Date
July 17, 2025, 10:12 a.m.
| Environment | |
|---|---|
| qemu-x86_64 |
[ 27.688276] ================================================================== [ 27.688627] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 27.689571] Write of size 8 at addr ffff8881048d1b08 by task kunit_try_catch/310 [ 27.689904] [ 27.689993] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250717 #1 PREEMPT(voluntary) [ 27.690040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.690052] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.690072] Call Trace: [ 27.690100] <TASK> [ 27.690114] dump_stack_lvl+0x73/0xb0 [ 27.690143] print_report+0xd1/0x610 [ 27.690165] ? __virt_addr_valid+0x1db/0x2d0 [ 27.690187] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 27.690211] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.690236] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 27.690267] kasan_report+0x141/0x180 [ 27.690289] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 27.690318] kasan_check_range+0x10c/0x1c0 [ 27.690341] __kasan_check_write+0x18/0x20 [ 27.690363] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 27.690387] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.690412] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.690435] ? trace_hardirqs_on+0x37/0xe0 [ 27.690457] ? kasan_bitops_generic+0x92/0x1c0 [ 27.690484] kasan_bitops_generic+0x116/0x1c0 [ 27.690506] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.690530] ? __pfx_read_tsc+0x10/0x10 [ 27.690550] ? ktime_get_ts64+0x86/0x230 [ 27.690573] kunit_try_run_case+0x1a5/0x480 [ 27.690595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.690617] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.690641] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.690664] ? __kthread_parkme+0x82/0x180 [ 27.690688] ? preempt_count_sub+0x50/0x80 [ 27.690711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.690734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.690756] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.690779] kthread+0x337/0x6f0 [ 27.690797] ? trace_preempt_on+0x20/0xc0 [ 27.690819] ? __pfx_kthread+0x10/0x10 [ 27.690839] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.690860] ? calculate_sigpending+0x7b/0xa0 [ 27.690882] ? __pfx_kthread+0x10/0x10 [ 27.690903] ret_from_fork+0x116/0x1d0 [ 27.690921] ? __pfx_kthread+0x10/0x10 [ 27.690941] ret_from_fork_asm+0x1a/0x30 [ 27.690972] </TASK> [ 27.690983] [ 27.705042] Allocated by task 310: [ 27.705194] kasan_save_stack+0x45/0x70 [ 27.705517] kasan_save_track+0x18/0x40 [ 27.705987] kasan_save_alloc_info+0x3b/0x50 [ 27.706422] __kasan_kmalloc+0xb7/0xc0 [ 27.706684] __kmalloc_cache_noprof+0x189/0x420 [ 27.707044] kasan_bitops_generic+0x92/0x1c0 [ 27.707198] kunit_try_run_case+0x1a5/0x480 [ 27.707376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.707915] kthread+0x337/0x6f0 [ 27.708248] ret_from_fork+0x116/0x1d0 [ 27.708640] ret_from_fork_asm+0x1a/0x30 [ 27.709026] [ 27.709228] The buggy address belongs to the object at ffff8881048d1b00 [ 27.709228] which belongs to the cache kmalloc-16 of size 16 [ 27.709833] The buggy address is located 8 bytes inside of [ 27.709833] allocated 9-byte region [ffff8881048d1b00, ffff8881048d1b09) [ 27.710196] [ 27.710261] The buggy address belongs to the physical page: [ 27.710812] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1048d1 [ 27.711536] flags: 0x200000000000000(node=0|zone=2) [ 27.712113] page_type: f5(slab) [ 27.712444] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.713112] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.714022] page dumped because: kasan: bad access detected [ 27.714430] [ 27.714495] Memory state around the buggy address: [ 27.714644] ffff8881048d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.714852] ffff8881048d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.715060] >ffff8881048d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.715392] ^ [ 27.715549] ffff8881048d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.715918] ffff8881048d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.716220] ================================================================== [ 27.768807] ================================================================== [ 27.769304] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 27.769679] Write of size 8 at addr ffff8881048d1b08 by task kunit_try_catch/310 [ 27.770256] [ 27.770387] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250717 #1 PREEMPT(voluntary) [ 27.770519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.770531] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.770552] Call Trace: [ 27.770567] <TASK> [ 27.770581] dump_stack_lvl+0x73/0xb0 [ 27.770610] print_report+0xd1/0x610 [ 27.770632] ? __virt_addr_valid+0x1db/0x2d0 [ 27.770654] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 27.770678] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.770703] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 27.770727] kasan_report+0x141/0x180 [ 27.770749] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 27.770778] kasan_check_range+0x10c/0x1c0 [ 27.770800] __kasan_check_write+0x18/0x20 [ 27.770822] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 27.770847] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.770872] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.770895] ? trace_hardirqs_on+0x37/0xe0 [ 27.770917] ? kasan_bitops_generic+0x92/0x1c0 [ 27.770943] kasan_bitops_generic+0x116/0x1c0 [ 27.770966] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.770990] ? __pfx_read_tsc+0x10/0x10 [ 27.771009] ? ktime_get_ts64+0x86/0x230 [ 27.771033] kunit_try_run_case+0x1a5/0x480 [ 27.771056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.771090] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.771112] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.771135] ? __kthread_parkme+0x82/0x180 [ 27.771158] ? preempt_count_sub+0x50/0x80 [ 27.771181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.771205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.771227] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.771250] kthread+0x337/0x6f0 [ 27.771268] ? trace_preempt_on+0x20/0xc0 [ 27.771308] ? __pfx_kthread+0x10/0x10 [ 27.771327] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.771348] ? calculate_sigpending+0x7b/0xa0 [ 27.771370] ? __pfx_kthread+0x10/0x10 [ 27.771391] ret_from_fork+0x116/0x1d0 [ 27.771409] ? __pfx_kthread+0x10/0x10 [ 27.771428] ret_from_fork_asm+0x1a/0x30 [ 27.771461] </TASK> [ 27.771472] [ 27.781893] Allocated by task 310: [ 27.782066] kasan_save_stack+0x45/0x70 [ 27.782269] kasan_save_track+0x18/0x40 [ 27.782733] kasan_save_alloc_info+0x3b/0x50 [ 27.783064] __kasan_kmalloc+0xb7/0xc0 [ 27.783522] __kmalloc_cache_noprof+0x189/0x420 [ 27.783802] kasan_bitops_generic+0x92/0x1c0 [ 27.784123] kunit_try_run_case+0x1a5/0x480 [ 27.784541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.784836] kthread+0x337/0x6f0 [ 27.785125] ret_from_fork+0x116/0x1d0 [ 27.785460] ret_from_fork_asm+0x1a/0x30 [ 27.785650] [ 27.785734] The buggy address belongs to the object at ffff8881048d1b00 [ 27.785734] which belongs to the cache kmalloc-16 of size 16 [ 27.786224] The buggy address is located 8 bytes inside of [ 27.786224] allocated 9-byte region [ffff8881048d1b00, ffff8881048d1b09) [ 27.787400] [ 27.787486] The buggy address belongs to the physical page: [ 27.788034] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1048d1 [ 27.788603] flags: 0x200000000000000(node=0|zone=2) [ 27.789010] page_type: f5(slab) [ 27.789190] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.790008] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.790500] page dumped because: kasan: bad access detected [ 27.790925] [ 27.791016] Memory state around the buggy address: [ 27.791381] ffff8881048d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.791673] ffff8881048d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.791960] >ffff8881048d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.792493] ^ [ 27.792632] ffff8881048d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.792923] ffff8881048d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.793221] ================================================================== [ 27.663947] ================================================================== [ 27.664572] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 27.664901] Write of size 8 at addr ffff8881048d1b08 by task kunit_try_catch/310 [ 27.665201] [ 27.665293] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250717 #1 PREEMPT(voluntary) [ 27.665342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.665355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.665376] Call Trace: [ 27.665389] <TASK> [ 27.665403] dump_stack_lvl+0x73/0xb0 [ 27.665432] print_report+0xd1/0x610 [ 27.665454] ? __virt_addr_valid+0x1db/0x2d0 [ 27.665476] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 27.665500] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.665525] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 27.665550] kasan_report+0x141/0x180 [ 27.665571] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 27.665600] kasan_check_range+0x10c/0x1c0 [ 27.665623] __kasan_check_write+0x18/0x20 [ 27.665645] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 