Date
July 23, 2025, 3:10 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 32.899465] ================================================================== [ 32.899519] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 32.899571] Read of size 8 at addr fff00000c60439a8 by task kunit_try_catch/294 [ 32.899895] [ 32.899941] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 32.905139] kthread+0x328/0x630 [ 32.909157] fff00000c6043a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.913593] kasan_save_track+0x20/0x40 [ 32.917157] [ 32.920333] page dumped because: kasan: bad access detected [ 32.928407] Read of size 8 at addr fff00000c60439a8 by task kunit_try_catch/294 [ 32.931552] kasan_bitops_generic+0x11c/0x1c8 [ 32.932389] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.935181] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.937252] Write of size 8 at addr fff00000c60439a8 by task kunit_try_catch/294 [ 32.938956] kunit_try_run_case+0x170/0x3f0 [ 32.940243] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.941571] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106043 [ 32.942885] ================================================================== [ 32.855081] ================================================================== [ 32.855426] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 32.855510] Write of size 8 at addr fff00000c60439a8 by task kunit_try_catch/294 [ 32.855572] [ 32.855667] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 32.855790] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 32.855882] Hardware name: linux,dummy-virt (DT) [ 32.855925] Call trace: [ 32.855979] show_stack+0x20/0x38 (C) [ 32.856239] dump_stack_lvl+0x8c/0xd0 [ 32.856389] print_report+0x118/0x5e8 [ 32.856456] kasan_report+0xdc/0x128 [ 32.856500] kasan_check_range+0x100/0x1a8 [ 32.856678] __kasan_check_write+0x20/0x30 [ 32.856964] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 32.857049] kasan_bitops_generic+0x110/0x1c8 [ 32.857161] kunit_try_run_case+0x170/0x3f0 [ 32.857260] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.857397] kthread+0x328/0x630 [ 32.857460] ret_from_fork+0x10/0x20 [ 32.857551] [ 32.857573] Allocated by task 294: [ 32.857749] kasan_save_stack+0x3c/0x68 [ 32.857809] kasan_save_track+0x20/0x40 [ 32.857933] kasan_save_alloc_info+0x40/0x58 [ 32.858057] __kasan_kmalloc+0xd4/0xd8 [ 32.858144] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.858198] kasan_bitops_generic+0xa0/0x1c8 [ 32.858401] kunit_try_run_case+0x170/0x3f0 [ 32.858454] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.858529] kthread+0x328/0x630 [ 32.858643] ret_from_fork+0x10/0x20 [ 32.858685] [ 32.858709] The buggy address belongs to the object at fff00000c60439a0 [ 32.858709] which belongs to the cache kmalloc-16 of size 16 [ 32.858769] The buggy address is located 8 bytes inside of [ 32.858769] allocated 9-byte region [fff00000c60439a0, fff00000c60439a9) [ 32.858867] [ 32.858889] The buggy address belongs to the physical page: [ 32.858937] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106043 [ 32.858992] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.859052] page_type: f5(slab) [ 32.859099] raw: 0bfffe0000000000 fff00000c0001640 dead000000000100 dead000000000122 [ 32.859166] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 32.859233] page dumped because: kasan: bad access detected [ 32.859266] [ 32.859294] Memory state around the buggy address: [ 32.859329] fff00000c6043880: 00 04 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 32.859373] fff00000c6043900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 32.859422] >fff00000c6043980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 32.859463] ^ [ 32.859507] fff00000c6043a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.859560] fff00000c6043a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.859605] ================================================================== [ 32.847706] ================================================================== [ 32.847822] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 32.847919] Read of size 8 at addr fff00000c60439a8 by task kunit_try_catch/294 [ 32.848022] [ 32.848056] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 32.848376] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 32.848440] Hardware name: linux,dummy-virt (DT) [ 32.848542] Call trace: [ 32.848591] show_stack+0x20/0x38 (C) [ 32.848663] dump_stack_lvl+0x8c/0xd0 [ 32.848778] print_report+0x118/0x5e8 [ 32.848854] kasan_report+0xdc/0x128 [ 32.849048] __asan_report_load8_noabort+0x20/0x30 [ 32.849110] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 32.849277] kasan_bitops_generic+0x110/0x1c8 [ 32.849381] kunit_try_run_case+0x170/0x3f0 [ 32.849503] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.849639] kthread+0x328/0x630 [ 32.849706] ret_from_fork+0x10/0x20 [ 32.850012] [ 32.850106] Allocated by task 294: [ 32.850164] kasan_save_stack+0x3c/0x68 [ 32.850209] kasan_save_track+0x20/0x40 [ 32.850284] kasan_save_alloc_info+0x40/0x58 [ 32.850550] __kasan_kmalloc+0xd4/0xd8 [ 32.850703] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.850782] kasan_bitops_generic+0xa0/0x1c8 [ 32.850835] kunit_try_run_case+0x170/0x3f0 [ 32.851018] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.851113] kthread+0x328/0x630 [ 32.851164] ret_from_fork+0x10/0x20 [ 32.851221] [ 32.851295] The buggy address belongs to the object at fff00000c60439a0 [ 32.851295] which belongs to the cache kmalloc-16 of size 16 [ 32.851372] The buggy address is located 8 bytes inside of [ 32.851372] allocated 9-byte region [fff00000c60439a0, fff00000c60439a9) [ 32.851617] [ 32.851647] The buggy address belongs to the physical page: [ 32.851700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106043 [ 32.851864] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.851960] page_type: f5(slab) [ 32.852169] raw: 0bfffe0000000000 fff00000c0001640 dead000000000100 dead000000000122 [ 32.852285] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 32.852373] page dumped because: kasan: bad access detected [ 32.852480] [ 32.852614] Memory state around the buggy address: [ 32.852683] fff00000c6043880: 00 04 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 32.852730] fff00000c6043900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 32.852772] >fff00000c6043980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 32.852978] ^ [ 32.853178] fff00000c6043a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.853245] fff00000c6043a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.853363] ================================================================== [ 32.871679] ================================================================== [ 32.871818] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 32.871925] Write of size 8 at addr fff00000c60439a8 by task kunit_try_catch/294 [ 32.871980] [ 32.872029] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 32.872396] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 32.872462] Hardware name: linux,dummy-virt (DT) [ 32.872512] Call trace: [ 32.872547] show_stack+0x20/0x38 (C) [ 32.872600] dump_stack_lvl+0x8c/0xd0 [ 32.872733] print_report+0x118/0x5e8 [ 32.872801] kasan_report+0xdc/0x128 [ 