside of [ 59.937806] allocated 9-byte region [ffff000806093fe0, ffff000806093fe9) [ 59.950044] [ 59.951523] The buggy address belongs to the physical page: [ 59.957079] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886093 [ 59.965063] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 59.971572] page_type: f5(slab) [ 59.974707] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 59.982429] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 59.990148] page dumped because: kasan: bad access detected [ 59.995704] [ 59.997179] Memory state around the buggy address: [ 60.001959] ffff000806093e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 60.009162] ffff000806093f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 60.016367] >ffff000806093f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 60.023568] ^ [ 60.030168] ffff000806094000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 60.037373] ffff000806094080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 60.044575] ================================================================== [ 59.248090] ================================================================== [ 59.255178] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 59.263337] Read of size 8 at addr ffff000806093fe8 by task kunit_try_catch/342 [ 59.270628] [ 59.272111] CPU: 7 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250715 #1 PREEMPT [ 59.272164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 59.272178] Hardware name: WinLink E850-96 board (DT) [ 59.272198] Call trace: [ 59.272209] show_stack+0x20/0x38 (C) [ 59.272239] dump_stack_lvl+0x8c/0xd0 [ 59.272276] print_report+0x118/0x5d0 [ 59.272303] kasan_report+0xdc/0x128 [ 59.272331] __asan_report_load8_noabort+0x20/0x30 [ 59.272361] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 59.272399] kasan_bitops_generic+0x110/0x1c8 [ 59.272434] kunit_try_run_case+0x170/0x3f0 [ 59.272463] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.272498] kthread+0x328/0x630 [ 59.272525] ret_from_fork+0x10/0x20 [ 59.272558] [ 59.341634] Allocated by task 342: [ 59.345021] kasan_save_stack+0x3c/0x68 [ 59.348838] kasan_save_track+0x20/0x40 [ 59.352658] kasan_save_alloc_info+0x40/0x58 [ 59.356911] __kasan_kmalloc+0xd4/0xd8 [ 59.360644] __kmalloc_cache_noprof+0x16c/0x3c0 [ 59.365157] kasan_bitops_generic+0xa0/0x1c8 [ 59.369411] kunit_try_run_case+0x170/0x3f0 [ 59.373578] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.379046] kthread+0x328/0x630 [ 59.382258] ret_from_fork+0x10/0x20 [ 59.385817] [ 59.387293] The buggy address belongs to the object at ffff000806093fe0 [ 59.387293] which belongs to the cache kmalloc-16 of size 16 [ 59.399619] The buggy address is located 8 bytes inside of [ 59.399619] allocated 9-byte region [ffff000806093fe0, ffff000806093fe9) [ 59.411858] [ 59.413336] The buggy address belongs to the physical page: [ 59.418893] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886093 [ 59.426877] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 59.433386] page_type: f5(slab) [ 59.436520] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 59.444243] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 59.451963] page dumped because: kasan: bad access detected [ 59.457517] [ 59.458992] Memory state around the buggy address: [ 59.463771] ffff000806093e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 59.470976] ffff000806093f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 59.478180] >ffff000806093f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 59.485381] ^ [ 59.491984] ffff000806094000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 59.499188] ffff000806094080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 59.506388] ================================================================== [ 60.051887] ================================================================== [ 60.058986] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 60.067145] Read of size 8 at addr ffff000806093fe8 by task kunit_try_catch/342 [ 60.074435] [ 60.075918] CPU: 7 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250715 #1 PREEMPT [ 60.075970] Tainted: [B]=BAD_PAGE, [N]=TEST [ 60.075986] Hardware name: WinLink E850-96 board (DT) [ 60.076004] Call trace: [ 60.076016] show_stack+0x20/0x38 (C) [ 60.076047] dump_stack_lvl+0x8c/0xd0 [ 60.076080] print_report+0x118/0x5d0 [ 60.076108] kasan_report+0xdc/0x128 [ 60.076136] __asan_report_load8_noabort+0x20/0x30 [ 60.076168] kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 60.076203] kasan_bitops_generic+0x110/0x1c8 [ 60.076237] kunit_try_run_case+0x170/0x3f0 [ 60.076268] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.076303] kthread+0x328/0x630 [ 60.076328] ret_from_fork+0x10/0x20 [ 60.076361] [ 60.145441] Allocated by task 342: [ 60.148827] kasan_save_stack+0x3c/0x68 [ 60.152646] kasan_save_track+0x20/0x40 [ 60.156465] kasan_save_alloc_info+0x40/0x58 [ 60.160719] __kasan_kmalloc+0xd4/0xd8 [ 60.164451] __kmalloc_cache_noprof+0x16c/0x3c0 [ 60.168965] kasan_bitops_generic+0xa0/0x1c8 [ 60.173218] kunit_try_run_case+0x170/0x3f0 [ 60.177385] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.182854] kthread+0x328/0x630 [ 60.186065] ret_from_fork+0x10/0x20 [ 60.189624] [ 60.191100] The buggy address belongs to the object at ffff000806093fe0 [ 60.191100] which belongs to the cache kmalloc-16 of size 16 [ 60.203427] The buggy address is located 8 bytes inside of [ 60.203427] allocated 9-byte region [ffff000806093fe0, ffff000806093fe9) [ 60.215665] [ 60.217145] The buggy address belongs to the physical page: [ 60.222700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886093 [ 60.230684] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 60.237193] page_type: f5(slab) [ 60.240327] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 60.248050] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 60.255769] page dumped because: kasan: bad access detected [ 60.261324] [ 60.262800] Memory state around the buggy address: [ 60.267582] ffff000806093e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 60.274783] ffff000806093f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 60.281988] >ffff000806093f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 60.289189] ^ [ 60.295790] ffff000806094000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 60.302995] ffff000806094080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 60.310195] ================================================================== [ 58.978986] ================================================================== [ 58.986087] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 58.994243] Write of size 8 at addr ffff000806093fe8 by task kunit_try_catch/342 [ 59.001623] [ 59.003106] CPU: 7 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250715 #1 PREEMPT [ 59.003158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 59.003175] Hardware name: WinLink E850-96 board (DT) [ 59.003195] Call trace: [ 59.003210] show_stack+0x20/0x38 (C) [ 59.003242] dump_stack_lvl+0x8c/0xd0 [ 59.003276] print_report+0x118/0x5d0 [ 59.003306] kasan_report+0xdc/0x128 [ 59.003332] kasan_check_range+0x100/0x1a8 [ 59.003361] __kasan_check_write+0x20/0x30 [ 59.003391] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 59.003427] kasan_bitops_generic+0x110/0x1c8 [ 59.003461] kunit_try_run_case+0x170/0x3f0 [ 59.003494] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.003530] kthread+0x328/0x630 [ 59.003558] ret_from_fork+0x10/0x20 [ 59.003591] [ 59.076012] Allocated by task 342: [ 59.079400] kasan_save_stack+0x3c/0x68 [ 59.083218] kasan_save_track+0x20/0x40 [ 59.087037] kasan_save_alloc_info+0x40/0x58 [ 59.091290] __kasan_kmalloc+0xd4/0xd8 [ 59.095023] __kmalloc_cache_noprof+0x16c/0x3c0 [ 59.099536] kasan_bitops_generic+0xa0/0x1c8 [ 59.103790] kunit_try_run_case+0x170/0x3f0 [ 59.107956] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.113426] kthread+0x328/0x630 [ 59.116637] ret_from_fork+0x10/0x20 [ 59.120196] [ 59.121672] The buggy address belongs to the object at ffff000806093fe0 [ 59.121672] which belongs to the cache kmalloc-16 of size 16 [ 59.133998] The buggy address is located 8 bytes inside of [ 59.133998] allocated 9-byte region [ffff000806093fe0, ffff000806093fe9) [ 59.146237] [ 59.147717] The buggy address belongs to the physical page: [ 59.153272] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886093 [ 59.161256] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 59.167764] page_type: f5(slab) [ 59.170901] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 59.178622] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 59.186342] page dumped because: kasan: bad access detected [ 59.191897] [ 59.193371] Memory state around the buggy address: [ 59.198150] ffff000806093e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 59.205354] ffff000806093f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 59.212559] >ffff000806093f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 59.219760] ^ [ 59.226361] ffff000806094000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 59.233566] ffff000806094080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 59.240767] ================================================================== [ 58.442024] ================================================================== [ 58.451373] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 58.459529] Write of size 8 at addr ffff000806093fe8 by task kunit_try_catch/342 [ 58.466908] [ 58.468392] CPU: 7 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250715 #1 PREEMPT [ 58.468446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 58.468463] Hardware name: WinLink E850-96 board (DT) [ 58.468484] Call trace: [ 58.468497] show_stack+0x20/0x38 (C) [ 58.468534] dump_stack_lvl+0x8c/0xd0 [ 58.468569] print_report+0x118/0x5d0 [ 58.468597] kasan_report+0xdc/0x128 [ 58.468625] kasan_check_range+0x100/0x1a8 [ 58.468654] __kasan_check_write+0x20/0x30 [ 58.468685] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 58.468722] kasan_bitops_generic+0x110/0x1c8 [ 58.468754] kunit_try_run_case+0x170/0x3f0 [ 58.468787] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.468823] kthread+0x328/0x630 [ 58.468849] ret_from_fork+0x10/0x20 [ 58.468884] [ 58.541299] Allocated by task 342: [ 58.544684] kasan_save_stack+0x3c/0x68 [ 58.548504] kasan_save_track+0x20/0x40 [ 58.552323] kasan_save_alloc_info+0x40/0x58 [ 58.556576] __kasan_kmalloc+0xd4/0xd8 [ 58.560308] __kmalloc_cache_noprof+0x16c/0x3c0 [ 58.564822] kasan_bitops_generic+0xa0/0x1c8 [ 58.569076] kunit_try_run_case+0x170/0x3f0 [ 58.573242] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.578711] kthread+0x328/0x630 [ 58.581923] ret_from_fork+0x10/0x20 [ 58.585482] [ 58.586960] The buggy address belongs to the object at ffff000806093fe0 [ 58.586960] which belongs to the cache kmalloc-16 of size 16 [ 58.599286] The buggy address is located 8 bytes inside of [ 58.599286] allocated 9-byte region [ffff000806093fe0, ffff000806093fe9) [ 58.611523] [ 58.613001] The buggy address belongs to the physical page: [ 58.618559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886093 [ 58.626542] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 58.633052] page_type: f5(slab) [ 58.636189] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 58.643908] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 58.651627] page dumped because: kasan: bad access detected [ 58.657182] [ 58.658657] Memory state around the buggy address: [ 58.663436] ffff000806093e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 58.670641] ffff000806093f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 58.677845] >ffff000806093f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 58.685046] ^ [ 58.691648] ffff000806094000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 58.698852] ffff000806094080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 58.706053] ================================================================== [ 59.513707] ================================================================== [ 59.520800] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 59.528959] Write of size 8 at addr ffff000806093fe8 by task kunit_try_catch/342 [ 59.536335] [ 59.537818] CPU: 7 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250715 #1 PREEMPT [ 59.537871] Tainted: [B]=BAD_PAGE, [N]=TEST [ 59.537889] Hardware name: WinLink E850-96 board (DT) [ 59.537908] Call trace: [ 59.537919] show_stack+0x20/0x38 (C) [ 59.537952] dump_stack_lvl+0x8c/0xd0 [ 59.537986] print_report+0x118/0x5d0 [ 59.538014] kasan_report+0xdc/0x128 [ 59.538042] kasan_check_range+0x100/0x1a8 [ 59.538070] __kasan_check_write+0x20/0x30 [ 59.538101] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 59.538138] kasan_bitops_generic+0x110/0x1c8 [ 59.538172] kunit_try_run_case+0x170/0x3f0 [ 59.538202] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.538239] kthread+0x328/0x630 [ 59.538265] ret_from_fork+0x10/0x20 [ 59.538299] [ 59.610728] Allocated by task 342: [ 59.614113] kasan_save_stack+0x3c/0x68 [ 59.617932] kasan_save_track+0x20/0x40 [ 59.621751] kasan_save_alloc_info+0x40/0x58 [ 59.626004] __kasan_kmalloc+0xd4/0xd8 [ 59.629737] __kmalloc_cache_noprof+0x16c/0x3c0 [ 59.634251] kasan_bitops_generic+0xa0/0x1c8 [ 59.638504] kunit_try_run_case+0x170/0x3f0 [ 59.642671] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 59.648140] kthread+0x328/0x630 [ 59.651351] ret_from_fork+0x10/0x20 [ 59.654910] [ 59.656386] The buggy address belongs to the object at ffff000806093fe0 [ 59.656386] which belongs to the cache kmalloc-16 of size 16 [ 59.668712] The buggy address is located 8 bytes inside of [ 59.668712] allocated 9-byte region [ffff000806093fe0, ffff000806093fe9) [ 59.680951] [ 59.682429] The buggy address belongs to the physical page: [ 59.687987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886093 [ 59.695970] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 59.702479] page_type: f5(slab) [ 59.705614] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 59.713336] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 59.721055] page dumped because: kasan: bad access detected [ 59.726610] [ 59.728086] Memory state around the buggy address: [ 59.732864] ffff000806093e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 59.740069] ffff000806093f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 59.747274] >ffff000806093f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 59.754475] ^ [ 59.761075] ffff000806094000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 59.768280] ffff000806094080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 