Date
July 16, 2025, 12:11 p.m.
| Environment | |
|---|---|
| qemu-x86_64 |
[ 25.608459] ================================================================== [ 25.608769] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 25.609042] Write of size 8 at addr ffff888105376d88 by task kunit_try_catch/310 [ 25.609259] [ 25.609362] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 25.609409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.609420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.609440] Call Trace: [ 25.609458] <TASK> [ 25.609475] dump_stack_lvl+0x73/0xb0 [ 25.609502] print_report+0xd1/0x610 [ 25.609524] ? __virt_addr_valid+0x1db/0x2d0 [ 25.609547] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 25.609572] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.609601] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 25.609627] kasan_report+0x141/0x180 [ 25.609648] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 25.609678] kasan_check_range+0x10c/0x1c0 [ 25.609701] __kasan_check_write+0x18/0x20 [ 25.609724] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 25.609749] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.609778] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.609801] ? finish_task_switch.isra.0+0x156/0x700 [ 25.609822] ? kasan_bitops_generic+0x92/0x1c0 [ 25.609848] kasan_bitops_generic+0x121/0x1c0 [ 25.609870] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.609894] ? __pfx_read_tsc+0x10/0x10 [ 25.609915] ? ktime_get_ts64+0x86/0x230 [ 25.609939] kunit_try_run_case+0x1a5/0x480 [ 25.609962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.609983] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.610005] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.610027] ? __kthread_parkme+0x82/0x180 [ 25.610047] ? preempt_count_sub+0x50/0x80 [ 25.610069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.610091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.610117] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.610143] kthread+0x337/0x6f0 [ 25.610161] ? trace_preempt_on+0x20/0xc0 [ 25.610184] ? __pfx_kthread+0x10/0x10 [ 25.610204] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.610224] ? calculate_sigpending+0x7b/0xa0 [ 25.610248] ? __pfx_kthread+0x10/0x10 [ 25.610268] ret_from_fork+0x116/0x1d0 [ 25.610287] ? __pfx_kthread+0x10/0x10 [ 25.610687] ret_from_fork_asm+0x1a/0x30 [ 25.610727] </TASK> [ 25.610738] [ 25.618319] Allocated by task 310: [ 25.618445] kasan_save_stack+0x45/0x70 [ 25.618609] kasan_save_track+0x18/0x40 [ 25.618740] kasan_save_alloc_info+0x3b/0x50 [ 25.618909] __kasan_kmalloc+0xb7/0xc0 [ 25.619088] __kmalloc_cache_noprof+0x189/0x420 [ 25.619313] kasan_bitops_generic+0x92/0x1c0 [ 25.619518] kunit_try_run_case+0x1a5/0x480 [ 25.619746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.619999] kthread+0x337/0x6f0 [ 25.620163] ret_from_fork+0x116/0x1d0 [ 25.620360] ret_from_fork_asm+0x1a/0x30 [ 25.620552] [ 25.620661] The buggy address belongs to the object at ffff888105376d80 [ 25.620661] which belongs to the cache kmalloc-16 of size 16 [ 25.621187] The buggy address is located 8 bytes inside of [ 25.621187] allocated 9-byte region [ffff888105376d80, ffff888105376d89) [ 25.621722] [ 25.621806] The buggy address belongs to the physical page: [ 25.621994] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105376 [ 25.622272] flags: 0x200000000000000(node=0|zone=2) [ 25.622520] page_type: f5(slab) [ 25.622713] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.622993] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.623316] page dumped because: kasan: bad access detected [ 25.623531] [ 25.623638] Memory state around the buggy address: [ 25.623831] ffff888105376c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.624104] ffff888105376d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.624359] >ffff888105376d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.624582] ^ [ 25.624698] ffff888105376e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.624905] ffff888105376e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.625108] ================================================================== [ 25.571975] ================================================================== [ 25.573213] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 25.573699] Write of size 8 at addr ffff888105376d88 by task kunit_try_catch/310 [ 25.573982] [ 25.574083] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 25.574135] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.574148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.574172] Call Trace: [ 25.574189] <TASK> [ 25.574208] dump_stack_lvl+0x73/0xb0 [ 25.574241] print_report+0xd1/0x610 [ 25.574264] ? __virt_addr_valid+0x1db/0x2d0 [ 25.574290] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 25.574331] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.574357] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 25.574384] kasan_report+0x141/0x180 [ 25.574406] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 25.574437] kasan_check_range+0x10c/0x1c0 [ 25.574460] __kasan_check_write+0x18/0x20 [ 25.574483] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 25.574509] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.574537] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.574562] ? finish_task_switch.isra.0+0x156/0x700 [ 25.574596] ? kasan_bitops_generic+0x92/0x1c0 [ 25.574622] kasan_bitops_generic+0x121/0x1c0 [ 25.574644] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.574669] ? __pfx_read_tsc+0x10/0x10 [ 25.574692] ? ktime_get_ts64+0x86/0x230 [ 25.574719] kunit_try_run_case+0x1a5/0x480 [ 25.574745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.574767] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.574791] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.574813] ? __kthread_parkme+0x82/0x180 [ 25.574834] ? preempt_count_sub+0x50/0x80 [ 25.574856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.574879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.574906] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.574933] kthread+0x337/0x6f0 [ 25.574952] ? trace_preempt_on+0x20/0xc0 [ 25.574977] ? __pfx_kthread+0x10/0x10 [ 25.574998] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.575019] ? calculate_sigpending+0x7b/0xa0 [ 25.575044] ? __pfx_kthread+0x10/0x10 [ 25.575065] ret_from_fork+0x116/0x1d0 [ 25.575084] ? __pfx_kthread+0x10/0x10 [ 25.575104] ret_from_fork_asm+0x1a/0x30 [ 25.575137] </TASK> [ 25.575148] [ 25.582794] Allocated by task 310: [ 25.582954] kasan_save_stack+0x45/0x70 [ 25.583137] kasan_save_track+0x18/0x40 [ 25.583331] kasan_save_alloc_info+0x3b/0x50 [ 25.583515] __kasan_kmalloc+0xb7/0xc0 [ 25.583685] __kmalloc_cache_noprof+0x189/0x420 [ 25.583836] kasan_bitops_generic+0x92/0x1c0 [ 25.583976] kunit_try_run_case+0x1a5/0x480 [ 25.584114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.584284] kthread+0x337/0x6f0 [ 25.584457] ret_from_fork+0x116/0x1d0 [ 25.584641] ret_from_fork_asm+0x1a/0x30 [ 25.584843] [ 25.584932] The buggy address belongs to the object at ffff888105376d80 [ 25.584932] which belongs to the cache kmalloc-16 of size 16 [ 25.585470] The buggy address is located 8 bytes inside of [ 25.585470] allocated 9-byte region [ffff888105376d80, ffff888105376d89) [ 25.585905] [ 25.585972] The buggy address belongs to the physical page: [ 25.586171] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105376 [ 25.586528] flags: 0x200000000000000(node=0|zone=2) [ 25.586987] page_type: f5(slab) [ 25.587140] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.587438] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.587741] page dumped because: kasan: bad access detected [ 25.587976] [ 25.588050] Memory state around the buggy address: [ 25.588249] ffff888105376c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.588547] ffff888105376d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.588840] >ffff888105376d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.589112] ^ [ 25.589282] ffff888105376e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.589573] ffff888105376e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.589846] ================================================================== [ 25.701107] ================================================================== [ 25.701445] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 25.702258] Read of size 8 at addr ffff888105376d88 by task kunit_try_catch/310 [ 25.702635] [ 25.702744] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 25.702795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.702808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.702830] Call Trace: [ 25.702852] <TASK> [ 25.702869] dump_stack_lvl+0x73/0xb0 [ 25.702900] print_report+0xd1/0x610 [ 25.702922] ? __virt_addr_valid+0x1db/0x2d0 [ 25.702946] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 25.702972] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.702997] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 25.703024] kasan_report+0x141/0x180 [ 25.703045] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 25.703076] kasan_check_range+0x10c/0x1c0 [ 25.703099] __kasan_check_read+0x15/0x20 [ 25.703124] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 