32.872867] kasan_check_range+0x100/0x1a8 [ 32.873001] __kasan_check_write+0x20/0x30 [ 32.873068] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 32.873307] kasan_bitops_generic+0x110/0x1c8 [ 32.873524] kunit_try_run_case+0x170/0x3f0 [ 32.873611] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.873722] kthread+0x328/0x630 [ 32.873867] ret_from_fork+0x10/0x20 [ 32.874086] [ 32.874146] Allocated by task 294: [ 32.874205] kasan_save_stack+0x3c/0x68 [ 32.874255] kasan_save_track+0x20/0x40 [ 32.874299] kasan_save_alloc_info+0x40/0x58 [ 32.874338] __kasan_kmalloc+0xd4/0xd8 [ 32.874382] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.874649] kasan_bitops_generic+0xa0/0x1c8 [ 32.874804] kunit_try_run_case+0x170/0x3f0 [ 32.874884] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.875026] kthread+0x328/0x630 [ 32.875099] ret_from_fork+0x10/0x20 [ 32.875237] [ 32.875298] The buggy address belongs to the object at fff00000c60439a0 [ 32.875298] which belongs to the cache kmalloc-16 of size 16 [ 32.875564] The buggy address is located 8 bytes inside of [ 32.875564] allocated 9-byte region [fff00000c60439a0, fff00000c60439a9) [ 32.875747] [ 32.875810] The buggy address belongs to the physical page: [ 32.875991] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106043 [ 32.876064] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.876296] page_type: f5(slab) [ 32.876358] raw: 0bfffe0000000000 fff00000c0001640 dead000000000100 dead000000000122 [ 32.876430] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 32.876504] page dumped because: kasan: bad access detected [ 32.876606] [ 32.876665] Memory state around the buggy address: [ 32.876794] fff00000c6043880: 00 04 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 32.876922] fff00000c6043900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 32.876989] >fff00000c6043980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 32.877075] ^ [ 32.877112] fff00000c6043a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.877158] fff00000c6043a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.877199] ================================================================== [ 32.883957] ================================================================== [ 32.884010] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 32.884133] Write of size 8 at addr fff00000c60439a8 by task kunit_try_catch/294 [ 32.884188] [ 32.884248] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 32.884387] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 32.884423] Hardware name: linux,dummy-virt (DT) [ 32.884473] Call trace: [ 32.884499] show_stack+0x20/0x38 (C) [ 32.884594] dump_stack_lvl+0x8c/0xd0 [ 32.884673] print_report+0x118/0x5e8 [ 32.884781] kasan_report+0xdc/0x128 [ 32.884828] kasan_check_range+0x100/0x1a8 [ 32.884875] __kasan_check_write+0x20/0x30 [ 32.885126] kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 32.885285] kasan_bitops_generic+0x110/0x1c8 [ 32.885408] kunit_try_run_case+0x170/0x3f0 [ 32.885506] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.885594] kthread+0x328/0x630 [ 32.885729] ret_from_fork+0x10/0x20 [ 32.885971] [ 32.886041] Allocated by task 294: [ 32.886188] kasan_save_stack+0x3c/0x68 [ 32.886291] kasan_save_track+0x20/0x40 [ 32.886387] kasan_save_alloc_info+0x40/0x58 [ 32.886468] __kasan_kmalloc+0xd4/0xd8 [ 32.886568] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.886631] kasan_bitops_generic+0xa0/0x1c8 [ 32.886876] kunit_try_run_case+0x170/0x3f0 [ 32.887049] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.887098] kthread+0x328/0x630 [ 32.887133] ret_from_fork+0x10/0x20 [ 32.887347] [ 32.887469] The buggy address belongs to the object at fff00000c60439a0 [ 32.887469] which belongs to the cache kmalloc-16 of size 16 [ 32.887579] The buggy address is located 8 bytes inside of [ 32.887579] allocated 9-byte region [fff00000c60439a0, fff00000c60439a9) [ 32.887734] [ 32.887758] The buggy address belongs to the physical page: [ 32.887812] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106043 [ 32.888079] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.888202] page_type: f5(slab) [ 32.888301] raw: 0bfffe0000000000 fff00000c0001640 dead000000000100 dead000000000122 [ 32.888389] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 32.888432] page dumped because: kasan: bad access detected [ 32.888570] [ 32.888594] Memory state around the buggy address: [ 32.888631] fff00000c6043880: 00 04 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 32.888736] fff00000c6043900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 32.888804] >fff00000c6043980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 32.888895] ^ [ 32.888985] fff00000c6043a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.889057] fff00000c6043a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.889098] ================================================================== [ 32.841187] ================================================================== [ 32.841254] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 32.841383] Write of size 8 at addr fff00000c60439a8 by task kunit_try_catch/294 [ 32.841556] [ 32.841613] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 32.841752] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 32.841884] Hardware name: linux,dummy-virt (DT) [ 32.841961] Call trace: [ 32.842076] show_stack+0x20/0x38 (C) [ 32.842184] dump_stack_lvl+0x8c/0xd0 [ 32.842255] print_report+0x118/0x5e8 [ 32.842521] kasan_report+0xdc/0x128 [ 32.842574] kasan_check_range+0x100/0x1a8 [ 32.842721] __kasan_check_write+0x20/0x30 [ 32.842807] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 32.843041] kasan_bitops_generic+0x110/0x1c8 [ 32.843199] kunit_try_run_case+0x170/0x3f0 [ 32.843264] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.843354] kthread+0x328/0x630 [ 32.843606] ret_from_fork+0x10/0x20 [ 32.843683] [ 32.843737] Allocated by task 294: [ 32.843788] kasan_save_stack+0x3c/0x68 [ 32.843856] kasan_save_track+0x20/0x40 [ 32.844628] kasan_save_alloc_info+0x40/0x58 [ 32.844760] __kasan_kmalloc+0xd4/0xd8 [ 32.844841] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.845040] kasan_bitops_generic+0xa0/0x1c8 [ 32.845107] kunit_try_run_case+0x170/0x3f0 [ 32.845147] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.845236] kthread+0x328/0x630 [ 32.845282] ret_from_fork+0x10/0x20 [ 32.845331] [ 32.845370] The buggy address belongs to the object at fff00000c60439a0 [ 32.845370] which belongs to the cache kmalloc-16 of size 16 [ 32.845437] The buggy address is located 8 bytes inside of [ 32.845437] allocated 9-byte region [fff00000c60439a0, fff00000c60439a9) [ 32.845506] [ 32.845538] The buggy address belongs to the physical page: [ 32.845585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106043 [ 32.845651] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.845701] page_type: f5(slab) [ 32.845759] raw: 0bfffe0000000000 fff00000c0001640 dead000000000100 dead000000000122 [ 32.845828] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 32.845872] page dumped because: kasan: bad access detected [ 32.845916] [ 32.845936] Memory state around the buggy address: [ 32.845981] fff00000c6043880: 00 04 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 