59.775482] ================================================================== [ 58.713374] ================================================================== [ 58.720466] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 58.728623] Read of size 8 at addr ffff000806093fe8 by task kunit_try_catch/342 [ 58.735913] [ 58.737398] CPU: 7 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250715 #1 PREEMPT [ 58.737453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 58.737472] Hardware name: WinLink E850-96 board (DT) [ 58.737491] Call trace: [ 58.737505] show_stack+0x20/0x38 (C) [ 58.737540] dump_stack_lvl+0x8c/0xd0 [ 58.737575] print_report+0x118/0x5d0 [ 58.737605] kasan_report+0xdc/0x128 [ 58.737631] __asan_report_load8_noabort+0x20/0x30 [ 58.737664] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 58.737702] kasan_bitops_generic+0x110/0x1c8 [ 58.737736] kunit_try_run_case+0x170/0x3f0 [ 58.737768] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.737805] kthread+0x328/0x630 [ 58.737833] ret_from_fork+0x10/0x20 [ 58.737868] [ 58.806919] Allocated by task 342: [ 58.810307] kasan_save_stack+0x3c/0x68 [ 58.814124] kasan_save_track+0x20/0x40 [ 58.817943] kasan_save_alloc_info+0x40/0x58 [ 58.822197] __kasan_kmalloc+0xd4/0xd8 [ 58.825930] __kmalloc_cache_noprof+0x16c/0x3c0 [ 58.830443] kasan_bitops_generic+0xa0/0x1c8 [ 58.834697] kunit_try_run_case+0x170/0x3f0 [ 58.838864] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 58.844332] kthread+0x328/0x630 [ 58.847544] ret_from_fork+0x10/0x20 [ 58.851103] [ 58.852578] The buggy address belongs to the object at ffff000806093fe0 [ 58.852578] which belongs to the cache kmalloc-16 of size 16 [ 58.864908] The buggy address is located 8 bytes inside of [ 58.864908] allocated 9-byte region [ffff000806093fe0, ffff000806093fe9) [ 58.877144] [ 58.878623] The buggy address belongs to the physical page: [ 58.884179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886093 [ 58.892164] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 58.898671] page_type: f5(slab) [ 58.901807] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 58.909529] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 58.917249] page dumped because: kasan: bad access detected [ 58.922803] [ 58.924279] Memory state around the buggy address: [ 58.929060] ffff000806093e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 58.936261] ffff000806093f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 58.943466] >ffff000806093f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 58.950667] ^ [ 58.957268] ffff000806094000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 58.964473] ffff000806094080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 58.971674] ================================================================== [ 60.317502] ================================================================== [ 60.324606] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 60.332766] Write of size 8 at addr ffff000806093fe8 by task kunit_try_catch/342 [ 60.340143] [ 60.341625] CPU: 7 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250715 #1 PREEMPT [ 60.341674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 60.341689] Hardware name: WinLink E850-96 board (DT) [ 60.341706] Call trace: [ 60.341716] show_stack+0x20/0x38 (C) [ 60.341747] dump_stack_lvl+0x8c/0xd0 [ 60.341778] print_report+0x118/0x5d0 [ 60.341807] kasan_report+0xdc/0x128 [ 60.341833] kasan_check_range+0x100/0x1a8 [ 60.341862] __kasan_check_write+0x20/0x30 [ 60.341893] kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 60.341929] kasan_bitops_generic+0x110/0x1c8 [ 60.341963] kunit_try_run_case+0x170/0x3f0 [ 60.341993] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.342026] kthread+0x328/0x630 [ 60.342051] ret_from_fork+0x10/0x20 [ 60.342081] [ 60.414534] Allocated by task 342: [ 60.417921] kasan_save_stack+0x3c/0x68 [ 60.421739] kasan_save_track+0x20/0x40 [ 60.425558] kasan_save_alloc_info+0x40/0x58 [ 60.429812] __kasan_kmalloc+0xd4/0xd8 [ 60.433544] __kmalloc_cache_noprof+0x16c/0x3c0 [ 60.438058] kasan_bitops_generic+0xa0/0x1c8 [ 60.442312] kunit_try_run_case+0x170/0x3f0 [ 60.446478] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.451947] kthread+0x328/0x630 [ 60.455159] ret_from_fork+0x10/0x20 [ 60.458718] [ 60.460193] The buggy address belongs to the object at ffff000806093fe0 [ 60.460193] which belongs to the cache kmalloc-16 of size 16 [ 60.472520] The buggy address is located 8 bytes inside of [ 60.472520] allocated 9-byte region [ffff000806093fe0, ffff000806093fe9) [ 60.484759] [ 60.486238] The buggy address belongs to the physical page: [ 60.491794] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886093 [ 60.499777] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 60.506286] page_type: f5(slab) [ 60.509419] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 60.517144] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 60.524862] page dumped because: kasan: bad access detected [ 60.530418] [ 60.531893] Memory state around the buggy address: [ 60.536672] ffff000806093e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 60.543876] ffff000806093f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 60.551081] >ffff000806093f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 60.558282] ^ [ 60.564883] ffff000806094000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 60.572087] ffff000806094080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 60.579289] ================================================================== [ 60.855751] ================================================================== [ 60.862794] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 60.870953] Read of size 8 at addr ffff000806093fe8 by task kunit_try_catch/342 [ 60.878242] [ 60.879724] CPU: 7 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250715 #1 PREEMPT [ 60.879773] Tainted: [B]=BAD_PAGE, [N]=TEST [ 60.879790] Hardware name: WinLink E850-96 board (DT) [ 60.879808] Call trace: [ 60.879821] show_stack+0x20/0x38 (C) [ 60.879853] dump_stack_lvl+0x8c/0xd0 [ 60.879885] print_report+0x118/0x5d0 [ 60.879913] kasan_report+0xdc/0x128 [ 60.879941] __asan_report_load8_noabort+0x20/0x30 [ 60.879973] kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 60.880010] kasan_bitops_generic+0x110/0x1c8 [ 60.880045] kunit_try_run_case+0x170/0x3f0 [ 60.880077] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.880110] kthread+0x328/0x630 [ 60.880135] ret_from_fork+0x10/0x20 [ 60.880166] [ 60.949248] Allocated by task 342: [ 60.952634] kasan_save_stack+0x3c/0x68 [ 60.956453] kasan_save_track+0x20/0x40 [ 60.960272] kasan_save_alloc_info+0x40/0x58 [ 60.964526] __kasan_kmalloc+0xd4/0xd8 [ 60.968258] __kmalloc_cache_noprof+0x16c/0x3c0 [ 60.972773] kasan_bitops_generic+0xa0/0x1c8 [ 60.977026] kunit_try_run_case+0x170/0x3f0 [ 60.981192] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.986661] kthread+0x328/0x630 [ 60.989872] ret_from_fork+0x10/0x20 [ 60.993432] [ 60.994907] The buggy address belongs to the object at ffff000806093fe0 [ 60.994907] which belongs to the cache kmalloc-16 of size 16 [ 61.007234] The buggy address is located 8 bytes inside of [ 61.007234] allocated 9-byte region [ffff000806093fe0, ffff000806093fe9) [ 61.019473] [ 61.020950] The buggy address belongs to the physical page: [ 61.026508] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886093 [ 61.034492] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 61.041000] page_type: f5(slab) [ 61.044137] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 61.051858] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 61.059576] page dumped because: kasan: bad access detected [ 61.065132] [ 61.066607] Memory state around the buggy address: [ 61.071386] ffff000806093e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 61.078590] ffff000806093f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 61.085795] >ffff000806093f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 61.092996] ^ [ 61.099597] ffff000806094000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 61.106802] ffff000806094080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 61.114003] ================================================================== [ 60.586604] ================================================================== [ 60.593700] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 60.601858] Write of size 8 at addr ffff000806093fe8 by task kunit_try_catch/342 [ 60.609236] [ 60.610719] CPU: 7 UID: 0 PID: 342 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250715 #1 PREEMPT [ 60.610768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 60.610782] Hardware name: WinLink E850-96 board (DT) [ 60.610800] Call trace: [ 60.610813] show_stack+0x20/0x38 (C) [ 60.610847] dump_stack_lvl+0x8c/0xd0 [ 60.610881] print_report+0x118/0x5d0 [ 60.610909] kasan_report+0xdc/0x128 [ 60.610935] kasan_check_range+0x100/0x1a8 [ 60.610967] __kasan_check_write+0x20/0x30 [ 60.610997] kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 60.611034] kasan_bitops_generic+0x110/0x1c8 [ 60.611066] kunit_try_run_case+0x170/0x3f0 [ 60.611095] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.611131] kthread+0x328/0x630 [ 60.611157] ret_from_fork+0x10/0x20 [ 60.611190] [ 60.683627] Allocated by task 342: [ 60.687013] kasan_save_stack+0x3c/0x68 [ 60.690832] kasan_save_track+0x20/0x40 [ 60.694652] kasan_save_alloc_info+0x40/0x58 [ 60.698905] __kasan_kmalloc+0xd4/0xd8 [ 60.702638] __kmalloc_cache_noprof+0x16c/0x3c0 [ 60.707151] kasan_bitops_generic+0xa0/0x1c8 [ 60.711405] kunit_try_run_case+0x170/0x3f0 [ 60.715571] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 60.721040] kthread+0x328/0x630 [ 60.724252] ret_from_fork+0x10/0x20 [ 60.727811] [ 60.729286] The buggy address belongs to the object at ffff000806093fe0 [ 60.729286] which belongs to the cache kmalloc-16 of size 16 [ 60.741613] The buggy address is located 8 bytes inside of [ 60.741613] allocated 9-byte region [ffff000806093fe0, ffff000806093fe9) [ 60.753852] [ 60.755332] The buggy address belongs to the physical page: [ 60.760887] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x886093 [ 60.768871] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 60.775379] page_type: f5(slab) [ 60.778514] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 60.786237] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 60.793955] page dumped because: kasan: bad access detected [ 60.799511] [ 60.800987] Memory state around the buggy address: [ 60.805768] ffff000806093e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 60.812969] ffff000806093f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 60.820174] >ffff000806093f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 60.827375] ^ [ 60.833976] ffff000806094000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 60.841181] ffff000806094080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 60.848382] ==================================================================
[ 26.106107] ================================================================== [ 26.106509] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 26.107020] Write of size 8 at addr ffff888104884688 by task kunit_try_catch/309 [ 26.107266] [ 26.107357] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250715 #1 PREEMPT(voluntary) [ 26.107416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.107432] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.107458] Call Trace: [ 26.107475] <TASK> [ 26.107494] dump_stack_lvl+0x73/0xb0 [ 26.107939] print_report+0xd1/0x610 [ 26.107983] ? __virt_addr_valid+0x1db/0x2d0 [ 26.108014] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 26.108046] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.108249] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 26.108284] kasan_report+0x141/0x180 [ 26.108313] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 26.108352] kasan_check_range+0x10c/0x1c0 [ 26.108382] __kasan_check_write+0x18/0x20 [ 26.108410] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 26.108441] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.108474] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.108504] ? trace_hardirqs_on+0x37/0xe0 [ 26.108544] ? kasan_bitops_generic+0x92/0x1c0 [ 26.108644] kasan_bitops_generic+0x116/0x1c0 [ 26.108673] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.108705] ? __pfx_read_tsc+0x10/0x10 [ 26.108730] ? ktime_get_ts64+0x86/0x230 [ 26.108759] kunit_try_run_case+0x1a5/0x480 [ 26.108788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.108813] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.108839] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.108868] ? __kthread_parkme+0x82/0x180 [ 26.108892] ? preempt_count_sub+0x50/0x80 [ 26.108922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.108950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.108983] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.109015] kthread+0x337/0x6f0 [ 26.109038] ? trace_preempt_on+0x20/0xc0 [ 26.109065] ? __pfx_kthread+0x10/0x10 [ 26.109090] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.109119] ? calculate_sigpending+0x7b/0xa0 [ 26.109148] ? __pfx_kthread+0x10/0x10 [ 26.109174] ret_from_fork+0x116/0x1d0 [ 26.109197] ? __pfx_kthread+0x10/0x10 [ 26.109222] ret_from_fork_asm+0x1a/0x30 [ 26.109262] </TASK> [ 26.109275] [ 26.126493] Allocated by task 309: [ 26.126856] kasan_save_stack+0x45/0x70 [ 26.127360] kasan_save_track+0x18/0x40 [ 26.127512] kasan_save_alloc_info+0x3b/0x50 [ 26.128193] __kasan_kmalloc+0xb7/0xc0 [ 26.128777] __kmalloc_cache_noprof+0x189/0x420 [ 26.129328] kasan_bitops_generic+0x92/0x1c0 [ 26.129500] kunit_try_run_case+0x1a5/0x480 [ 26.129667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.130090] kthread+0x337/0x6f0 [ 26.130472] ret_from_fork+0x116/0x1d0 [ 26.130914] ret_from_fork_asm+0x1a/0x30 [ 26.131372] [ 26.131541] The buggy address belongs to the object at ffff888104884680 [ 26.131541] which belongs to the cache kmalloc-16 of size 16 [ 26.132821] The buggy address is located 8 bytes inside of [ 26.132821] allocated 9-byte region [ffff888104884680, ffff888104884689) [ 26.133201] [ 26.133274] The buggy address belongs to the physical page: [ 26.133454] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104884 [ 26.133843] flags: 0x200000000000000(node=0|zone=2) [ 26.134012] page_type: f5(slab) [ 26.134259] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 26.135016] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.135251] page dumped because: kasan: bad access detected [ 26.135479] [ 26.135568] Memory state around the buggy address: [ 