Date
July 10, 2025, 9:07 a.m.
| Environment | |
|---|---|
| qemu-x86_64 |
[ 27.468631] ================================================================== [ 27.469044] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 27.469737] Write of size 8 at addr ffff888105807fa8 by task kunit_try_catch/309 [ 27.470232] [ 27.470340] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.470537] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.470550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.470573] Call Trace: [ 27.470590] <TASK> [ 27.470606] dump_stack_lvl+0x73/0xb0 [ 27.470643] print_report+0xd1/0x610 [ 27.470667] ? __virt_addr_valid+0x1db/0x2d0 [ 27.470691] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 27.470728] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.470754] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 27.470781] kasan_report+0x141/0x180 [ 27.470803] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 27.470835] kasan_check_range+0x10c/0x1c0 [ 27.470858] __kasan_check_write+0x18/0x20 [ 27.470881] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 27.470909] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.470936] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.470960] ? trace_hardirqs_on+0x37/0xe0 [ 27.470983] ? kasan_bitops_generic+0x92/0x1c0 [ 27.471009] kasan_bitops_generic+0x121/0x1c0 [ 27.471032] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.471058] ? trace_hardirqs_on+0x37/0xe0 [ 27.471079] ? __pfx_read_tsc+0x10/0x10 [ 27.471101] ? ktime_get_ts64+0x86/0x230 [ 27.471122] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 27.471148] kunit_try_run_case+0x1a5/0x480 [ 27.471171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.471193] ? queued_spin_lock_slowpath+0x116/0xb40 [ 27.471217] ? __kthread_parkme+0x82/0x180 [ 27.471238] ? preempt_count_sub+0x50/0x80 [ 27.471262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.471284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.471310] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.471335] kthread+0x337/0x6f0 [ 27.471356] ? trace_preempt_on+0x20/0xc0 [ 27.471378] ? __pfx_kthread+0x10/0x10 [ 27.471400] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.471422] ? calculate_sigpending+0x7b/0xa0 [ 27.471446] ? __pfx_kthread+0x10/0x10 [ 27.471468] ret_from_fork+0x116/0x1d0 [ 27.471516] ? __pfx_kthread+0x10/0x10 [ 27.471539] ret_from_fork_asm+0x1a/0x30 [ 27.471570] </TASK> [ 27.471581] [ 27.483451] Allocated by task 309: [ 27.483741] kasan_save_stack+0x45/0x70 [ 27.484043] kasan_save_track+0x18/0x40 [ 27.484412] kasan_save_alloc_info+0x3b/0x50 [ 27.484785] __kasan_kmalloc+0xb7/0xc0 [ 27.484979] __kmalloc_cache_noprof+0x189/0x420 [ 27.485180] kasan_bitops_generic+0x92/0x1c0 [ 27.485375] kunit_try_run_case+0x1a5/0x480 [ 27.485911] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.486209] kthread+0x337/0x6f0 [ 27.486471] ret_from_fork+0x116/0x1d0 [ 27.486869] ret_from_fork_asm+0x1a/0x30 [ 27.487169] [ 27.487384] The buggy address belongs to the object at ffff888105807fa0 [ 27.487384] which belongs to the cache kmalloc-16 of size 16 [ 27.488011] The buggy address is located 8 bytes inside of [ 27.488011] allocated 9-byte region [ffff888105807fa0, ffff888105807fa9) [ 27.488722] [ 27.488817] The buggy address belongs to the physical page: [ 27.489252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105807 [ 27.489954] flags: 0x200000000000000(node=0|zone=2) [ 27.490296] page_type: f5(slab) [ 27.490464] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.491120] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.491436] page dumped because: kasan: bad access detected [ 27.491993] [ 27.492078] Memory state around the buggy address: [ 27.492503] ffff888105807e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.492984] ffff888105807f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.493292] >ffff888105807f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 27.493923] ^ [ 27.494196] ffff888105808000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.494684] ffff888105808080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 27.495180] ================================================================== [ 27.445060] ================================================================== [ 27.445366] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 27.445854] Write of size 8 at addr ffff888105807fa8 by task kunit_try_catch/309 [ 27.446107] [ 27.446188] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.446235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.446247] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.446268] Call Trace: [ 