27.665670] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.665696] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.665719] ? trace_hardirqs_on+0x37/0xe0 [ 27.665742] ? kasan_bitops_generic+0x92/0x1c0 [ 27.665770] kasan_bitops_generic+0x116/0x1c0 [ 27.665793] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.665818] ? __pfx_read_tsc+0x10/0x10 [ 27.665838] ? ktime_get_ts64+0x86/0x230 [ 27.665861] kunit_try_run_case+0x1a5/0x480 [ 27.665884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.665906] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.665937] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.665960] ? __kthread_parkme+0x82/0x180 [ 27.665983] ? preempt_count_sub+0x50/0x80 [ 27.666006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.666029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.666052] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.666074] kthread+0x337/0x6f0 [ 27.666165] ? trace_preempt_on+0x20/0xc0 [ 27.666189] ? __pfx_kthread+0x10/0x10 [ 27.666210] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.666231] ? calculate_sigpending+0x7b/0xa0 [ 27.666294] ? __pfx_kthread+0x10/0x10 [ 27.666315] ret_from_fork+0x116/0x1d0 [ 27.666334] ? __pfx_kthread+0x10/0x10 [ 27.666354] ret_from_fork_asm+0x1a/0x30 [ 27.666386] </TASK> [ 27.666396] [ 27.675045] Allocated by task 310: [ 27.675760] kasan_save_stack+0x45/0x70 [ 27.675944] kasan_save_track+0x18/0x40 [ 27.676122] kasan_save_alloc_info+0x3b/0x50 [ 27.676669] __kasan_kmalloc+0xb7/0xc0 [ 27.676852] __kmalloc_cache_noprof+0x189/0x420 [ 27.677001] kasan_bitops_generic+0x92/0x1c0 [ 27.677539] kunit_try_run_case+0x1a5/0x480 [ 27.677844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.678180] kthread+0x337/0x6f0 [ 27.678551] ret_from_fork+0x116/0x1d0 [ 27.678725] ret_from_fork_asm+0x1a/0x30 [ 27.678903] [ 27.678976] The buggy address belongs to the object at ffff8881048d1b00 [ 27.678976] which belongs to the cache kmalloc-16 of size 16 [ 27.679889] The buggy address is located 8 bytes inside of [ 27.679889] allocated 9-byte region [ffff8881048d1b00, ffff8881048d1b09) [ 27.680627] [ 27.680733] The buggy address belongs to the physical page: [ 27.681201] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1048d1 [ 27.681790] flags: 0x200000000000000(node=0|zone=2) [ 27.682111] page_type: f5(slab) [ 27.682281] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.682907] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.683390] page dumped because: kasan: bad access detected [ 27.683717] [ 27.683813] Memory state around the buggy address: [ 27.684209] ffff8881048d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.684648] ffff8881048d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.685061] >ffff8881048d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.685470] ^ [ 27.685650] ffff8881048d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.685932] ffff8881048d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.686244] ================================================================== [ 27.718646] ================================================================== [ 27.719497] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 27.719926] Write of size 8 at addr ffff8881048d1b08 by task kunit_try_catch/310 [ 27.720263] [ 27.720714] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250717 #1 PREEMPT(voluntary) [ 27.720769] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.720781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.720801] Call Trace: [ 27.720815] <TASK> [ 27.720831] dump_stack_lvl+0x73/0xb0 [ 27.720862] print_report+0xd1/0x610 [ 27.720884] ? __virt_addr_valid+0x1db/0x2d0 [ 27.720908] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 27.720932] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.720958] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 27.720982] kasan_report+0x141/0x180 [ 27.721003] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 27.721033] kasan_check_range+0x10c/0x1c0 [ 27.721057] __kasan_check_write+0x18/0x20 [ 27.721092] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 27.721118] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.721143] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.721166] ? trace_hardirqs_on+0x37/0xe0 [ 27.721189] ? kasan_bitops_generic+0x92/0x1c0 [ 27.721216] kasan_bitops_generic+0x116/0x1c0 [ 27.721238] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.721262] ? __pfx_read_tsc+0x10/0x10 [ 27.721360] ? ktime_get_ts64+0x86/0x230 [ 27.721387] kunit_try_run_case+0x1a5/0x480 [ 27.721412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.721433] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.721457] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.721479] ? __kthread_parkme+0x82/0x180 [ 27.721502] ? preempt_count_sub+0x50/0x80 [ 27.721525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.721548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.721571] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.721594] kthread+0x337/0x6f0 [ 27.721612] ? trace_preempt_on+0x20/0xc0 [ 27.721634] ? __pfx_kthread+0x10/0x10 [ 27.721654] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.721675] ? calculate_sigpending+0x7b/0xa0 [ 27.721698] ? __pfx_kthread+0x10/0x10 [ 27.721719] ret_from_fork+0x116/0x1d0 [ 27.721737] ? __pfx_kthread+0x10/0x10 [ 27.721757] ret_from_fork_asm+0x1a/0x30 [ 27.721788] </TASK> [ 27.721798] [ 27.732590] Allocated by task 310: [ 27.732782] kasan_save_stack+0x45/0x70 [ 27.733095] kasan_save_track+0x18/0x40 [ 27.733335] kasan_save_alloc_info+0x3b/0x50 [ 27.733656] __kasan_kmalloc+0xb7/0xc0 [ 27.733855] __kmalloc_cache_noprof+0x189/0x420 [ 27.734175] kasan_bitops_generic+0x92/0x1c0 [ 27.734468] kunit_try_run_case+0x1a5/0x480 [ 27.734784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.735038] kthread+0x337/0x6f0 [ 27.735205] ret_from_fork+0x116/0x1d0 [ 27.735562] ret_from_fork_asm+0x1a/0x30 [ 27.735915] [ 27.736006] The buggy address belongs to the object at ffff8881048d1b00 [ 27.736006] which belongs to the cache kmalloc-16 of size 16 [ 27.736623] The buggy address is located 8 bytes inside of [ 27.736623] allocated 9-byte region [ffff8881048d1b00, ffff8881048d1b09) [ 27.737271] [ 27.737456] The buggy address belongs to the physical page: [ 27.737781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1048d1 [ 27.738199] flags: 0x200000000000000(node=0|zone=2) [ 27.738564] page_type: f5(slab) [ 27.738712] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.739182] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.739576] page dumped because: kasan: bad access detected [ 27.739792] [ 27.739881] Memory state around the buggy address: [ 27.740101] ffff8881048d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.740659] ffff8881048d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.740942] >ffff8881048d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.741357] ^ [ 27.741529] ffff8881048d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.741970] ffff8881048d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.742309] ================================================================== [ 27.743290] ================================================================== [ 27.743967] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 27.744436] Write of size 8 at addr ffff8881048d1b08 by task kunit_try_catch/310 [ 27.744956] [ 27.745057] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250717 #1 PREEMPT(voluntary) [ 27.745137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.745148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.745184] Call Trace: [ 27.745197] <TASK> [ 27.745211] dump_stack_lvl+0x73/0xb0 [ 27.745241] print_report+0xd1/0x610 [ 27.745262] ? __virt_addr_valid+0x1db/0x2d0 [ 27.745416] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 27.745444] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.745470] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 27.745495] kasan_report+0x141/0x180 [ 27.745517] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 27.745547] kasan_check_range+0x10c/0x1c0 [ 27.745571] __kasan_check_write+0x18/0x20 [ 27.745597] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 27.745622] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.745648] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.745672] ? trace_hardirqs_on+0x37/0xe0 [ 27.745693] ? kasan_bitops_generic+0x92/0x1c0 [ 27.745720] kasan_bitops_generic+0x116/0x1c0 [ 27.745742] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.745767] ? __pfx_read_tsc+0x10/0x10 [ 27.745787] ? ktime_get_ts64+0x86/0x230 [ 27.745810] kunit_try_run_case+0x1a5/0x480 [ 27.745834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.745856] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.745879] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.745902] ? __kthread_parkme+0x82/0x180 [ 27.745933] ? preempt_count_sub+0x50/0x80 [ 27.745956] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.745979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.746001] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.746024] kthread+0x337/0x6f0 [ 27.746042] ? trace_preempt_on+0x20/0xc0 [ 27.746063] ? __pfx_kthread+0x10/0x10 [ 27.746093] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.746114] ? calculate_sigpending+0x7b/0xa0 [ 27.746137] ? __pfx_kthread+0x10/0x10 [ 27.746157] ret_from_fork+0x116/0x1d0 [ 27.746176] ? __pfx_kthread+0x10/0x10 [ 