26.135892] ffff888104884580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.136361] ffff888104884600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.136879] >ffff888104884680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.137169] ^ [ 26.137304] ffff888104884700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.137790] ffff888104884780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.138152] ================================================================== [ 26.248481] ================================================================== [ 26.249720] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 26.250719] Write of size 8 at addr ffff888104884688 by task kunit_try_catch/309 [ 26.251260] [ 26.251453] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250715 #1 PREEMPT(voluntary) [ 26.251513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.251541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.251566] Call Trace: [ 26.251586] <TASK> [ 26.251606] dump_stack_lvl+0x73/0xb0 [ 26.251651] print_report+0xd1/0x610 [ 26.251678] ? __virt_addr_valid+0x1db/0x2d0 [ 26.251746] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 26.251805] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.251851] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 26.251883] kasan_report+0x141/0x180 [ 26.251911] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 26.251949] kasan_check_range+0x10c/0x1c0 [ 26.251980] __kasan_check_write+0x18/0x20 [ 26.252007] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 26.252039] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.252071] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.252111] ? trace_hardirqs_on+0x37/0xe0 [ 26.252138] ? kasan_bitops_generic+0x92/0x1c0 [ 26.252192] kasan_bitops_generic+0x116/0x1c0 [ 26.252221] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.252251] ? __pfx_read_tsc+0x10/0x10 [ 26.252277] ? ktime_get_ts64+0x86/0x230 [ 26.252306] kunit_try_run_case+0x1a5/0x480 [ 26.252334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.252359] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.252387] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.252415] ? __kthread_parkme+0x82/0x180 [ 26.252439] ? preempt_count_sub+0x50/0x80 [ 26.252468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.252497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.252538] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.252569] kthread+0x337/0x6f0 [ 26.252608] ? trace_preempt_on+0x20/0xc0 [ 26.252635] ? __pfx_kthread+0x10/0x10 [ 26.252660] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.252689] ? calculate_sigpending+0x7b/0xa0 [ 26.252718] ? __pfx_kthread+0x10/0x10 [ 26.252745] ret_from_fork+0x116/0x1d0 [ 26.252767] ? __pfx_kthread+0x10/0x10 [ 26.252793] ret_from_fork_asm+0x1a/0x30 [ 26.252832] </TASK> [ 26.252846] [ 26.269212] Allocated by task 309: [ 26.269349] kasan_save_stack+0x45/0x70 [ 26.269505] kasan_save_track+0x18/0x40 [ 26.270062] kasan_save_alloc_info+0x3b/0x50 [ 26.270640] __kasan_kmalloc+0xb7/0xc0 [ 26.271130] __kmalloc_cache_noprof+0x189/0x420 [ 26.271645] kasan_bitops_generic+0x92/0x1c0 [ 26.272075] kunit_try_run_case+0x1a5/0x480 [ 26.272488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.273203] kthread+0x337/0x6f0 [ 26.273387] ret_from_fork+0x116/0x1d0 [ 26.273540] ret_from_fork_asm+0x1a/0x30 [ 26.274049] [ 26.274212] The buggy address belongs to the object at ffff888104884680 [ 26.274212] which belongs to the cache kmalloc-16 of size 16 [ 26.275379] The buggy address is located 8 bytes inside of [ 26.275379] allocated 9-byte region [ffff888104884680, ffff888104884689) [ 26.276338] [ 26.276550] The buggy address belongs to the physical page: [ 26.277064] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104884 [ 26.277331] flags: 0x200000000000000(node=0|zone=2) [ 26.277503] page_type: f5(slab) [ 26.277884] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 26.278754] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.279514] page dumped because: kasan: bad access detected [ 26.280108] [ 26.280270] Memory state around the buggy address: [ 26.280954] ffff888104884580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.281477] ffff888104884600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.282138] >ffff888104884680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.282477] ^ [ 26.282737] ffff888104884700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.283417] ffff888104884780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.284151] ================================================================== [ 26.284925] ================================================================== [ 26.285157] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 26.285411] Write of size 8 at addr ffff888104884688 by task kunit_try_catch/309 [ 26.285666] [ 26.285899] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250715 #1 PREEMPT(voluntary) [ 26.286010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.286028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.286053] Call Trace: [ 26.286069] <TASK> [ 26.286085] dump_stack_lvl+0x73/0xb0 [ 26.286118] print_report+0xd1/0x610 [ 26.286145] ? __virt_addr_valid+0x1db/0x2d0 [ 26.286172] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 26.286204] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.286235] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 26.286266] kasan_report+0x141/0x180 [ 26.286292] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 26.286330] kasan_check_range+0x10c/0x1c0 [ 26.286359] __kasan_check_write+0x18/0x20 [ 26.286385] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 26.286417] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.286449] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.286481] ? trace_hardirqs_on+0x37/0xe0 [ 26.286507] ? kasan_bitops_generic+0x92/0x1c0 [ 26.286554] kasan_bitops_generic+0x116/0x1c0 [ 26.286653] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.286729] ? __pfx_read_tsc+0x10/0x10 [ 26.286754] ? ktime_get_ts64+0x86/0x230 [ 26.286784] kunit_try_run_case+0x1a5/0x480 [ 26.286813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.286838] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.286866] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.286894] ? __kthread_parkme+0x82/0x180 [ 26.286919] ? preempt_count_sub+0x50/0x80 [ 26.286949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.286978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.287009] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.287041] kthread+0x337/0x6f0 [ 26.287065] ? trace_preempt_on+0x20/0xc0 [ 26.287091] ? __pfx_kthread+0x10/0x10 [ 26.287117] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.287146] ? calculate_sigpending+0x7b/0xa0 [ 26.287175] ? __pfx_kthread+0x10/0x10 [ 26.287201] ret_from_fork+0x116/0x1d0 [ 26.287223] ? __pfx_kthread+0x10/0x10 [ 26.287249] ret_from_fork_asm+0x1a/0x30 [ 26.287288] </TASK> [ 26.287303] [ 26.295991] Allocated by task 309: [ 26.296118] kasan_save_stack+0x45/0x70 [ 26.296261] kasan_save_track+0x18/0x40 [ 26.296399] kasan_save_alloc_info+0x3b/0x50 [ 26.296638] __kasan_kmalloc+0xb7/0xc0 [ 26.296950] __kmalloc_cache_noprof+0x189/0x420 [ 26.297182] kasan_bitops_generic+0x92/0x1c0 [ 26.297398] kunit_try_run_case+0x1a5/0x480 [ 26.297659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.298118] kthread+0x337/0x6f0 [ 26.298276] ret_from_fork+0x116/0x1d0 [ 26.298461] ret_from_fork_asm+0x1a/0x30 [ 26.298757] [ 26.298903] The buggy address belongs to the object at ffff888104884680 [ 26.298903] which belongs to the cache kmalloc-16 of size 16 [ 26.299321] The buggy address is located 8 bytes inside of [ 26.299321] allocated 9-byte region [ffff888104884680, ffff888104884689) [ 26.300200] [ 26.300478] The buggy address belongs to the physical page: [ 26.300704] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104884 [ 26.301339] flags: 0x200000000000000(node=0|zone=2) [ 26.301537] page_type: f5(slab) [ 26.301846] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 26.302297] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.302629] page dumped because: kasan: bad access detected [ 26.302804] [ 26.302873] Memory state around the buggy address: [ 26.303203] ffff888104884580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.303545] ffff888104884600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.304152] >ffff888104884680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.304442] ^ [ 26.304662] ffff888104884700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.305010] ffff888104884780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.305385] ================================================================== [ 26.139057] ================================================================== [ 26.139421] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 26.139772] Write of size 8 at addr ffff888104884688 by task kunit_try_catch/309 [ 26.140275] [ 26.140386] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250715 #1 PREEMPT(voluntary) [ 26.140443] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.140459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.140486] Call Trace: [ 26.140500] <TASK> [ 26.140518] dump_stack_lvl+0x73/0xb0 [ 26.140562] print_report+0xd1/0x610 [ 26.140893] ? __virt_addr_valid+0x1db/0x2d0 [ 26.140925] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 26.141011] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.141044] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 26.141076] kasan_report+0x141/0x180 [ 26.141114] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 26.141152] kasan_check_range+0x10c/0x1c0 [ 26.141192] __kasan_check_write+0x18/0x20 [ 26.141220] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 26.141251] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.141285] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.141314] ? trace_hardirqs_on+0x37/0xe0 [ 26.141340] ? kasan_bitops_generic+0x92/0x1c0 [ 26.141374] kasan_bitops_generic+0x116/0x1c0 [ 26.141403] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.141434] ? __pfx_read_tsc+0x10/0x10 [ 26.141460] ? ktime_get_ts64+0x86/0x230 [ 26.141490] kunit_try_run_case+0x1a5/0x480 [ 26.141518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.141554] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.141647] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.141678] ? __kthread_parkme+0x82/0x180 [ 26.141703] ? preempt_count_sub+0x50/0x80 [ 26.141732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.141761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.141792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.141824] kthread+0x337/0x6f0 [ 26.141848] ? trace_preempt_on+0x20/0xc0 [ 26.141876] ? __pfx_kthread+0x10/0x10 [ 26.141900] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.141930] ? calculate_sigpending+0x7b/0xa0 [ 26.141958] ? __pfx_kthread+0x10/0x10 [ 26.141985] ret_from_fork+0x116/0x1d0 [ 26.142007] ? __pfx_kthread+0x10/0x10 [ 26.142033] ret_from_fork_asm+0x1a/0x30 [ 26.142074] </TASK> [ 26.142087] [ 26.151387] Allocated by task 309: [ 26.151564] kasan_save_stack+0x45/0x70 [ 26.151843] kasan_save_track+0x18/0x40 [ 26.152019] kasan_save_alloc_info+0x3b/0x50 [ 26.152183] __kasan_kmalloc+0xb7/0xc0 [ 26.152398] __kmalloc_cache_noprof+0x189/0x420 [ 26.152634] kasan_bitops_generic+0x92/0x1c0 [ 26.152888] kunit_try_run_case+0x1a5/0x480 [ 26.153302] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.153574] kthread+0x337/0x6f0 [ 26.153702] ret_from_fork+0x116/0x1d0 [ 26.153841] ret_from_fork_asm+0x1a/0x30 [ 26.153986] [ 26.154077] The buggy address belongs to the object at ffff888104884680 [ 26.154077] which belongs to the cache kmalloc-16 of size 16 [ 26.154656] The buggy address is located 8 bytes inside of [ 26.154656] allocated 9-byte region [ffff888104884680, ffff888104884689) [ 26.155047] [ 26.155117] The buggy address belongs to the physical page: [ 26.157621] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104884 [ 26.158438] flags: 0x200000000000000(node=0|zone=2) [ 26.159055] page_type: f5(slab) [ 26.159194] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 26.159436] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.160810] page dumped because: kasan: bad access detected [ 26.161699] [ 26.162173] Memory state around the buggy address: [ 26.163186] ffff888104884580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.163990] ffff888104884600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.164237] >ffff888104884680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.164472] ^ [ 26.164715] ffff888104884700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.165812] ffff888104884780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.166657] ================================================================== [ 26.226186] ================================================================== [ 26.226494] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 26.227026] Write of size 8 at addr ffff888104884688 by task kunit_try_catch/309 [ 26.227344] [ 26.227455] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250715 #1 PREEMPT(voluntary) [ 26.227512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.227540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.227644] Call Trace: [ 26.227663] <TASK> [ 26.227680] dump_stack_lvl+0x73/0xb0 [ 26.227713] print_report+0xd1/0x610 [ 26.227741] ? __virt_addr_valid+0x1db/0x2d0 [ 26.227768] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 26.227798] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.227830] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 26.227862] kasan_report+0x141/0x180 [ 26.227888] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 26.227926] kasan_check_range+0x10c/0x1c0 [ 26.227955] __kasan_check_write+0x18/0x20 [ 26.227983] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 26.228014] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.228047] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.228075] ? trace_hardirqs_on+0x37/0xe0 [ 26.228101] ? kasan_bitops_generic+0x92/0x1c0 [ 26.228136] kasan_bitops_generic+0x116/0x1c0 [ 26.228164] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.228195] ? __pfx_read_tsc+0x10/0x10 [ 26.228220] ? ktime_get_ts64+0x86/0x230 [ 26.228249] kunit_try_run_case+0x1a5/0x480 [ 26.228277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.228302] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.228330] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.228358] ? __kthread_parkme+0x82/0x180 [ 26.228383] ? preempt_count_sub+0x50/0x80 [ 