27.446285] <TASK> [ 27.446302] dump_stack_lvl+0x73/0xb0 [ 27.446329] print_report+0xd1/0x610 [ 27.446352] ? __virt_addr_valid+0x1db/0x2d0 [ 27.446375] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 27.446400] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.446426] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 27.446453] kasan_report+0x141/0x180 [ 27.446474] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 27.446537] kasan_check_range+0x10c/0x1c0 [ 27.446561] __kasan_check_write+0x18/0x20 [ 27.446585] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 27.446612] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.446640] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.446663] ? trace_hardirqs_on+0x37/0xe0 [ 27.446685] ? kasan_bitops_generic+0x92/0x1c0 [ 27.446725] kasan_bitops_generic+0x121/0x1c0 [ 27.446749] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.446772] ? trace_hardirqs_on+0x37/0xe0 [ 27.446793] ? __pfx_read_tsc+0x10/0x10 [ 27.446815] ? ktime_get_ts64+0x86/0x230 [ 27.446836] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 27.446863] kunit_try_run_case+0x1a5/0x480 [ 27.446885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.446907] ? queued_spin_lock_slowpath+0x116/0xb40 [ 27.446936] ? __kthread_parkme+0x82/0x180 [ 27.446960] ? preempt_count_sub+0x50/0x80 [ 27.446985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.447008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.447033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.447058] kthread+0x337/0x6f0 [ 27.447078] ? trace_preempt_on+0x20/0xc0 [ 27.447101] ? __pfx_kthread+0x10/0x10 [ 27.447122] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.447144] ? calculate_sigpending+0x7b/0xa0 [ 27.447168] ? __pfx_kthread+0x10/0x10 [ 27.447192] ret_from_fork+0x116/0x1d0 [ 27.447211] ? __pfx_kthread+0x10/0x10 [ 27.447232] ret_from_fork_asm+0x1a/0x30 [ 27.447263] </TASK> [ 27.447275] [ 27.456462] Allocated by task 309: [ 27.456660] kasan_save_stack+0x45/0x70 [ 27.456817] kasan_save_track+0x18/0x40 [ 27.456950] kasan_save_alloc_info+0x3b/0x50 [ 27.457095] __kasan_kmalloc+0xb7/0xc0 [ 27.457222] __kmalloc_cache_noprof+0x189/0x420 [ 27.457375] kasan_bitops_generic+0x92/0x1c0 [ 27.457583] kunit_try_run_case+0x1a5/0x480 [ 27.457780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.458000] kthread+0x337/0x6f0 [ 27.458153] ret_from_fork+0x116/0x1d0 [ 27.458322] ret_from_fork_asm+0x1a/0x30 [ 27.458893] [ 27.458973] The buggy address belongs to the object at ffff888105807fa0 [ 27.458973] which belongs to the cache kmalloc-16 of size 16 [ 27.460402] The buggy address is located 8 bytes inside of [ 27.460402] allocated 9-byte region [ffff888105807fa0, ffff888105807fa9) [ 27.460845] [ 27.460916] The buggy address belongs to the physical page: [ 27.461086] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105807 [ 27.461321] flags: 0x200000000000000(node=0|zone=2) [ 27.462098] page_type: f5(slab) [ 27.462421] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.463446] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.463943] page dumped because: kasan: bad access detected [ 27.464362] [ 27.464457] Memory state around the buggy address: [ 27.464948] ffff888105807e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.465263] ffff888105807f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.465722] >ffff888105807f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 27.466230] ^ [ 27.466712] ffff888105808000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.467015] ffff888105808080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 27.467314] ================================================================== [ 27.360396] ================================================================== [ 27.360638] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 27.361397] Write of size 8 at addr ffff888105807fa8 by task kunit_try_catch/309 [ 27.362016] [ 27.362246] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.362315] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.362328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.362351] Call Trace: [ 27.362371] <TASK> [ 27.362389] dump_stack_lvl+0x73/0xb0 [ 27.362418] print_report+0xd1/0x610 [ 27.362441] ? __virt_addr_valid+0x1db/0x2d0 [ 27.362465] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 27.362503] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.362531] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 27.362558] kasan_report+0x141/0x180 [ 27.362580] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 27.362612] kasan_check_range+0x10c/0x1c0 [ 27.362635] __kasan_check_write+0x18/0x20 [ 