27.746198] ret_from_fork_asm+0x1a/0x30 [ 27.746229] </TASK> [ 27.746240] [ 27.757040] Allocated by task 310: [ 27.757397] kasan_save_stack+0x45/0x70 [ 27.757608] kasan_save_track+0x18/0x40 [ 27.757928] kasan_save_alloc_info+0x3b/0x50 [ 27.758293] __kasan_kmalloc+0xb7/0xc0 [ 27.758603] __kmalloc_cache_noprof+0x189/0x420 [ 27.758830] kasan_bitops_generic+0x92/0x1c0 [ 27.759166] kunit_try_run_case+0x1a5/0x480 [ 27.759415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.759745] kthread+0x337/0x6f0 [ 27.759917] ret_from_fork+0x116/0x1d0 [ 27.760095] ret_from_fork_asm+0x1a/0x30 [ 27.760282] [ 27.760379] The buggy address belongs to the object at ffff8881048d1b00 [ 27.760379] which belongs to the cache kmalloc-16 of size 16 [ 27.760872] The buggy address is located 8 bytes inside of [ 27.760872] allocated 9-byte region [ffff8881048d1b00, ffff8881048d1b09) [ 27.761867] [ 27.761960] The buggy address belongs to the physical page: [ 27.762347] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1048d1 [ 27.762903] flags: 0x200000000000000(node=0|zone=2) [ 27.763220] page_type: f5(slab) [ 27.763467] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.763908] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.764324] page dumped because: kasan: bad access detected [ 27.764621] [ 27.764706] Memory state around the buggy address: [ 27.765138] ffff8881048d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.765617] ffff8881048d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.766031] >ffff8881048d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.766359] ^ [ 27.766710] ffff8881048d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.767144] ffff8881048d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.767529] ================================================================== [ 27.795277] ================================================================== [ 27.795675] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 27.796335] Write of size 8 at addr ffff8881048d1b08 by task kunit_try_catch/310 [ 27.796759] [ 27.796965] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250717 #1 PREEMPT(voluntary) [ 27.797018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.797138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.797161] Call Trace: [ 27.797173] <TASK> [ 27.797189] dump_stack_lvl+0x73/0xb0 [ 27.797219] print_report+0xd1/0x610 [ 27.797242] ? __virt_addr_valid+0x1db/0x2d0 [ 27.797264] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 27.797321] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.797346] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 27.797371] kasan_report+0x141/0x180 [ 27.797391] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 27.797421] kasan_check_range+0x10c/0x1c0 [ 27.797444] __kasan_check_write+0x18/0x20 [ 27.797465] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 27.797491] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.797515] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.797538] ? trace_hardirqs_on+0x37/0xe0 [ 27.797561] ? kasan_bitops_generic+0x92/0x1c0 [ 27.797587] kasan_bitops_generic+0x116/0x1c0 [ 27.797610] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.797634] ? __pfx_read_tsc+0x10/0x10 [ 27.797655] ? ktime_get_ts64+0x86/0x230 [ 27.797679] kunit_try_run_case+0x1a5/0x480 [ 27.797702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.797723] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.797746] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.797769] ? __kthread_parkme+0x82/0x180 [ 27.797792] ? preempt_count_sub+0x50/0x80 [ 27.797814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.797837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.797859] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.797882] kthread+0x337/0x6f0 [ 27.797900] ? trace_preempt_on+0x20/0xc0 [ 27.797929] ? __pfx_kthread+0x10/0x10 [ 27.797949] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.797970] ? calculate_sigpending+0x7b/0xa0 [ 27.797992] ? __pfx_kthread+0x10/0x10 [ 27.798013] ret_from_fork+0x116/0x1d0 [ 27.798031] ? __pfx_kthread+0x10/0x10 [ 27.798051] ret_from_fork_asm+0x1a/0x30 [ 27.798091] </TASK> [ 27.798102] [ 27.809867] Allocated by task 310: [ 27.810159] kasan_save_stack+0x45/0x70 [ 27.810464] kasan_save_track+0x18/0x40 [ 27.810664] kasan_save_alloc_info+0x3b/0x50 [ 27.810852] __kasan_kmalloc+0xb7/0xc0 [ 27.811019] __kmalloc_cache_noprof+0x189/0x420 [ 27.811227] kasan_bitops_generic+0x92/0x1c0 [ 27.811650] kunit_try_run_case+0x1a5/0x480 [ 27.812019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.812415] kthread+0x337/0x6f0 [ 27.812697] ret_from_fork+0x116/0x1d0 [ 27.812996] ret_from_fork_asm+0x1a/0x30 [ 27.813199] [ 27.813464] The buggy