26.228412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.228440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.228472] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.228504] kthread+0x337/0x6f0 [ 26.228537] ? trace_preempt_on+0x20/0xc0 [ 26.228630] ? __pfx_kthread+0x10/0x10 [ 26.228659] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.228688] ? calculate_sigpending+0x7b/0xa0 [ 26.228716] ? __pfx_kthread+0x10/0x10 [ 26.228742] ret_from_fork+0x116/0x1d0 [ 26.228766] ? __pfx_kthread+0x10/0x10 [ 26.228791] ret_from_fork_asm+0x1a/0x30 [ 26.228832] </TASK> [ 26.228846] [ 26.237294] Allocated by task 309: [ 26.237465] kasan_save_stack+0x45/0x70 [ 26.237717] kasan_save_track+0x18/0x40 [ 26.237889] kasan_save_alloc_info+0x3b/0x50 [ 26.238104] __kasan_kmalloc+0xb7/0xc0 [ 26.238300] __kmalloc_cache_noprof+0x189/0x420 [ 26.238537] kasan_bitops_generic+0x92/0x1c0 [ 26.238918] kunit_try_run_case+0x1a5/0x480 [ 26.239103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.239344] kthread+0x337/0x6f0 [ 26.239517] ret_from_fork+0x116/0x1d0 [ 26.239806] ret_from_fork_asm+0x1a/0x30 [ 26.239983] [ 26.240077] The buggy address belongs to the object at ffff888104884680 [ 26.240077] which belongs to the cache kmalloc-16 of size 16 [ 26.240653] The buggy address is located 8 bytes inside of [ 26.240653] allocated 9-byte region [ffff888104884680, ffff888104884689) [ 26.241134] [ 26.241216] The buggy address belongs to the physical page: [ 26.241447] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104884 [ 26.241873] flags: 0x200000000000000(node=0|zone=2) [ 26.242082] page_type: f5(slab) [ 26.242253] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 26.242742] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.243057] page dumped because: kasan: bad access detected [ 26.243283] [ 26.243369] Memory state around the buggy address: [ 26.243671] ffff888104884580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.243973] ffff888104884600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.244218] >ffff888104884680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.244440] ^ [ 26.245457] ffff888104884700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.246607] ffff888104884780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.247522] ================================================================== [ 26.305965] ================================================================== [ 26.306324] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 26.306890] Write of size 8 at addr ffff888104884688 by task kunit_try_catch/309 [ 26.307155] [ 26.307266] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250715 #1 PREEMPT(voluntary) [ 26.307322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.307375] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.307400] Call Trace: [ 26.307416] <TASK> [ 26.307471] dump_stack_lvl+0x73/0xb0 [ 26.307538] print_report+0xd1/0x610 [ 26.307566] ? __virt_addr_valid+0x1db/0x2d0 [ 26.307593] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 26.307623] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.307655] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 26.307687] kasan_report+0x141/0x180 [ 26.307715] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 26.307753] kasan_check_range+0x10c/0x1c0 [ 26.307781] __kasan_check_write+0x18/0x20 [ 26.307837] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 26.307869] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.308010] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.308041] ? trace_hardirqs_on+0x37/0xe0 [ 26.308068] ? kasan_bitops_generic+0x92/0x1c0 [ 26.308102] kasan_bitops_generic+0x116/0x1c0 [ 26.308130] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.308161] ? __pfx_read_tsc+0x10/0x10 [ 26.308185] ? ktime_get_ts64+0x86/0x230 [ 26.308215] kunit_try_run_case+0x1a5/0x480 [ 26.308242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.308269] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.308296] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.308324] ? __kthread_parkme+0x82/0x180 [ 26.308347] ? preempt_count_sub+0x50/0x80 [ 26.308377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.308405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.308436] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.308469] kthread+0x337/0x6f0 [ 26.308493] ? trace_preempt_on+0x20/0xc0 [ 26.308521] ? __pfx_kthread+0x10/0x10 [ 26.308555] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.308585] ? calculate_sigpending+0x7b/0xa0 [ 26.308613] ? __pfx_kthread+0x10/0x10 [ 26.308639] ret_from_fork+0x116/0x1d0 [ 26.308697] ? __pfx_kthread+0x10/0x10 [ 26.308765] ret_from_fork_asm+0x1a/0x30 [ 26.308805] </TASK> [ 26.308818] [ 26.317744] Allocated by task 309: [ 26.318077] kasan_save_stack+0x45/0x70 [ 26.318306] kasan_save_track+0x18/0x40 [ 26.318513] kasan_save_alloc_info+0x3b/0x50 [ 26.318777] __kasan_kmalloc+0xb7/0xc0 [ 26.318917] __kmalloc_cache_noprof+0x189/0x420 [ 26.319078] kasan_bitops_generic+0x92/0x1c0 [ 26.319263] kunit_try_run_case+0x1a5/0x480 [ 26.319479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.319853] kthread+0x337/0x6f0 [ 26.320238] ret_from_fork+0x116/0x1d0 [ 26.320469] ret_from_fork_asm+0x1a/0x30 [ 26.320654] [ 26.320733] The buggy address belongs to the object at ffff888104884680 [ 26.320733] which belongs to the cache kmalloc-16 of size 16 [ 26.321298] The buggy address is located 8 bytes inside of [ 26.321298] allocated 9-byte region [ffff888104884680, ffff888104884689) [ 26.321811] [ 26.322033] The buggy address belongs to the physical page: [ 26.322342] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104884 [ 26.322719] flags: 0x200000000000000(node=0|zone=2) [ 26.323041] page_type: f5(slab) [ 26.323191] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 26.323787] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.324114] page dumped because: kasan: bad access detected [ 26.324368] [ 26.324506] Memory state around the buggy address: [ 26.324826] ffff888104884580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.325172] ffff888104884600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.325441] >ffff888104884680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.326006] ^ [ 26.326196] ffff888104884700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.326636] ffff888104884780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.327068] ================================================================== [ 26.199729] ================================================================== [ 26.200011] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 26.200347] Write of size 8 at addr ffff888104884688 by task kunit_try_catch/309 [ 26.201715] [ 26.201981] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250715 #1 PREEMPT(voluntary) [ 26.202165] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.202184] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.202210] Call Trace: [ 26.202227] <TASK> [ 26.202243] dump_stack_lvl+0x73/0xb0 [ 26.202277] print_report+0xd1/0x610 [ 26.202304] ? __virt_addr_valid+0x1db/0x2d0 [ 26.202332] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 26.202362] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.202393] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 26.202426] kasan_report+0x141/0x180 [ 26.202453] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 