27.362658] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 27.362685] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.362730] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.362753] ? trace_hardirqs_on+0x37/0xe0 [ 27.362776] ? kasan_bitops_generic+0x92/0x1c0 [ 27.363286] kasan_bitops_generic+0x121/0x1c0 [ 27.363314] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.363338] ? trace_hardirqs_on+0x37/0xe0 [ 27.363361] ? __pfx_read_tsc+0x10/0x10 [ 27.363383] ? ktime_get_ts64+0x86/0x230 [ 27.363405] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 27.363432] kunit_try_run_case+0x1a5/0x480 [ 27.363454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.363479] ? queued_spin_lock_slowpath+0x116/0xb40 [ 27.363506] ? __kthread_parkme+0x82/0x180 [ 27.363526] ? preempt_count_sub+0x50/0x80 [ 27.363550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.363572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.363598] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.363624] kthread+0x337/0x6f0 [ 27.363643] ? trace_preempt_on+0x20/0xc0 [ 27.363665] ? __pfx_kthread+0x10/0x10 [ 27.363686] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.363724] ? calculate_sigpending+0x7b/0xa0 [ 27.363749] ? __pfx_kthread+0x10/0x10 [ 27.363831] ret_from_fork+0x116/0x1d0 [ 27.363861] ? __pfx_kthread+0x10/0x10 [ 27.363883] ret_from_fork_asm+0x1a/0x30 [ 27.363915] </TASK> [ 27.363927] [ 27.374597] Allocated by task 309: [ 27.374862] kasan_save_stack+0x45/0x70 [ 27.375171] kasan_save_track+0x18/0x40 [ 27.375364] kasan_save_alloc_info+0x3b/0x50 [ 27.375551] __kasan_kmalloc+0xb7/0xc0 [ 27.375758] __kmalloc_cache_noprof+0x189/0x420 [ 27.376055] kasan_bitops_generic+0x92/0x1c0 [ 27.376224] kunit_try_run_case+0x1a5/0x480 [ 27.376422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.376961] kthread+0x337/0x6f0 [ 27.377159] ret_from_fork+0x116/0x1d0 [ 27.377365] ret_from_fork_asm+0x1a/0x30 [ 27.377636] [ 27.377740] The buggy address belongs to the object at ffff888105807fa0 [ 27.377740] which belongs to the cache kmalloc-16 of size 16 [ 27.378345] The buggy address is located 8 bytes inside of [ 27.378345] allocated 9-byte region [ffff888105807fa0, ffff888105807fa9) [ 27.378940] [ 27.379061] The buggy address belongs to the physical page: [ 27.379312] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105807 [ 27.379642] flags: 0x200000000000000(node=0|zone=2) [ 27.379813] page_type: f5(slab) [ 27.379935] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.380450] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.381330] page dumped because: kasan: bad access detected [ 27.381562] [ 27.381652] Memory state around the buggy address: [ 27.381841] ffff888105807e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.382148] ffff888105807f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.382453] >ffff888105807f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 27.382958] ^ [ 27.383161] ffff888105808000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.383451] ffff888105808080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 27.383773] ================================================================== [ 27.425098] ================================================================== [ 27.425439] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 27.426194] Write of size 8 at addr ffff888105807fa8 by task kunit_try_catch/309 [ 27.426564] [ 27.426725] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.426799] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.426824] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.426845] Call Trace: [ 27.426869] <TASK> [ 27.426886] dump_stack_lvl+0x73/0xb0 [ 27.426913] print_report+0xd1/0x610 [ 27.426935] ? __virt_addr_valid+0x1db/0x2d0 [ 27.426957] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 27.426984] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.427009] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 27.427037] kasan_report+0x141/0x180 [ 27.427059] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 27.427090] kasan_check_range+0x10c/0x1c0 [ 27.427113] __kasan_check_write+0x18/0x20 [ 27.427136] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 27.427164] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.427191] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.427216] ? trace_hardirqs_on+0x37/0xe0 [ 27.427238] ? kasan_bitops_generic+0x92/0x1c0 [ 27.427264] kasan_bitops_generic+0x121/0x1c0 [ 27.427288] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.427311] ? trace_hardirqs_on+0x37/0xe0 [ 27.427333] ? __pfx_read_tsc+0x10/0x10 [ 27.427354] ? ktime_get_ts64+0x86/0x230 [ 