address belongs to the object at ffff8881048d1b00 [ 27.813464] which belongs to the cache kmalloc-16 of size 16 [ 27.813936] The buggy address is located 8 bytes inside of [ 27.813936] allocated 9-byte region [ffff8881048d1b00, ffff8881048d1b09) [ 27.814844] [ 27.814948] The buggy address belongs to the physical page: [ 27.815390] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1048d1 [ 27.815893] flags: 0x200000000000000(node=0|zone=2) [ 27.816292] page_type: f5(slab) [ 27.816584] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.817200] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.817710] page dumped because: kasan: bad access detected [ 27.817940] [ 27.818022] Memory state around the buggy address: [ 27.818232] ffff8881048d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.818821] ffff8881048d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.819434] >ffff8881048d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.819907] ^ [ 27.820202] ffff8881048d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.820650] ffff8881048d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.820931] ================================================================== [ 27.821503] ================================================================== [ 27.821749] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 27.822274] Write of size 8 at addr ffff8881048d1b08 by task kunit_try_catch/310 [ 27.822576] [ 27.822654] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250717 #1 PREEMPT(voluntary) [ 27.822779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.822791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.822810] Call Trace: [ 27.822823] <TASK> [ 27.822838] dump_stack_lvl+0x73/0xb0 [ 27.822868] print_report+0xd1/0x610 [ 27.822889] ? __virt_addr_valid+0x1db/0x2d0 [ 27.822910] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 27.822934] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.822959] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 27.822984] kasan_report+0x141/0x180 [ 27.823006] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 27.823035] kasan_check_range+0x10c/0x1c0 [ 27.823057] __kasan_check_write+0x18/0x20 [ 27.823092] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 27.823117] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.823143] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.823166] ? trace_hardirqs_on+0x37/0xe0 [ 27.823188] ? kasan_bitops_generic+0x92/0x1c0 [ 27.823215] kasan_bitops_generic+0x116/0x1c0 [ 27.823237] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.823323] ? __pfx_read_tsc+0x10/0x10 [ 27.823343] ? ktime_get_ts64+0x86/0x230 [ 27.823367] kunit_try_run_case+0x1a5/0x480 [ 27.823390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.823412] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.823435] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.823458] ? __kthread_parkme+0x82/0x180 [ 27.823481] ? preempt_count_sub+0x50/0x80 [ 27.823504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.823527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.823549] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.823571] kthread+0x337/0x6f0 [ 27.823590] ? trace_preempt_on+0x20/0xc0 [ 27.823612] ? __pfx_kthread+0x10/0x10 [ 27.823631] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.823652] ? calculate_sigpending+0x7b/0xa0 [ 27.823675] ? __pfx_kthread+0x10/0x10 [ 27.823696] ret_from_fork+0x116/0x1d0 [ 27.823714] ? __pfx_kthread+0x10/0x10 [ 27.823734] ret_from_fork_asm+0x1a/0x30 [ 27.823765] </TASK> [ 27.823775] [ 27.831686] Allocated by task 310: [ 27.831811] kasan_save_stack+0x45/0x70 [ 27.832002] kasan_save_track+0x18/0x40 [ 27.832198] kasan_save_alloc_info+0x3b/0x50 [ 27.832379] __kasan_kmalloc+0xb7/0xc0 [ 27.832503] __kmalloc_cache_noprof+0x189/0x420 [ 27.832649] kasan_bitops_generic+0x92/0x1c0 [ 27.832899] kunit_try_run_case+0x1a5/0x480 [ 27.833106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.833448] kthread+0x337/0x6f0 [ 27.833611] ret_from_fork+0x116/0x1d0 [ 27.833781] ret_from_fork_asm+0x1a/0x30 [ 27.833912] [ 27.833985] The buggy address belongs to the object at ffff8881048d1b00 [ 27.833985] which belongs to the cache kmalloc-16 of size 16 [ 27.834339] The buggy address is located 8 bytes inside of [ 27.834339] allocated 9-byte region [ffff8881048d1b00, ffff8881048d1b09) [ 27.834859] [ 27.834966] The buggy address belongs to the physical page: [ 27.835216] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1048d1 [ 27.835557] flags: 0x200000000000000(node=0|zone=2) [ 27.835719] page_type: f5(slab) [ 27.835833] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.836054] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.836828] page