26.202496] kasan_check_range+0x10c/0x1c0 [ 26.202535] __kasan_check_write+0x18/0x20 [ 26.202563] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 26.202662] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.202695] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.202724] ? trace_hardirqs_on+0x37/0xe0 [ 26.202751] ? kasan_bitops_generic+0x92/0x1c0 [ 26.202786] kasan_bitops_generic+0x116/0x1c0 [ 26.202814] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.202845] ? __pfx_read_tsc+0x10/0x10 [ 26.202869] ? ktime_get_ts64+0x86/0x230 [ 26.202901] kunit_try_run_case+0x1a5/0x480 [ 26.202929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.202956] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.202983] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.203011] ? __kthread_parkme+0x82/0x180 [ 26.203036] ? preempt_count_sub+0x50/0x80 [ 26.203067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.203095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.203129] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.203161] kthread+0x337/0x6f0 [ 26.203184] ? trace_preempt_on+0x20/0xc0 [ 26.203212] ? __pfx_kthread+0x10/0x10 [ 26.203236] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.203266] ? calculate_sigpending+0x7b/0xa0 [ 26.203294] ? __pfx_kthread+0x10/0x10 [ 26.203321] ret_from_fork+0x116/0x1d0 [ 26.203343] ? __pfx_kthread+0x10/0x10 [ 26.203369] ret_from_fork_asm+0x1a/0x30 [ 26.203408] </TASK> [ 26.203422] [ 26.216996] Allocated by task 309: [ 26.217179] kasan_save_stack+0x45/0x70 [ 26.217368] kasan_save_track+0x18/0x40 [ 26.218089] kasan_save_alloc_info+0x3b/0x50 [ 26.218277] __kasan_kmalloc+0xb7/0xc0 [ 26.218418] __kmalloc_cache_noprof+0x189/0x420 [ 26.218984] kasan_bitops_generic+0x92/0x1c0 [ 26.219388] kunit_try_run_case+0x1a5/0x480 [ 26.219570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.219766] kthread+0x337/0x6f0 [ 26.219893] ret_from_fork+0x116/0x1d0 [ 26.220030] ret_from_fork_asm+0x1a/0x30 [ 26.220173] [ 26.220245] The buggy address belongs to the object at ffff888104884680 [ 26.220245] which belongs to the cache kmalloc-16 of size 16 [ 26.220665] The buggy address is located 8 bytes inside of [ 26.220665] allocated 9-byte region [ffff888104884680, ffff888104884689) [ 26.221215] [ 26.221318] The buggy address belongs to the physical page: [ 26.221651] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104884 [ 26.222016] flags: 0x200000000000000(node=0|zone=2) [ 26.222254] page_type: f5(slab) [ 26.222427] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 26.222969] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.223214] page dumped because: kasan: bad access detected [ 26.223444] [ 26.223555] Memory state around the buggy address: [ 26.223872] ffff888104884580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.224202] ffff888104884600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.224499] >ffff888104884680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.224874] ^ [ 26.225059] ffff888104884700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.225374] ffff888104884780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.225771] ================================================================== [ 26.168393] ================================================================== [ 26.168999] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 26.169275] Write of size 8 at addr ffff888104884688 by task kunit_try_catch/309 [ 26.169515] [ 26.169628] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250715 #1 PREEMPT(voluntary) [ 26.169687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.169703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.169729] Call Trace: [ 26.169749] <TASK> [ 26.169769] dump_stack_lvl+0x73/0xb0 [ 26.169861] print_report+0xd1/0x610 [ 26.169890] ? __virt_addr_valid+0x1db/0x2d0 [ 26.170128] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 26.170161] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.170195] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 26.170227] kasan_report+0x141/0x180 [ 26.170256] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 26.170295] kasan_check_range+0x10c/0x1c0 [ 26.170325] __kasan_check_write+0x18/0x20 [ 26.170352] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 26.170384] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 26.170417] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.170446] ? trace_hardirqs_on+0x37/0xe0 [ 26.170482] ? kasan_bitops_generic+0x92/0x1c0 [ 26.170517] kasan_bitops_generic+0x116/0x1c0 [ 26.170558] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 26.170867] ? __pfx_read_tsc+0x10/0x10 [ 26.170897] ? ktime_get_ts64+0x86/0x230 [ 26.170930] kunit_try_run_case+0x1a5/0x480 [ 26.170960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.170988] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.171017] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.171045] ? __kthread_parkme+0x82/0x180 [ 26.171070] ? preempt_count_sub+0x50/0x80 [ 26.171100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.171128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.171161] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.171194] kthread+0x337/0x6f0 [ 26.171217] ? trace_preempt_on+0x20/0xc0 [ 26.171245] ? __pfx_kthread+0x10/0x10 [ 26.171269] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.171297] ? calculate_sigpending+0x7b/0xa0 [ 26.171329] ? __pfx_kthread+0x10/0x10 [ 26.171355] ret_from_fork+0x116/0x1d0 [ 26.171377] ? __pfx_kthread+0x10/0x10 [ 26.171403] ret_from_fork_asm+0x1a/0x30 [ 26.171443] </TASK> [ 26.171457] [ 26.189364] Allocated by task 309: [ 26.189500] kasan_save_stack+0x45/0x70 [ 26.189667] kasan_save_track+0x18/0x40 [ 26.189835] kasan_save_alloc_info+0x3b/0x50 [ 26.190157] __kasan_kmalloc+0xb7/0xc0 [ 26.190316] __kmalloc_cache_noprof+0x189/0x420 [ 26.190482] kasan_bitops_generic+0x92/0x1c0 [ 26.190924] kunit_try_run_case+0x1a5/0x480 [ 26.191333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.191705] kthread+0x337/0x6f0 [ 26.191917] ret_from_fork+0x116/0x1d0 [ 26.192129] ret_from_fork_asm+0x1a/0x30 [ 26.192329] [ 26.192462] The buggy address belongs to the object at ffff888104884680 [ 26.192462] which belongs to the cache kmalloc-16 of size 16 [ 26.193224] The buggy address is located 8 bytes inside of [ 26.193224] allocated 9-byte region [ffff888104884680, ffff888104884689) [ 26.193894] [ 26.194112] The buggy address belongs to the physical page: [ 26.194304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104884 [ 26.194692] flags: 0x200000000000000(node=0|zone=2) [ 26.195197] page_type: f5(slab) [ 26.195379] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 26.195710] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 26.196033] page dumped because: kasan: bad access detected [ 26.196466] [ 26.196612] Memory state around the buggy address: [ 26.196815] ffff888104884580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.197236] ffff888104884600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 26.197576] >ffff888104884680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.198282] ^ [ 26.198453] ffff888104884700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.198912] ffff888104884780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.199233] ==================================================================