27.427376] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 27.427402] kunit_try_run_case+0x1a5/0x480 [ 27.427424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.427447] ? queued_spin_lock_slowpath+0x116/0xb40 [ 27.427470] ? __kthread_parkme+0x82/0x180 [ 27.427491] ? preempt_count_sub+0x50/0x80 [ 27.427514] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.427536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.427561] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.427586] kthread+0x337/0x6f0 [ 27.427606] ? trace_preempt_on+0x20/0xc0 [ 27.427628] ? __pfx_kthread+0x10/0x10 [ 27.427651] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.427672] ? calculate_sigpending+0x7b/0xa0 [ 27.427708] ? __pfx_kthread+0x10/0x10 [ 27.427731] ret_from_fork+0x116/0x1d0 [ 27.427751] ? __pfx_kthread+0x10/0x10 [ 27.427772] ret_from_fork_asm+0x1a/0x30 [ 27.427803] </TASK> [ 27.427815] [ 27.436201] Allocated by task 309: [ 27.436418] kasan_save_stack+0x45/0x70 [ 27.436637] kasan_save_track+0x18/0x40 [ 27.436834] kasan_save_alloc_info+0x3b/0x50 [ 27.437047] __kasan_kmalloc+0xb7/0xc0 [ 27.437225] __kmalloc_cache_noprof+0x189/0x420 [ 27.437437] kasan_bitops_generic+0x92/0x1c0 [ 27.437588] kunit_try_run_case+0x1a5/0x480 [ 27.437735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.437908] kthread+0x337/0x6f0 [ 27.438223] ret_from_fork+0x116/0x1d0 [ 27.438430] ret_from_fork_asm+0x1a/0x30 [ 27.438638] [ 27.438742] The buggy address belongs to the object at ffff888105807fa0 [ 27.438742] which belongs to the cache kmalloc-16 of size 16 [ 27.439318] The buggy address is located 8 bytes inside of [ 27.439318] allocated 9-byte region [ffff888105807fa0, ffff888105807fa9) [ 27.440214] [ 27.440315] The buggy address belongs to the physical page: [ 27.440665] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105807 [ 27.441024] flags: 0x200000000000000(node=0|zone=2) [ 27.441251] page_type: f5(slab) [ 27.441409] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.441764] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.441989] page dumped because: kasan: bad access detected [ 27.442158] [ 27.442221] Memory state around the buggy address: [ 27.442372] ffff888105807e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.442925] ffff888105807f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.443241] >ffff888105807f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 27.443629] ^ [ 27.443858] ffff888105808000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.444140] ffff888105808080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 27.444440] ================================================================== [ 27.406094] ================================================================== [ 27.406438] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 27.406767] Write of size 8 at addr ffff888105807fa8 by task kunit_try_catch/309 [ 27.406981] [ 27.407057] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.407103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.407114] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.407135] Call Trace: [ 27.407151] <TASK> [ 27.407167] dump_stack_lvl+0x73/0xb0 [ 27.407193] print_report+0xd1/0x610 [ 27.407215] ? __virt_addr_valid+0x1db/0x2d0 [ 27.407237] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 27.407262] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.407288] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 27.407314] kasan_report+0x141/0x180 [ 27.407334] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 27.407365] kasan_check_range+0x10c/0x1c0 [ 27.407387] __kasan_check_write+0x18/0x20 [ 27.407409] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 27.407436] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.407462] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.407510] ? trace_hardirqs_on+0x37/0xe0 [ 27.407531] ? kasan_bitops_generic+0x92/0x1c0 [ 27.407558] kasan_bitops_generic+0x121/0x1c0 [ 27.407581] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.407619] ? trace_hardirqs_on+0x37/0xe0 [ 27.407640] ? __pfx_read_tsc+0x10/0x10 [ 27.407673] ? ktime_get_ts64+0x86/0x230 [ 27.407716] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 27.407978] kunit_try_run_case+0x1a5/0x480 [ 27.408002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.408026] ? queued_spin_lock_slowpath+0x116/0xb40 [ 27.408049] ? __kthread_parkme+0x82/0x180 [ 27.408070] ? preempt_count_sub+0x50/0x80 [ 27.408119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.408142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.408168] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.408194] kthread+0x337/0x6f0 [ 