dumped because: kasan: bad access detected [ 27.837068] [ 27.837138] Memory state around the buggy address: [ 27.837284] ffff8881048d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.837490] ffff8881048d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.837915] >ffff8881048d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.838234] ^ [ 27.838527] ffff8881048d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.838732] ffff8881048d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.838937] ================================================================== [ 27.839386] ================================================================== [ 27.839718] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 27.840329] Write of size 8 at addr ffff8881048d1b08 by task kunit_try_catch/310 [ 27.840671] [ 27.840777] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250717 #1 PREEMPT(voluntary) [ 27.840823] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.840834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.840855] Call Trace: [ 27.840867] <TASK> [ 27.840881] dump_stack_lvl+0x73/0xb0 [ 27.840909] print_report+0xd1/0x610 [ 27.840931] ? __virt_addr_valid+0x1db/0x2d0 [ 27.840954] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 27.840978] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.841004] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 27.841028] kasan_report+0x141/0x180 [ 27.841050] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 27.841092] kasan_check_range+0x10c/0x1c0 [ 27.841118] __kasan_check_write+0x18/0x20 [ 27.841142] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 27.841168] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.841194] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.841217] ? trace_hardirqs_on+0x37/0xe0 [ 27.841249] ? kasan_bitops_generic+0x92/0x1c0 [ 27.841275] kasan_bitops_generic+0x116/0x1c0 [ 27.841298] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.841323] ? __pfx_read_tsc+0x10/0x10 [ 27.841343] ? ktime_get_ts64+0x86/0x230 [ 27.841367] kunit_try_run_case+0x1a5/0x480 [ 27.841391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.841412] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.841436] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.841459] ? __kthread_parkme+0x82/0x180 [ 27.841482] ? preempt_count_sub+0x50/0x80 [ 27.841504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.841527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.841551] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.841574] kthread+0x337/0x6f0 [ 27.841593] ? trace_preempt_on+0x20/0xc0 [ 27.841615] ? __pfx_kthread+0x10/0x10 [ 27.841635] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.841655] ? calculate_sigpending+0x7b/0xa0 [ 27.841678] ? __pfx_kthread+0x10/0x10 [ 27.841699] ret_from_fork+0x116/0x1d0 [ 27.841717] ? __pfx_kthread+0x10/0x10 [ 27.841737] ret_from_fork_asm+0x1a/0x30 [ 27.841768] </TASK> [ 27.841778] [ 27.849458] Allocated by task 310: [ 27.849733] kasan_save_stack+0x45/0x70 [ 27.849868] kasan_save_track+0x18/0x40 [ 27.850002] kasan_save_alloc_info+0x3b/0x50 [ 27.850342] __kasan_kmalloc+0xb7/0xc0 [ 27.850523] __kmalloc_cache_noprof+0x189/0x420 [ 27.850737] kasan_bitops_generic+0x92/0x1c0 [ 27.850922] kunit_try_run_case+0x1a5/0x480 [ 27.851122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.851394] kthread+0x337/0x6f0 [ 27.851533] ret_from_fork+0x116/0x1d0 [ 27.851692] ret_from_fork_asm+0x1a/0x30 [ 27.851823] [ 27.851885] The buggy address belongs to the object at ffff8881048d1b00 [ 27.851885] which belongs to the cache kmalloc-16 of size 16 [ 27.852510] The buggy address is located 8 bytes inside of [ 27.852510] allocated 9-byte region [ffff8881048d1b00, ffff8881048d1b09) [ 27.852975] [ 27.853064] The buggy address belongs to the physical page: [ 27.853324] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1048d1 [ 27.853592] flags: 0x200000000000000(node=0|zone=2) [ 27.853785] page_type: f5(slab) [ 27.853958] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.854287] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.854580] page dumped because: kasan: bad access detected [ 27.854804] [ 27.854884] Memory state around the buggy address: [ 27.855064] ffff8881048d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.855380] ffff8881048d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.855629] >ffff8881048d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.855909] ^ [ 27.856061] ffff8881048d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.856379] ffff8881048d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.856589] ==================================================================