32.846027] fff00000c6043900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 32.846081] >fff00000c6043980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 32.846122] ^ [ 32.846157] fff00000c6043a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.846210] fff00000c6043a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.846261] ================================================================== [ 32.867579] ================================================================== [ 32.867783] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 32.867895] Write of size 8 at addr fff00000c60439a8 by task kunit_try_catch/294 [ 32.867977] [ 32.868018] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 32.868177] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 32.868212] Hardware name: linux,dummy-virt (DT) [ 32.868262] Call trace: [ 32.868288] show_stack+0x20/0x38 (C) [ 32.868418] dump_stack_lvl+0x8c/0xd0 [ 32.868472] print_report+0x118/0x5e8 [ 32.868640] kasan_report+0xdc/0x128 [ 32.868693] kasan_check_range+0x100/0x1a8 [ 32.868746] __kasan_check_write+0x20/0x30 [ 32.868988] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 32.869064] kasan_bitops_generic+0x110/0x1c8 [ 32.869125] kunit_try_run_case+0x170/0x3f0 [ 32.869173] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.869228] kthread+0x328/0x630 [ 32.869271] ret_from_fork+0x10/0x20 [ 32.869320] [ 32.869341] Allocated by task 294: [ 32.869371] kasan_save_stack+0x3c/0x68 [ 32.869411] kasan_save_track+0x20/0x40 [ 32.869449] kasan_save_alloc_info+0x40/0x58 [ 32.869489] __kasan_kmalloc+0xd4/0xd8 [ 32.869526] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.869569] kasan_bitops_generic+0xa0/0x1c8 [ 32.869612] kunit_try_run_case+0x170/0x3f0 [ 32.869651] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.869696] kthread+0x328/0x630 [ 32.869731] ret_from_fork+0x10/0x20 [ 32.869769] [ 32.869789] The buggy address belongs to the object at fff00000c60439a0 [ 32.869789] which belongs to the cache kmalloc-16 of size 16 [ 32.869848] The buggy address is located 8 bytes inside of [ 32.869848] allocated 9-byte region [fff00000c60439a0, fff00000c60439a9) [ 32.869922] [ 32.869944] The buggy address belongs to the physical page: [ 32.870038] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106043 [ 32.870105] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.870156] page_type: f5(slab) [ 32.870204] raw: 0bfffe0000000000 fff00000c0001640 dead000000000100 dead000000000122 [ 32.870273] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 32.870328] page dumped because: kasan: bad access detected [ 32.870375] [ 32.870395] Memory state around the buggy address: [ 32.870430] fff00000c6043880: 00 04 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 32.870485] fff00000c6043900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 32.870538] >fff00000c6043980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 32.870583] ^ [ 32.870619] fff00000c6043a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.870664] fff00000c6043a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.870702] ================================================================== [ 32.878163] ================================================================== [ 32.878373] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 32.878441] Read of size 8 at addr fff00000c60439a8 by task kunit_try_catch/294 [ 32.878588] [ 32.878646] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 32.878745] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 32.878779] Hardware name: linux,dummy-virt (DT) [ 32.878813] Call trace: [ 32.878836] show_stack+0x20/0x38 (C) [ 32.878886] dump_stack_lvl+0x8c/0xd0 [ 32.878988] print_report+0x118/0x5e8 [ 32.879036] kasan_report+0xdc/0x128 [ 32.879088] __asan_report_load8_noabort+0x20/0x30 [ 32.879139] kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 32.879193] kasan_bitops_generic+0x110/0x1c8 [ 32.879252] kunit_try_run_case+0x170/0x3f0 [ 32.879301] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.879369] kthread+0x328/0x630 [ 32.879412] ret_from_fork+0x10/0x20 [ 32.879461] [ 32.879490] Allocated by task 294: [ 32.879521] kasan_save_stack+0x3c/0x68 [ 32.879561] kasan_save_track+0x20/0x40 [ 32.879598] kasan_save_alloc_info+0x40/0x58 [ 32.879645] __kasan_kmalloc+0xd4/0xd8 [ 32.879682] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.879724] kasan_bitops_generic+0xa0/0x1c8 [ 32.879773] kunit_try_run_case+0x170/0x3f0 [ 32.879820] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.879867] kthread+0x328/0x630 [ 32.880696] ret_from_fork+0x10/0x20 [ 32.881084] [ 32.881179] The buggy address belongs to the object at fff00000c60439a0 [ 32.881179] which belongs to the cache kmalloc-16 of size 16 [ 32.881343] The buggy address is located 8 bytes inside of [ 32.881343] allocated 9-byte region [fff00000c60439a0, fff00000c60439a9) [ 32.881421] [ 32.881442] The buggy address belongs to the physical page: [ 32.881605] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106043 [ 32.881670] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.882086] page_type: f5(slab) [ 32.882278] raw: 0bfffe0000000000 fff00000c0001640 dead000000000100 dead000000000122 [ 32.882460] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 32.882547] page dumped because: kasan: bad access detected [ 32.882679] [ 32.882737] Memory state around the buggy address: [ 32.882855] fff00000c6043880: 00 04 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 32.882926] fff00000c6043900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 32.883145] >fff00000c6043980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 32.883221] ^ [ 32.883360] fff00000c6043a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.883419] fff00000c6043a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.883459] ================================================================== [ 32.890388] ================================================================== [ 32.890513] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 32.890578] Write of size 8 at addr fff00000c60439a8 by task kunit_try_catch/294 [ 32.890665] [ 32.890699] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 32.890794] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 32.890826] Hardware name: linux,dummy-virt (DT) [ 32.890859] Call trace: [ 32.890883] show_stack+0x20/0x38 (C) [ 32.890945] dump_stack_lvl+0x8c/0xd0 [ 32.890993] print_report+0x118/0x5e8 [ 32.891038] kasan_report+0xdc/0x128 [ 32.891095] kasan_check_range+0x100/0x1a8 [ 32.891317] __kasan_check_write+0x20/0x30 [ 32.891390] kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 32.891789] kasan_bitops_generic+0x110/0x1c8 [ 32.891871] kunit_try_run_case+0x170/0x3f0 [ 32.891935] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.891990] kthread+0x328/0x630 [ 32.892036] ret_from_fork+0x10/0x20 [ 32.892977] [ 32.893066] Allocated by task 294: [ 32.893306] kasan_save_stack+0x3c/0x68 [ 32.893445] kasan_save_track+0x20/0x40 [ 32.893483] kasan_save_alloc_info+0x40/0x58 [ 32.893524] __kasan_kmalloc+0xd4/0xd8 [ 32.893561] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.893605] kasan_bitops_generic+0xa0/0x1c8 [ 32.893730] kunit_try_run_case+0x170/0x3f0 [ 32.894024] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.894085] kthread+0x328/0x630 [ 32.894121] ret_from_fork+0x10/0x20 [ 32.894208] [ 32.894231] The buggy address belongs to the object at fff00000c60439a0 [ 32.894231] which belongs to the cache kmalloc-16 of size 16 [ 32.894375] The buggy address is located 8 bytes inside of [ 32.894375] allocated 9-byte region [fff00000c60439a0, fff00000c60439a9) [ 32.894476] [ 32.894702] The buggy address belongs to the physical page: [ 32.894742] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106043 [ 32.894998] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.895343] page_type: f5(slab) [ 32.895498] raw: 0bfffe0000000000 fff00000c0001640 dead000000000100 dead000000000122 [ 32.896060] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 32.896485] page dumped because: kasan: bad access detected [ 32.896585] [ 32.896826] Memory state around the buggy address: [ 32.896872] fff00000c6043880: 00 04 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 32.896932] fff00000c6043900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 32.897414] >fff00000c6043980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 32.897460] ^ [ 32.897678] fff00000c6043a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.897738] fff00000c6043a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.897779] ================================================================== [ 32.860682] ================================================================== [ 32.860738] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 32.860875] Read of size 8 at addr fff00000c60439a8 by task kunit_try_catch/294 [ 32.860991] [ 32.861183] CPU: 1 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250723 #1 PREEMPT [ 32.861342] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 32.861430] Hardware name: linux,dummy-virt (DT) [ 32.861491] Call trace: [ 32.861646] show_stack+0x20/0x38 (C) [ 32.861780] dump_stack_lvl+0x8c/0xd0 [ 32.861871] print_report+0x118/0x5e8 [ 32.861998] kasan_report+0xdc/0x128 [ 32.862096] __asan_report_load8_noabort+0x20/0x30 [ 32.862197] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 32.862293] kasan_bitops_generic+0x110/0x1c8 [ 32.862590] kunit_try_run_case+0x170/0x3f0 [ 32.862689] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.862809] kthread+0x328/0x630 [ 32.862858] ret_from_fork+0x10/0x20 [ 32.863085] [ 32.863117] Allocated by task 294: [ 32.863150] kasan_save_stack+0x3c/0x68 [ 32.863227] kasan_save_track+0x20/0x40 [ 32.863292] kasan_save_alloc_info+0x40/0x58 [ 32.863367] __kasan_kmalloc+0xd4/0xd8 [ 32.863467] __kmalloc_cache_noprof+0x16c/0x3c0 [ 32.863552] kasan_bitops_generic+0xa0/0x1c8 [ 32.863651] kunit_try_run_case+0x170/0x3f0 [ 32.863729] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 32.863864] kthread+0x328/0x630 [ 32.864283] ret_from_fork+0x10/0x20 [ 32.864349] [ 32.864407] The buggy address belongs to the object at fff00000c60439a0 [ 32.864407] which belongs to the cache kmalloc-16 of size 16 [ 32.864582] The buggy address is located 8 bytes inside of [ 32.864582] allocated 9-byte region [fff00000c60439a0, fff00000c60439a9) [ 32.864702] [ 32.864813] The buggy address belongs to the physical page: [ 32.864915] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106043 [ 32.865030] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 32.865113] page_type: f5(slab) [ 32.865363] raw: 0bfffe0000000000 fff00000c0001640 dead000000000100 dead000000000122 [ 32.865478] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 32.865639] page dumped because: kasan: bad access detected [ 32.865739] [ 32.865799] Memory state around the buggy address: [ 32.865935] fff00000c6043880: 00 04 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 32.866036] fff00000c6043900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 32.866123] >fff00000c6043980: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 32.866270] ^ [ 32.866355] fff00000c6043a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.866401] fff00000c6043a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 32.866699] ==================================================================
[ 27.463115] ================================================================== [ 27.463396] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 27.463822] Write of size 8 at addr ffff8881049630a8 by task kunit_try_catch/310 [ 27.464070] [ 27.464200] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 27.464251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.464263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.464285] Call Trace: [ 27.464306] <TASK> [ 27.464324] dump_stack_lvl+0x73/0xb0 [ 27.464352] print_report+0xd1/0x640 [ 27.464375] ? __virt_addr_valid+0x1db/0x2d0 [ 27.464400] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 27.464425] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.464452] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 27.464524] kasan_report+0x141/0x180 [ 27.464549] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 27.464579] kasan_check_range+0x10c/0x1c0 [ 27.464602] __kasan_check_write+0x18/0x20 [ 27.464625] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 27.464650] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.464678] ? ret_from_fork_asm+0x1a/0x30 [ 27.464702] ? kthread+0x337/0x6f0 [ 27.464728] kasan_bitops_generic+0x116/0x1c0 [ 27.464752] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.464779] ? __pfx_read_tsc+0x10/0x10 [ 27.464802] ? ktime_get_ts64+0x86/0x230 [ 27.464828] kunit_try_run_case+0x1a5/0x480 [ 27.464854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.464878] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.464904] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.464930] ? __kthread_parkme+0x82/0x180 [ 27.464949] ? preempt_count_sub+0x50/0x80 [ 27.464972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.464996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.465020] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.465043] kthread+0x337/0x6f0 [ 27.465063] ? trace_preempt_on+0x20/0xc0 [ 27.465095] ? __pfx_kthread+0x10/0x10 [ 27.465116] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.465142] ? calculate_sigpending+0x7b/0xa0 [ 27.465180] ? __pfx_kthread+0x10/0x10 [ 27.465201] ret_from_fork+0x116/0x1d0 [ 27.465222] ? __pfx_kthread+0x10/0x10 [ 27.465243] ret_from_fork_asm+0x1a/0x30 [ 27.465274] </TASK> [ 27.465285] [ 27.473567] Allocated by task 310: [ 27.473747] kasan_save_stack+0x45/0x70 [ 27.473924] kasan_save_track+0x18/0x40 [ 27.474065] kasan_save_alloc_info+0x3b/0x50 [ 27.474221] __kasan_kmalloc+0xb7/0xc0 [ 27.474350] __kmalloc_cache_noprof+0x189/0x420 [ 27.474562] kasan_bitops_generic+0x92/0x1c0 [ 27.475040] kunit_try_run_case+0x1a5/0x480 [ 27.475269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.475599] kthread+0x337/0x6f0 [ 27.475784] ret_from_fork+0x116/0x1d0 [ 27.475953] ret_from_fork_asm+0x1a/0x30 [ 27.476125] [ 27.476234] The buggy address belongs to the object at ffff8881049630a0 [ 27.476234] which belongs to the cache kmalloc-16 of size 16 [ 27.476749] The buggy address is located 8 bytes inside of [ 27.476749] allocated 9-byte region [ffff8881049630a0, ffff8881049630a9) [ 27.477557] [ 27.477662] The buggy address belongs to the physical page: [ 