27.408214] ? trace_preempt_on+0x20/0xc0 [ 27.408238] ? __pfx_kthread+0x10/0x10 [ 27.408258] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.408298] ? calculate_sigpending+0x7b/0xa0 [ 27.408321] ? __pfx_kthread+0x10/0x10 [ 27.408344] ret_from_fork+0x116/0x1d0 [ 27.408362] ? __pfx_kthread+0x10/0x10 [ 27.408383] ret_from_fork_asm+0x1a/0x30 [ 27.408414] </TASK> [ 27.408425] [ 27.417353] Allocated by task 309: [ 27.417543] kasan_save_stack+0x45/0x70 [ 27.417741] kasan_save_track+0x18/0x40 [ 27.417921] kasan_save_alloc_info+0x3b/0x50 [ 27.418104] __kasan_kmalloc+0xb7/0xc0 [ 27.418296] __kmalloc_cache_noprof+0x189/0x420 [ 27.418487] kasan_bitops_generic+0x92/0x1c0 [ 27.418722] kunit_try_run_case+0x1a5/0x480 [ 27.418913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.419116] kthread+0x337/0x6f0 [ 27.419283] ret_from_fork+0x116/0x1d0 [ 27.419468] ret_from_fork_asm+0x1a/0x30 [ 27.419674] [ 27.419760] The buggy address belongs to the object at ffff888105807fa0 [ 27.419760] which belongs to the cache kmalloc-16 of size 16 [ 27.420248] The buggy address is located 8 bytes inside of [ 27.420248] allocated 9-byte region [ffff888105807fa0, ffff888105807fa9) [ 27.420732] [ 27.420827] The buggy address belongs to the physical page: [ 27.421079] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105807 [ 27.421392] flags: 0x200000000000000(node=0|zone=2) [ 27.421667] page_type: f5(slab) [ 27.421837] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.422227] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.422596] page dumped because: kasan: bad access detected [ 27.422848] [ 27.422934] Memory state around the buggy address: [ 27.423166] ffff888105807e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.423435] ffff888105807f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.423639] >ffff888105807f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 27.423854] ^ [ 27.423999] ffff888105808000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.424219] ffff888105808080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 27.424574] ================================================================== [ 27.515516] ================================================================== [ 27.515964] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 27.516362] Read of size 8 at addr ffff888105807fa8 by task kunit_try_catch/309 [ 27.516728] [ 27.516854] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.516911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.516924] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.516946] Call Trace: [ 27.516963] <TASK> [ 27.516979] dump_stack_lvl+0x73/0xb0 [ 27.517006] print_report+0xd1/0x610 [ 27.517028] ? __virt_addr_valid+0x1db/0x2d0 [ 27.517053] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 27.517080] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.517106] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 27.517133] kasan_report+0x141/0x180 [ 27.517155] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 27.517186] __asan_report_load8_noabort+0x18/0x20 [ 27.517210] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 27.517237] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.517265] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.517288] ? trace_hardirqs_on+0x37/0xe0 [ 27.517310] ? kasan_bitops_generic+0x92/0x1c0 [ 27.517337] kasan_bitops_generic+0x121/0x1c0 [ 27.517361] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.517383] ? trace_hardirqs_on+0x37/0xe0 [ 27.517405] ? __pfx_read_tsc+0x10/0x10 [ 27.517426] ? ktime_get_ts64+0x86/0x230 [ 27.517448] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 27.517474] kunit_try_run_case+0x1a5/0x480 [ 27.517506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.517529] ? queued_spin_lock_slowpath+0x116/0xb40 [ 27.517552] ? __kthread_parkme+0x82/0x180 [ 27.517572] ? preempt_count_sub+0x50/0x80 [ 27.517596] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.517619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.517644] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.517670] kthread+0x337/0x6f0 [ 27.517690] ? trace_preempt_on+0x20/0xc0 [ 27.517723] ? __pfx_kthread+0x10/0x10 [ 27.517744] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.517764] ? calculate_sigpending+0x7b/0xa0 [ 27.517789] ? __pfx_kthread+0x10/0x10 [ 27.517810] ret_from_fork+0x116/0x1d0 [ 27.517828] ? __pfx_kthread+0x10/0x10 [ 27.517850] ret_from_fork_asm+0x1a/0x30 [ 27.517880] </TASK> [ 27.517891] [ 27.525853] Allocated by task 309: [ 27.526034] kasan_save_stack+0x45/0x70 [ 27.526173] kasan_save_track+0x18/0x40 [ 27.526302] kasan_save_alloc_info+0x3b/0x50 [ 27.526446] __kasan_kmalloc+0xb7/0xc0 [ 27.526649] __kmalloc_cache_noprof+0x189/0x420 [ 27.526878] kasan_bitops_generic+0x92/0x1c0 [ 27.527084] kunit_try_run_case+0x1a5/0x480 [ 27.527415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.527645] kthread+0x337/0x6f0 [ 27.527818] ret_from_fork+0x116/0x1d0 [ 27.527992] ret_from_fork_asm+0x1a/0x30 [ 27.528135] [ 27.528201] The buggy address belongs to the object at ffff888105807fa0 [ 27.528201] which belongs to the cache kmalloc-16 of size 16 [ 27.528811] The buggy address is located 8 bytes inside of [ 27.528811] allocated 9-byte region [ffff888105807fa0, ffff888105807fa9) [ 27.529220] [ 27.529287] The buggy address belongs to the physical page: [ 27.529455] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105807 [ 27.529690] flags: 0x200000000000000(node=0|zone=2) [ 27.529943] page_type: f5(slab) [ 27.530105] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.530446] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.530784] page dumped because: kasan: bad access detected [ 27.531234] [ 27.531300] Memory state around the buggy address: [ 27.531451] ffff888105807e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.531663] ffff888105807f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.532164] >ffff888105807f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 27.532473] ^ [ 27.532671] ffff888105808000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.532890] ffff888105808080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 27.533101] ================================================================== [ 27.331772] ================================================================== [ 27.332545] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 27.333835] Write of size 8 at addr ffff888105807fa8 by task kunit_try_catch/309 [ 27.334150] [ 27.334257] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.334308] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.334320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.334341] Call Trace: [ 27.334358] <TASK> [ 27.334377] dump_stack_lvl+0x73/0xb0 [ 27.334405] print_report+0xd1/0x610 [ 27.334429] ? __virt_addr_valid+0x1db/0x2d0 [ 27.334452] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 27.334493] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.334519] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 27.334547] kasan_report+0x141/0x180 [ 27.334568] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 27.334600] kasan_check_range+0x10c/0x1c0 [ 27.334623] __kasan_check_write+0x18/0x20 [ 27.334646] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 27.334673] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.334712] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.334736] ? trace_hardirqs_on+0x37/0xe0 [ 27.334759] ? kasan_bitops_generic+0x92/0x1c0 [ 27.334786] kasan_bitops_generic+0x121/0x1c0 [ 27.334810] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.334832] ? trace_hardirqs_on+0x37/0xe0 [ 27.334854] ? __pfx_read_tsc+0x10/0x10 [ 27.334875] ? ktime_get_ts64+0x86/0x230 [ 27.334896] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 27.334923] kunit_try_run_case+0x1a5/0x480 [ 27.334944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.334967] ? queued_spin_lock_slowpath+0x116/0xb40 [ 27.334990] ? __kthread_parkme+0x82/0x180 [ 27.335011] ? preempt_count_sub+0x50/0x80 [ 27.335033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.335055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.335081] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.335105] kthread+0x337/0x6f0 [ 27.335125] ? trace_preempt_on+0x20/0xc0 [ 27.335148] ? __pfx_kthread+0x10/0x10 [ 27.335169] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.335191] ? calculate_sigpending+0x7b/0xa0 [ 27.335216] ? __pfx_kthread+0x10/0x10 [ 27.335238] ret_from_fork+0x116/0x1d0 [ 27.335258] ? __pfx_kthread+0x10/0x10 [ 27.335278] ret_from_fork_asm+0x1a/0x30 [ 27.335309] </TASK> [ 27.335320] [ 27.347901] Allocated by task 309: [ 27.348060] kasan_save_stack+0x45/0x70 [ 27.348405] kasan_save_track+0x18/0x40 [ 27.348711] kasan_save_alloc_info+0x3b/0x50 [ 27.349116] __kasan_kmalloc+0xb7/0xc0 [ 27.349381] __kmalloc_cache_noprof+0x189/0x420 [ 27.349709] kasan_bitops_generic+0x92/0x1c0 [ 27.350106] kunit_try_run_case+0x1a5/0x480 [ 27.350392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.351070] kthread+0x337/0x6f0 [ 27.351251] ret_from_fork+0x116/0x1d0 [ 27.351406] ret_from_fork_asm+0x1a/0x30 [ 27.351625] [ 27.351735] The buggy address belongs to the object at ffff888105807fa0 [ 27.351735] which belongs to the cache kmalloc-16 of size 16 [ 27.352249] The buggy address is located 8 bytes inside of [ 27.352249] allocated 9-byte region [ffff888105807fa0, ffff888105807fa9) [ 27.352751] [ 27.352831] The buggy address belongs to the physical page: [ 27.353069] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105807 [ 27.353413] flags: 0x200000000000000(node=0|zone=2) [ 27.353638] page_type: f5(slab) [ 27.354516] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.355206] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.355725] page dumped because: kasan: bad access detected [ 27.356275] [ 27.356368] Memory state around the buggy address: [ 27.356775] ffff888105807e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.357262] ffff888105807f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.357691] >ffff888105807f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 27.358166] ^ [ 27.358467] ffff888105808000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.359350] ffff888105808080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 27.359738] ================================================================== [ 27.496959] ================================================================== [ 27.497275] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 27.497608] Read of size 8 at addr ffff888105807fa8 by task kunit_try_catch/309 [ 27.497921] [ 27.498017] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.498328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.498348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.498371] Call Trace: [ 27.498389] <TASK> [ 27.498405] dump_stack_lvl+0x73/0xb0 [ 27.498434] print_report+0xd1/0x610 [ 27.498457] ? __virt_addr_valid+0x1db/0x2d0 [ 27.498481] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 27.498524] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.498550] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 27.498577] kasan_report+0x141/0x180 [ 27.498599] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 27.498631] kasan_check_range+0x10c/0x1c0 [ 27.498655] __kasan_check_read+0x15/0x20 [ 27.498680] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 27.498721] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.498749] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.498773] ? trace_hardirqs_on+0x37/0xe0 [ 27.498795] ? kasan_bitops_generic+0x92/0x1c0 [ 27.498823] kasan_bitops_generic+0x121/0x1c0 [ 27.498846] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.498869] ? trace_hardirqs_on+0x37/0xe0 [ 27.498891] ? __pfx_read_tsc+0x10/0x10 [ 27.498911] ? ktime_get_ts64+0x86/0x230 [ 27.498934] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 27.498961] kunit_try_run_case+0x1a5/0x480 [ 27.498983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.499005] ? queued_spin_lock_slowpath+0x116/0xb40 [ 27.499029] ? __kthread_parkme+0x82/0x180 [ 27.499050] ? preempt_count_sub+0x50/0x80 [ 27.499074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.499096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.499122] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.499147] kthread+0x337/0x6f0 [ 27.499167] ? trace_preempt_on+0x20/0xc0 [ 27.499189] ? __pfx_kthread+0x10/0x10 [ 27.499210] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.499232] ? calculate_sigpending+0x7b/0xa0 [ 27.499256] ? __pfx_kthread+0x10/0x10 [ 27.499278] ret_from_fork+0x116/0x1d0 [ 27.499297] ? __pfx_kthread+0x10/0x10 [ 27.499318] ret_from_fork_asm+0x1a/0x30 [ 27.499349] </TASK> [ 27.499360] [ 27.507383] Allocated by task 309: [ 27.507559] kasan_save_stack+0x45/0x70 [ 27.507747] kasan_save_track+0x18/0x40 [ 27.507883] kasan_save_alloc_info+0x3b/0x50 [ 27.508025] __kasan_kmalloc+0xb7/0xc0 [ 27.508338] __kmalloc_cache_noprof+0x189/0x420 [ 27.508649] kasan_bitops_generic+0x92/0x1c0 [ 27.508871] kunit_try_run_case+0x1a5/0x480 [ 27.509073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.509274] kthread+0x337/0x6f0 [ 27.509391] ret_from_fork+0x116/0x1d0 [ 27.509520] ret_from_fork_asm+0x1a/0x30 [ 27.509656] [ 27.509774] The buggy address belongs to the object at ffff888105807fa0 [ 27.509774] which belongs to the cache kmalloc-16 of size 16 [ 27.510293] The buggy address is located 8 bytes inside of [ 27.510293] allocated 9-byte region [ffff888105807fa0, ffff888105807fa9) [ 27.510718] [ 27.510786] The buggy address belongs to the physical page: [ 27.510957] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105807 [ 27.511412] flags: 0x200000000000000(node=0|zone=2) [ 27.511861] page_type: f5(slab) [ 27.512032] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.512371] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.512690] page dumped because: kasan: bad access detected [ 27.512938] [ 27.513006] Memory state