27.477896] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104963 [ 27.478248] flags: 0x200000000000000(node=0|zone=2) [ 27.478536] page_type: f5(slab) [ 27.478707] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.478952] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.479190] page dumped because: kasan: bad access detected [ 27.479361] [ 27.479426] Memory state around the buggy address: [ 27.479578] ffff888104962f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.479828] ffff888104963000: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.480275] >ffff888104963080: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 27.480581] ^ [ 27.480786] ffff888104963100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.481480] ffff888104963180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.481704] ================================================================== [ 27.364737] ================================================================== [ 27.365157] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 27.365745] Write of size 8 at addr ffff8881049630a8 by task kunit_try_catch/310 [ 27.366198] [ 27.366352] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 27.366410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.366474] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.366499] Call Trace: [ 27.366558] <TASK> [ 27.366578] dump_stack_lvl+0x73/0xb0 [ 27.366610] print_report+0xd1/0x640 [ 27.366633] ? __virt_addr_valid+0x1db/0x2d0 [ 27.366658] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 27.366716] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.366742] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 27.366769] kasan_report+0x141/0x180 [ 27.366791] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 27.366822] kasan_check_range+0x10c/0x1c0 [ 27.366877] __kasan_check_write+0x18/0x20 [ 27.366900] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 27.366927] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.366966] ? ret_from_fork_asm+0x1a/0x30 [ 27.366992] ? kthread+0x337/0x6f0 [ 27.367049] kasan_bitops_generic+0x116/0x1c0 [ 27.367073] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.367098] ? __pfx_read_tsc+0x10/0x10 [ 27.367122] ? ktime_get_ts64+0x86/0x230 [ 27.367159] kunit_try_run_case+0x1a5/0x480 [ 27.367217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.367263] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.367290] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.367316] ? __kthread_parkme+0x82/0x180 [ 27.367336] ? preempt_count_sub+0x50/0x80 [ 27.367360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.367430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.367490] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.367538] kthread+0x337/0x6f0 [ 27.367583] ? trace_preempt_on+0x20/0xc0 [ 27.367609] ? __pfx_kthread+0x10/0x10 [ 27.367636] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.367659] ? calculate_sigpending+0x7b/0xa0 [ 27.367684] ? __pfx_kthread+0x10/0x10 [ 27.367705] ret_from_fork+0x116/0x1d0 [ 27.367726] ? __pfx_kthread+0x10/0x10 [ 27.367786] ret_from_fork_asm+0x1a/0x30 [ 27.367819] </TASK> [ 27.367830] [ 27.377357] Allocated by task 310: [ 27.377547] kasan_save_stack+0x45/0x70 [ 27.377699] kasan_save_track+0x18/0x40 [ 27.377837] kasan_save_alloc_info+0x3b/0x50 [ 27.378076] __kasan_kmalloc+0xb7/0xc0 [ 27.378307] __kmalloc_cache_noprof+0x189/0x420 [ 27.378558] kasan_bitops_generic+0x92/0x1c0 [ 27.378760] kunit_try_run_case+0x1a5/0x480 [ 27.378966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.379264] kthread+0x337/0x6f0 [ 27.379379] ret_from_fork+0x116/0x1d0 [ 27.379503] ret_from_fork_asm+0x1a/0x30 [ 27.379636] [ 27.379822] The buggy address belongs to the object at ffff8881049630a0 [ 27.379822] which belongs to the cache kmalloc-16 of size 16 [ 27.380474] The buggy address is located 8 bytes inside of [ 27.380474] allocated 9-byte region [ffff8881049630a0, ffff8881049630a9) [ 27.381350] [ 27.381558] The buggy address belongs to the physical page: [ 27.381814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104963 [ 27.382049] flags: 0x200000000000000(node=0|zone=2) [ 27.382313] page_type: f5(slab) [ 27.382544] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.383092] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.383567] page dumped because: kasan: bad access detected [ 27.383815] [ 27.383898] Memory state around the buggy address: [ 27.384274] ffff888104962f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.384571] ffff888104963000: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.384958] >ffff888104963080: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 27.385287] ^ [ 27.385661] ffff888104963100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.386022] ffff888104963180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.386352] ================================================================== [ 27.439573] ================================================================== [ 27.440296] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 27.441020] Write of size 8 at addr ffff8881049630a8 by task kunit_try_catch/310 [ 27.441528] [ 27.441645] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 27.441697] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.441711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.441733] Call Trace: [ 27.441754] <TASK> [ 27.441772] dump_stack_lvl+0x73/0xb0 [ 27.441802] print_report+0xd1/0x640 [ 27.441825] ? __virt_addr_valid+0x1db/0x2d0 [ 27.441850] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 27.441876] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.441903] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 27.441929] kasan_report+0x141/0x180 [ 27.442078] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 27.442198] kasan_check_range+0x10c/0x1c0 [ 27.442225] __kasan_check_write+0x18/0x20 [ 27.442249] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 27.442275] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.442303] ? ret_from_fork_asm+0x1a/0x30 [ 27.442327] ? kthread+0x337/0x6f0 [ 27.442352] kasan_bitops_generic+0x116/0x1c0 [ 27.442425] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.442453] ? __pfx_read_tsc+0x10/0x10 [ 27.442476] ? ktime_get_ts64+0x86/0x230 [ 27.442501] kunit_try_run_case+0x1a5/0x480 [ 27.442526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.442549] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.442575] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.442601] ? __kthread_parkme+0x82/0x180 [ 27.442623] ? preempt_count_sub+0x50/0x80 [ 27.442647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.442671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.442694] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.442718] kthread+0x337/0x6f0 [ 27.442738] ? trace_preempt_on+0x20/0xc0 [ 27.442762] ? __pfx_kthread+0x10/0x10 [ 27.442784] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.442807] ? calculate_sigpending+0x7b/0xa0 [ 27.442831] ? __pfx_kthread+0x10/0x10 [ 27.442853] ret_from_fork+0x116/0x1d0 [ 27.442874] ? __pfx_kthread+0x10/0x10 [ 27.442895] ret_from_fork_asm+0x1a/0x30 [ 27.442926] </TASK> [ 27.442937] [ 27.454023] Allocated by task 310: [ 27.454368] kasan_save_stack+0x45/0x70 [ 27.454578] kasan_save_track+0x18/0x40 [ 27.454750] kasan_save_alloc_info+0x3b/0x50 [ 27.454948] __kasan_kmalloc+0xb7/0xc0 [ 27.455608] __kmalloc_cache_noprof+0x189/0x420 [ 27.455819] kasan_bitops_generic+0x92/0x1c0 [ 27.456040] kunit_try_run_case+0x1a5/0x480 [ 27.456219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.456543] kthread+0x337/0x6f0 [ 27.456695] ret_from_fork+0x116/0x1d0 [ 27.456880] ret_from_fork_asm+0x1a/0x30 [ 27.457060] [ 27.457130] The buggy address belongs to the object at ffff8881049630a0 [ 27.457130] which belongs to the cache kmalloc-16 of size 16 [ 27.457576] The buggy address is located 8 bytes inside of [ 27.457576] allocated 9-byte region [ffff8881049630a0, ffff8881049630a9) [ 27.458127] [ 27.458218] The buggy address belongs to the physical page: [ 27.458542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104963 [ 27.458795] flags: 0x200000000000000(node=0|zone=2) [ 27.459115] page_type: f5(slab) [ 27.459290] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.459570] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.459797] page dumped because: kasan: bad access detected [ 27.460229] [ 27.460329] Memory state around the buggy address: [ 27.460803] ffff888104962f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.461182] ffff888104963000: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.461433] >ffff888104963080: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 27.461758] ^ [ 27.462053] ffff888104963100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.462271] ffff888104963180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.462607] ================================================================== [ 27.386963] ================================================================== [ 27.387225] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 27.387817] Write of size 8 at addr ffff8881049630a8 by task kunit_try_catch/310 [ 27.388214] [ 27.388439] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 27.388526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.388540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.388563] Call Trace: [ 27.388581] <TASK> [ 27.388598] dump_stack_lvl+0x73/0xb0 [ 27.388626] print_report+0xd1/0x640 [ 27.388649] ? __virt_addr_valid+0x1db/0x2d0 [ 27.388673] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 27.388699] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.388725] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 27.388750] kasan_report+0x141/0x180 [ 27.388773] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 27.388803] kasan_check_range+0x10c/0x1c0 [ 27.388827] __kasan_check_write+0x18/0x20 [ 27.388882] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 27.388908] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.388935] ? ret_from_fork_asm+0x1a/0x30 [ 27.388968] ? kthread+0x337/0x6f0 [ 27.388992] kasan_bitops_generic+0x116/0x1c0 [ 27.389016] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.389041] ? __pfx_read_tsc+0x10/0x10 [ 27.389064] ? ktime_get_ts64+0x86/0x230 [ 27.389089] kunit_try_run_case+0x1a5/0x480 [ 27.389114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.389137] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.389212] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.389238] ? __kthread_parkme+0x82/0x180 [ 27.389258] ? preempt_count_sub+0x50/0x80 [ 27.389282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.389306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.389360] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.389385] kthread+0x337/0x6f0 [ 27.389404] ? trace_preempt_on+0x20/0xc0 [ 27.389471] ? __pfx_kthread+0x10/0x10 [ 27.389495] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.389557] ? calculate_sigpending+0x7b/0xa0 [ 27.389581] ? __pfx_kthread+0x10/0x10 [ 27.389603] ret_from_fork+0x116/0x1d0 [ 27.389623] ? __pfx_kthread+0x10/0x10 [ 27.389644] ret_from_fork_asm+0x1a/0x30 [ 27.389703] </TASK> [ 27.389714] [ 27.399337] Allocated by task 310: [ 27.399604] kasan_save_stack+0x45/0x70 [ 27.399817] kasan_save_track+0x18/0x40 [ 27.400088] kasan_save_alloc_info+0x3b/0x50 [ 27.400337] __kasan_kmalloc+0xb7/0xc0 [ 27.400591] __kmalloc_cache_noprof+0x189/0x420 [ 27.400744] kasan_bitops_generic+0x92/0x1c0 [ 27.400886] kunit_try_run_case+0x1a5/0x480 [ 27.401022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.401198] kthread+0x337/0x6f0 [ 27.401312] ret_from_fork+0x116/0x1d0 [ 27.401438] ret_from_fork_asm+0x1a/0x30 [ 27.401666] [ 27.401758] The buggy address belongs to the object at ffff8881049630a0 [ 27.401758] which belongs to the cache kmalloc-16 of size 16 [ 27.402399] The buggy address is located 8 bytes inside of [ 27.402399] allocated 9-byte region [ffff8881049630a0, ffff8881049630a9) [ 27.403325] [ 27.403518] The buggy address belongs to the physical page: [ 27.403786] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104963 [ 27.404519] flags: 0x200000000000000(node=0|zone=2) [ 27.404773] page_type: f5(slab) [ 27.404932] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.405196] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.405441] page dumped because: kasan: bad access detected [ 27.405690] [ 27.406000] Memory state around the buggy address: [ 27.406253] ffff888104962f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.406716] ffff888104963000: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.406939] >ffff888104963080: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 27.407274] ^ [ 27.407680] ffff888104963100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.407898] ffff888104963180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.408419] ================================================================== [ 27.322529] ================================================================== [ 27.323204] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 27.323704] Write of size 8 at addr ffff8881049630a8 by task kunit_try_catch/310 [ 27.325113] [ 27.325233] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 27.325289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.325303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.325327] Call Trace: [ 27.325341] <TASK> [ 27.325361] dump_stack_lvl+0x73/0xb0 [ 27.325464] print_report+0xd1/0x640 [ 27.325489] ? __virt_addr_valid+0x1db/0x2d0 [ 27.325513] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 27.325539] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.325565] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 27.325590] kasan_report+0x141/0x180 [ 27.325613] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 27.325643] kasan_check_range+0x10c/0x1c0 [ 27.325667] __kasan_check_write+0x18/0x20 [ 27.325689] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 27.325715] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.325741] ? ret_from_fork_asm+0x1a/0x30 [ 27.325765] ? kthread+0x337/0x6f0 [ 27.325790] kasan_bitops_generic+0x116/0x1c0 [ 27.325814] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.325838] ? __pfx_read_tsc+0x10/0x10 [ 27.325860] ? ktime_get_ts64+0x86/0x230 [ 27.325885] kunit_try_run_case+0x1a5/0x480 [ 27.325911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.325934] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.325961] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.325987] ? __kthread_parkme+0x82/0x180 [ 27.326007] ? preempt_count_sub+0x50/0x80 [ 27.326031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.326083] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.326107] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.326130] kthread+0x337/0x6f0 [ 27.326160] ? trace_preempt_on+0x20/0xc0 [ 27.326185] ? __pfx_kthread+0x10/0x10 [ 27.326205] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.326230] ? calculate_sigpending+0x7b/0xa0 [ 27.326254] ? __pfx_kthread+0x10/0x10 [ 27.326275] ret_from_fork+0x116/0x1d0 [ 27.326295] ? __pfx_kthread+0x10/0x10 [ 27.326315] ret_from_fork_asm+0x1a/0x30 [ 27.326346] </TASK> [ 27.326357] [ 27.334964] Allocated by task 310: [ 27.335248] kasan_save_stack+0x45/0x70 [ 27.335448] kasan_save_track+0x18/0x40 [ 27.335751] kasan_save_alloc_info+0x3b/0x50 [ 27.336009] __kasan_kmalloc+0xb7/0xc0 [ 27.336137] __kmalloc_cache_noprof+0x189/0x420 [ 27.336298] kasan_bitops_generic+0x92/0x1c0 [ 27.336440] kunit_try_run_case+0x1a5/0x480 [ 27.336597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.336767] kthread+0x337/0x6f0 [ 27.336885] ret_from_fork+0x116/0x1d0 [ 27.337012] ret_from_fork_asm+0x1a/0x30 [ 27.337158] [ 27.337224] The buggy address belongs to the object at ffff8881049630a0 [ 27.337224] which belongs to the cache kmalloc-16 of size 16 [ 27.337807] The buggy address is located 8 bytes inside of [ 27.337807] allocated 9-byte region [ffff8881049630a0, ffff8881049630a9) [ 27.338732] [ 27.338856] The buggy address belongs to the physical page: [ 27.339338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104963 [ 27.339727] flags: 0x200000000000000(node=0|zone=2) [ 27.339936] page_type: f5(slab) [ 27.340116] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.340679] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.341048] page dumped because: kasan: bad access detected [ 27.341310] [ 27.341462] Memory state around the buggy address: [ 27.341627] ffff888104962f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.341852] ffff888104963000: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.342477] >ffff888104963080: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 27.342692] ^ [ 27.342837] ffff888104963100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.343349] ffff888104963180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.343670] ================================================================== [ 27.408928] ================================================================== [ 27.409262] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 27.409758] Write of size 8 at addr ffff8881049630a8 by task kunit_try_catch/310 [ 27.410170] [ 27.410273] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 27.410358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.410372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.410394] Call Trace: [ 27.410410] <TASK> [ 27.410476] dump_stack_lvl+0x73/0xb0 [ 27.410544] print_report+0xd1/0x640 [ 27.410568] ? __virt_addr_valid+0x1db/0x2d0 [ 27.410592] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 27.410617] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.410669] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 27.410697] kasan_report+0x141/0x180 [ 27.410720] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 27.410751] kasan_check_range+0x10c/0x1c0 [ 27.410775] __kasan_check_write+0x18/0x20 [ 27.410799] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 27.410824] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.410853] ? ret_from_fork_asm+0x1a/0x30 [ 27.410876] ? kthread+0x337/0x6f0 [ 27.410900] kasan_bitops_generic+0x116/0x1c0 [ 27.410924] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.410993] ? __pfx_read_tsc+0x10/0x10 [ 27.411017] ? ktime_get_ts64+0x86/0x230 [ 27.411042] kunit_try_run_case+0x1a5/0x480 [ 27.411067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.411089] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.411114] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.411139] ? __kthread_parkme+0x82/0x180 [ 27.411171] ? preempt_count_sub+0x50/0x80 [ 27.411194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.411219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.411242] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.411266] kthread+0x337/0x6f0 [ 27.411318] ? trace_preempt_on+0x20/0xc0 [ 27.411343] ? __pfx_kthread+0x10/0x10 [ 27.411364] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.411398] ? calculate_sigpending+0x7b/0xa0 [ 27.411423] ? __pfx_kthread+0x10/0x10 [ 27.411444] ret_from_fork+0x116/0x1d0 [ 27.411464] ? __pfx_kthread+0x10/0x10 [ 27.411550] ret_from_fork_asm+0x1a/0x30 [ 27.411582] </TASK> [ 27.411594] [ 27.425459] Allocated by task 310: [ 27.425933] kasan_save_stack+0x45/0x70 [ 27.426490] kasan_save_track+0x18/0x40 [ 27.427028] kasan_save_alloc_info+0x3b/0x50 [ 27.427716] __kasan_kmalloc+0xb7/0xc0 [ 27.428480] __kmalloc_cache_noprof+0x189/0x420 [ 27.428961] kasan_bitops_generic+0x92/0x1c0 [ 27.429765] kunit_try_run_case+0x1a5/0x480 [ 27.430275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.431114] kthread+0x337/0x6f0 [ 27.431278] ret_from_fork+0x116/0x1d0 [ 27.431901] ret_from_fork_asm+0x1a/0x30 [ 27.432615] [ 27.433054] The buggy address belongs to the object at ffff8881049630a0 [ 27.433054] which belongs to the cache kmalloc-16 of size 16 [ 27.433900] The buggy address is located 8 bytes inside of [ 27.433900] allocated 9-byte region [ffff8881049630a0, ffff8881049630a9) [ 27.434438] [ 27.434537] The buggy address belongs to the physical page: [ 27.434741] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104963 [ 27.435099] flags: 0x200000000000000(node=0|zone=2) [ 27.435306] page_type: f5(slab) [ 27.435469] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.435846] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.436187] page dumped because: kasan: bad access detected [ 27.436462] [ 27.436575] Memory state around the buggy address: [ 27.436791] ffff888104962f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.437132] ffff888104963000: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.437471] >ffff888104963080: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 27.437980] ^ [ 27.438331] ffff888104963100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.438720] ffff888104963180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.439017] ================================================================== [ 27.482091] ================================================================== [ 27.482560] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 27.482947] Write of size 8 at addr ffff8881049630a8 by task kunit_try_catch/310 [ 27.483300] [ 27.483440] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 27.483492] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.483505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.483526] Call Trace: [ 27.483546] <TASK> [ 27.483563] dump_stack_lvl+0x73/0xb0 [ 27.483592] print_report+0xd1/0x640 [ 27.483613] ? __virt_addr_valid+0x1db/0x2d0 [ 27.483644] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 27.483670] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.483696] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 