around the buggy address: [ 27.513201] ffff888105807e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.513456] ffff888105807f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.513871] >ffff888105807f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 27.514241] ^ [ 27.514415] ffff888105808000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.514809] ffff888105808080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 27.515023] ================================================================== [ 27.384311] ================================================================== [ 27.384671] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 27.385151] Write of size 8 at addr ffff888105807fa8 by task kunit_try_catch/309 [ 27.385434] [ 27.385588] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) [ 27.385637] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.385650] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.385692] Call Trace: [ 27.385718] <TASK> [ 27.385734] dump_stack_lvl+0x73/0xb0 [ 27.385762] print_report+0xd1/0x610 [ 27.385836] ? __virt_addr_valid+0x1db/0x2d0 [ 27.385883] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 27.385912] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.385938] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 27.385965] kasan_report+0x141/0x180 [ 27.385987] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 27.386018] kasan_check_range+0x10c/0x1c0 [ 27.386058] __kasan_check_write+0x18/0x20 [ 27.386094] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 27.386122] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.386150] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.386190] ? trace_hardirqs_on+0x37/0xe0 [ 27.386226] ? kasan_bitops_generic+0x92/0x1c0 [ 27.386253] kasan_bitops_generic+0x121/0x1c0 [ 27.386289] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.386326] ? trace_hardirqs_on+0x37/0xe0 [ 27.386360] ? __pfx_read_tsc+0x10/0x10 [ 27.386381] ? ktime_get_ts64+0x86/0x230 [ 27.386404] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 27.386430] kunit_try_run_case+0x1a5/0x480 [ 27.386452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.386475] ? queued_spin_lock_slowpath+0x116/0xb40 [ 27.386510] ? __kthread_parkme+0x82/0x180 [ 27.386531] ? preempt_count_sub+0x50/0x80 [ 27.386554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.386576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.386602] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.386627] kthread+0x337/0x6f0 [ 27.386647] ? trace_preempt_on+0x20/0xc0 [ 27.386670] ? __pfx_kthread+0x10/0x10 [ 27.386691] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.386725] ? calculate_sigpending+0x7b/0xa0 [ 27.386749] ? __pfx_kthread+0x10/0x10 [ 27.386771] ret_from_fork+0x116/0x1d0 [ 27.386923] ? __pfx_kthread+0x10/0x10 [ 27.386946] ret_from_fork_asm+0x1a/0x30 [ 27.386995] </TASK> [ 27.387007] [ 27.396085] Allocated by task 309: [ 27.396358] kasan_save_stack+0x45/0x70 [ 27.396555] kasan_save_track+0x18/0x40 [ 27.396749] kasan_save_alloc_info+0x3b/0x50 [ 27.396995] __kasan_kmalloc+0xb7/0xc0 [ 27.397117] __kmalloc_cache_noprof+0x189/0x420 [ 27.397598] kasan_bitops_generic+0x92/0x1c0 [ 27.397816] kunit_try_run_case+0x1a5/0x480 [ 27.398008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.398289] kthread+0x337/0x6f0 [ 27.398473] ret_from_fork+0x116/0x1d0 [ 27.398643] ret_from_fork_asm+0x1a/0x30 [ 27.399006] [ 27.399121] The buggy address belongs to the object at ffff888105807fa0 [ 27.399121] which belongs to the cache kmalloc-16 of size 16 [ 27.399609] The buggy address is located 8 bytes inside of [ 27.399609] allocated 9-byte region [ffff888105807fa0, ffff888105807fa9) [ 27.400210] [ 27.400305] The buggy address belongs to the physical page: [ 27.400605] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105807 [ 27.400908] flags: 0x200000000000000(node=0|zone=2) [ 27.401260] page_type: f5(slab) [ 27.401397] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.401804] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.402018] page dumped because: kasan: bad access detected [ 27.402177] [ 27.402240] Memory state around the buggy address: [ 27.402448] ffff888105807e80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.403300] ffff888105807f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.403664] >ffff888105807f80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 27.404174] ^ [ 27.404404] ffff888105808000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.404650] ffff888105808080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 27.405299] ==================================================================