27.483721] kasan_report+0x141/0x180 [ 27.483743] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 27.483774] kasan_check_range+0x10c/0x1c0 [ 27.483797] __kasan_check_write+0x18/0x20 [ 27.483821] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 27.483848] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.483875] ? ret_from_fork_asm+0x1a/0x30 [ 27.483898] ? kthread+0x337/0x6f0 [ 27.483922] kasan_bitops_generic+0x116/0x1c0 [ 27.483957] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.483982] ? __pfx_read_tsc+0x10/0x10 [ 27.484004] ? ktime_get_ts64+0x86/0x230 [ 27.484029] kunit_try_run_case+0x1a5/0x480 [ 27.484053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.484076] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.484102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.484127] ? __kthread_parkme+0x82/0x180 [ 27.484159] ? preempt_count_sub+0x50/0x80 [ 27.484183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.484207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.484230] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.484255] kthread+0x337/0x6f0 [ 27.484276] ? trace_preempt_on+0x20/0xc0 [ 27.484301] ? __pfx_kthread+0x10/0x10 [ 27.484322] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.484345] ? calculate_sigpending+0x7b/0xa0 [ 27.484370] ? __pfx_kthread+0x10/0x10 [ 27.484432] ret_from_fork+0x116/0x1d0 [ 27.484453] ? __pfx_kthread+0x10/0x10 [ 27.484474] ret_from_fork_asm+0x1a/0x30 [ 27.484505] </TASK> [ 27.484517] [ 27.492398] Allocated by task 310: [ 27.492559] kasan_save_stack+0x45/0x70 [ 27.492747] kasan_save_track+0x18/0x40 [ 27.492895] kasan_save_alloc_info+0x3b/0x50 [ 27.493184] __kasan_kmalloc+0xb7/0xc0 [ 27.493315] __kmalloc_cache_noprof+0x189/0x420 [ 27.493466] kasan_bitops_generic+0x92/0x1c0 [ 27.493610] kunit_try_run_case+0x1a5/0x480 [ 27.493754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.493926] kthread+0x337/0x6f0 [ 27.494042] ret_from_fork+0x116/0x1d0 [ 27.495322] ret_from_fork_asm+0x1a/0x30 [ 27.495918] [ 27.496313] The buggy address belongs to the object at ffff8881049630a0 [ 27.496313] which belongs to the cache kmalloc-16 of size 16 [ 27.496927] The buggy address is located 8 bytes inside of [ 27.496927] allocated 9-byte region [ffff8881049630a0, ffff8881049630a9) [ 27.497841] [ 27.497951] The buggy address belongs to the physical page: [ 27.498219] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104963 [ 27.498945] flags: 0x200000000000000(node=0|zone=2) [ 27.499232] page_type: f5(slab) [ 27.499401] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.499695] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.500039] page dumped because: kasan: bad access detected [ 27.500274] [ 27.500344] Memory state around the buggy address: [ 27.500495] ffff888104962f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.500817] ffff888104963000: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.501172] >ffff888104963080: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 27.501446] ^ [ 27.501660] ffff888104963100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.501901] ffff888104963180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.502314] ================================================================== [ 27.344280] ================================================================== [ 27.344679] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 27.344941] Write of size 8 at addr ffff8881049630a8 by task kunit_try_catch/310 [ 27.345280] [ 27.345454] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) [ 27.345504] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.345561] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.345586] Call Trace: [ 27.345605] <TASK> [ 27.345660] dump_stack_lvl+0x73/0xb0 [ 27.345709] print_report+0xd1/0x640 [ 27.345732] ? __virt_addr_valid+0x1db/0x2d0 [ 27.345757] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 27.345783] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.345809] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 27.345836] kasan_report+0x141/0x180 [ 27.345858] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 27.345903] kasan_check_range+0x10c/0x1c0 [ 27.345927] __kasan_check_write+0x18/0x20 [ 27.345951] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 27.345977] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.346005] ? ret_from_fork_asm+0x1a/0x30 [ 27.346029] ? kthread+0x337/0x6f0 [ 27.346054] kasan_bitops_generic+0x116/0x1c0 [ 27.346078] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.346103] ? __pfx_read_tsc+0x10/0x10 [ 27.346125] ? ktime_get_ts64+0x86/0x230 [ 27.346162] kunit_try_run_case+0x1a5/0x480 [ 27.346187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.346209] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.346235] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.346260] ? __kthread_parkme+0x82/0x180 [ 27.346280] ? preempt_count_sub+0x50/0x80 [ 27.346303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.346328] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.346351] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.346376] kthread+0x337/0x6f0 [ 27.346395] ? trace_preempt_on+0x20/0xc0 [ 27.346418] ? __pfx_kthread+0x10/0x10 [ 27.346439] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.346462] ? calculate_sigpending+0x7b/0xa0 [ 27.346486] ? __pfx_kthread+0x10/0x10 [ 27.346507] ret_from_fork+0x116/0x1d0 [ 27.346527] ? __pfx_kthread+0x10/0x10 [ 27.346548] ret_from_fork_asm+0x1a/0x30 [ 27.346578] </TASK> [ 27.346589] [ 27.355088] Allocated by task 310: [ 27.355300] kasan_save_stack+0x45/0x70 [ 27.355568] kasan_save_track+0x18/0x40 [ 27.355767] kasan_save_alloc_info+0x3b/0x50 [ 27.355994] __kasan_kmalloc+0xb7/0xc0 [ 27.356184] __kmalloc_cache_noprof+0x189/0x420 [ 27.356340] kasan_bitops_generic+0x92/0x1c0 [ 27.356484] kunit_try_run_case+0x1a5/0x480 [ 27.356622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.357239] kthread+0x337/0x6f0 [ 27.357492] ret_from_fork+0x116/0x1d0 [ 27.357680] ret_from_fork_asm+0x1a/0x30 [ 27.357870] [ 27.357983] The buggy address belongs to the object at ffff8881049630a0 [ 27.357983] which belongs to the cache kmalloc-16 of size 16 [ 27.358628] The buggy address is located 8 bytes inside of [ 27.358628] allocated 9-byte region [ffff8881049630a0, ffff8881049630a9) [ 27.359392] [ 27.359464] The buggy address belongs to the physical page: [ 27.359648] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104963 [ 27.359987] flags: 0x200000000000000(node=0|zone=2) [ 27.360324] page_type: f5(slab) [ 27.360548] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.360884] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.361242] page dumped because: kasan: bad access detected [ 27.361678] [ 27.361759] Memory state around the buggy address: [ 27.362059] ffff888104962f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.362483] ffff888104963000: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.362774] >ffff888104963080: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 27.363110] ^ [ 27.363375] ffff888104963100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.363771] ffff888104963180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.364153] ==================================================================