25.703152] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.703179] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.703204] ? finish_task_switch.isra.0+0x156/0x700 [ 25.703227] ? kasan_bitops_generic+0x92/0x1c0 [ 25.703253] kasan_bitops_generic+0x121/0x1c0 [ 25.703276] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.703312] ? __pfx_read_tsc+0x10/0x10 [ 25.703337] ? ktime_get_ts64+0x86/0x230 [ 25.703363] kunit_try_run_case+0x1a5/0x480 [ 25.703388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.703410] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.703433] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.703456] ? __kthread_parkme+0x82/0x180 [ 25.703476] ? preempt_count_sub+0x50/0x80 [ 25.703499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.703522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.703549] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.703595] kthread+0x337/0x6f0 [ 25.703615] ? trace_preempt_on+0x20/0xc0 [ 25.703639] ? __pfx_kthread+0x10/0x10 [ 25.703659] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.703680] ? calculate_sigpending+0x7b/0xa0 [ 25.703704] ? __pfx_kthread+0x10/0x10 [ 25.703725] ret_from_fork+0x116/0x1d0 [ 25.703745] ? __pfx_kthread+0x10/0x10 [ 25.703765] ret_from_fork_asm+0x1a/0x30 [ 25.703796] </TASK> [ 25.703807] [ 25.711267] Allocated by task 310: [ 25.711446] kasan_save_stack+0x45/0x70 [ 25.711657] kasan_save_track+0x18/0x40 [ 25.711832] kasan_save_alloc_info+0x3b/0x50 [ 25.711976] __kasan_kmalloc+0xb7/0xc0 [ 25.712102] __kmalloc_cache_noprof+0x189/0x420 [ 25.712332] kasan_bitops_generic+0x92/0x1c0 [ 25.712537] kunit_try_run_case+0x1a5/0x480 [ 25.712758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.712991] kthread+0x337/0x6f0 [ 25.713147] ret_from_fork+0x116/0x1d0 [ 25.713319] ret_from_fork_asm+0x1a/0x30 [ 25.713457] [ 25.713548] The buggy address belongs to the object at ffff888105376d80 [ 25.713548] which belongs to the cache kmalloc-16 of size 16 [ 25.714074] The buggy address is located 8 bytes inside of [ 25.714074] allocated 9-byte region [ffff888105376d80, ffff888105376d89) [ 25.714519] [ 25.714638] The buggy address belongs to the physical page: [ 25.714863] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105376 [ 25.715118] flags: 0x200000000000000(node=0|zone=2) [ 25.715277] page_type: f5(slab) [ 25.715403] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.715648] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.715956] page dumped because: kasan: bad access detected [ 25.716200] [ 25.716293] Memory state around the buggy address: [ 25.716521] ffff888105376c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.716859] ffff888105376d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.717069] >ffff888105376d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.717274] ^ [ 25.717402] ffff888105376e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.717647] ffff888105376e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.717962] ================================================================== [ 25.553139] ================================================================== [ 25.553419] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 25.553760] Write of size 8 at addr ffff888105376d88 by task kunit_try_catch/310 [ 25.553978] [ 25.554374] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 25.554433] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.554447] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.554469] Call Trace: [ 25.554489] <TASK> [ 25.554505] dump_stack_lvl+0x73/0xb0 [ 25.554537] print_report+0xd1/0x610 [ 25.554560] ? __virt_addr_valid+0x1db/0x2d0 [ 25.554583] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 25.554611] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.554636] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 25.554663] kasan_report+0x141/0x180 [ 25.554685] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 25.554715] kasan_check_range+0x10c/0x1c0 [ 25.554738] __kasan_check_write+0x18/0x20 [ 25.554761] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 25.554788] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.554816] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.554841] ? finish_task_switch.isra.0+0x156/0x700 [ 25.554864] ? kasan_bitops_generic+0x92/0x1c0 [ 25.555117] kasan_bitops_generic+0x121/0x1c0 [ 25.555141] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.555166] ? __pfx_read_tsc+0x10/0x10 [ 25.555189] ? ktime_get_ts64+0x86/0x230 [ 25.555215] kunit_try_run_case+0x1a5/0x480 [ 25.555239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.555261] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.555285] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.555323] ? __kthread_parkme+0x82/0x180 [ 25.555344] ? preempt_count_sub+0x50/0x80 [ 25.555367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.555390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.555417] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.555443] kthread+0x337/0x6f0 [ 25.555462] ? trace_preempt_on+0x20/0xc0 [ 25.555486] ? __pfx_kthread+0x10/0x10 [ 25.555507] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.555527] ? calculate_sigpending+0x7b/0xa0 [ 25.555552] ? __pfx_kthread+0x10/0x10 [ 25.555572] ret_from_fork+0x116/0x1d0 [ 25.555592] ? __pfx_kthread+0x10/0x10 [ 25.555612] ret_from_fork_asm+0x1a/0x30 [ 25.555643] </TASK> [ 25.555654] [ 25.563748] Allocated by task 310: [ 25.563936] kasan_save_stack+0x45/0x70 [ 25.564141] kasan_save_track+0x18/0x40 [ 25.564320] kasan_save_alloc_info+0x3b/0x50 [ 25.564483] __kasan_kmalloc+0xb7/0xc0 [ 25.564668] __kmalloc_cache_noprof+0x189/0x420 [ 25.564820] kasan_bitops_generic+0x92/0x1c0 [ 25.564962] kunit_try_run_case+0x1a5/0x480 [ 25.565108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.565371] kthread+0x337/0x6f0 [ 25.565542] ret_from_fork+0x116/0x1d0 [ 25.565732] ret_from_fork_asm+0x1a/0x30 [ 25.565943] [ 25.566032] The buggy address belongs to the object at ffff888105376d80 [ 25.566032] which belongs to the cache kmalloc-16 of size 16 [ 25.566569] The buggy address is located 8 bytes inside of [ 25.566569] allocated 9-byte region [ffff888105376d80, ffff888105376d89) [ 25.566985] [ 25.567054] The buggy address belongs to the physical page: [ 25.567220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105376 [ 25.567561] flags: 0x200000000000000(node=0|zone=2) [ 25.567795] page_type: f5(slab) [ 25.567982] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.568290] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.568527] page dumped because: kasan: bad access detected [ 25.569014] [ 25.569108] Memory state around the buggy address: [ 25.569350] ffff888105376c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.569650] ffff888105376d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.569876] >ffff888105376d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.570086] ^ [ 25.570257] ffff888105376e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.570583] ffff888105376e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.571040] ================================================================== [ 25.591039] ================================================================== [ 25.591353] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 25.591745] Write of size 8 at addr ffff888105376d88 by task kunit_try_catch/310 [ 25.592056] [ 25.592164] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 25.592213] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.592225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.592246] Call Trace: [ 25.592266] <TASK> [ 25.592281] dump_stack_lvl+0x73/0xb0 [ 25.592322] print_report+0xd1/0x610 [ 25.592344] ? __virt_addr_valid+0x1db/0x2d0 [ 25.592368] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 25.592394] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.592419] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 25.592446] kasan_report+0x141/0x180 [ 25.592467] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 25.592498] kasan_check_range+0x10c/0x1c0 [ 25.592521] __kasan_check_write+0x18/0x20 [ 25.592544] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 25.592571] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.592608] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.592632] ? finish_task_switch.isra.0+0x156/0x700 [ 25.592654] ? kasan_bitops_generic+0x92/0x1c0 [ 25.592680] kasan_bitops_generic+0x121/0x1c0 [ 25.592704] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.592728] ? __pfx_read_tsc+0x10/0x10 [ 25.592751] ? ktime_get_ts64+0x86/0x230 [ 25.592775] kunit_try_run_case+0x1a5/0x480 [ 25.592800] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.592822] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.592845] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.592867] ? __kthread_parkme+0x82/0x180 [ 25.592887] ? preempt_count_sub+0x50/0x80 [ 25.592910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.592933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.592960] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.592986] kthread+0x337/0x6f0 [ 25.593005] ? trace_preempt_on+0x20/0xc0 [ 25.593029] ? __pfx_kthread+0x10/0x10 [ 25.593050] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.593070] ? calculate_sigpending+0x7b/0xa0 [ 25.593093] ? __pfx_kthread+0x10/0x10 [ 25.593115] ret_from_fork+0x116/0x1d0 [ 25.593134] ? __pfx_kthread+0x10/0x10 [ 25.593154] ret_from_fork_asm+0x1a/0x30 [ 25.593185] </TASK> [ 25.593195] [ 25.600743] Allocated by task 310: [ 25.600899] kasan_save_stack+0x45/0x70 [ 25.601064] kasan_save_track+0x18/0x40 [ 25.601207] kasan_save_alloc_info+0x3b/0x50 [ 25.601358] __kasan_kmalloc+0xb7/0xc0 [ 25.601486] __kmalloc_cache_noprof+0x189/0x420 [ 25.601667] kasan_bitops_generic+0x92/0x1c0 [ 25.601817] kunit_try_run_case+0x1a5/0x480 [ 25.601963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.602134] kthread+0x337/0x6f0 [ 25.602249] ret_from_fork+0x116/0x1d0 [ 25.602426] ret_from_fork_asm+0x1a/0x30 [ 25.602640] [ 25.602730] The buggy address belongs to the object at ffff888105376d80 [ 25.602730] which belongs to the cache kmalloc-16 of size 16 [ 25.603245] The buggy address is located 8 bytes inside of [ 25.603245] allocated 9-byte region [ffff888105376d80, ffff888105376d89) [ 25.603786] [ 25.603875] The buggy address belongs to the physical page: [ 25.604122] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105376 [ 25.604516] flags: 0x200000000000000(node=0|zone=2) [ 25.604771] page_type: f5(slab) [ 25.604937] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.605179] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.605409] page dumped because: kasan: bad access detected [ 25.605602] [ 25.605666] Memory state around the buggy address: [ 25.605849] ffff888105376c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.606157] ffff888105376d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.606485] >ffff888105376d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.606824] ^ [ 25.607002] ffff888105376e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.607317] ffff888105376e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.607652] ================================================================== [ 25.626243] ================================================================== [ 25.626640] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 25.627081] Write of size 8 at addr ffff888105376d88 by task kunit_try_catch/310 [ 25.627429] [ 25.627537] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 25.627607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.627620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.627640] Call Trace: [ 25.627660] <TASK> [ 25.627677] dump_stack_lvl+0x73/0xb0 [ 25.627706] print_report+0xd1/0x610 [ 25.627728] ? __virt_addr_valid+0x1db/0x2d0 [ 25.627752] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 25.627779] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.627804] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 25.627831] kasan_report+0x141/0x180 [ 25.627852] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 25.627882] kasan_check_range+0x10c/0x1c0 [ 25.627905] __kasan_check_write+0x18/0x20 [ 25.627929] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 25.627956] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.627983] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.628006] ? finish_task_switch.isra.0+0x156/0x700 [ 25.628028] ? kasan_bitops_generic+0x92/0x1c0 [ 25.628054] kasan_bitops_generic+0x121/0x1c0 [ 25.628078] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.628103] ? __pfx_read_tsc+0x10/0x10 [ 25.628125] ? ktime_get_ts64+0x86/0x230 [ 25.628150] kunit_try_run_case+0x1a5/0x480 [ 25.628173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.628195] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.628218] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.628241] ? __kthread_parkme+0x82/0x180 [ 25.628261] ? preempt_count_sub+0x50/0x80 [ 25.628283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.628316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.628343] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.628370] kthread+0x337/0x6f0 [ 25.628389] ? trace_preempt_on+0x20/0xc0 [ 25.628413] ? __pfx_kthread+0x10/0x10 [ 25.628433] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.628454] ? calculate_sigpending+0x7b/0xa0 [ 25.628478] ? __pfx_kthread+0x10/0x10 [ 25.628499] ret_from_fork+0x116/0x1d0 [ 25.628518] ? __pfx_kthread+0x10/0x10 [ 25.628538] ret_from_fork_asm+0x1a/0x30 [ 25.628586] </TASK> [ 25.628596] [ 25.637504] Allocated by task 310: [ 25.637751] kasan_save_stack+0x45/0x70 [ 25.637892] kasan_save_track+0x18/0x40 [ 25.638021] kasan_save_alloc_info+0x3b/0x50 [ 25.638164] __kasan_kmalloc+0xb7/0xc0 [ 25.638290] __kmalloc_cache_noprof+0x189/0x420 [ 25.638447] kasan_bitops_generic+0x92/0x1c0 [ 25.638695] kunit_try_run_case+0x1a5/0x480 [ 25.639053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.639514] kthread+0x337/0x6f0 [ 25.639836] ret_from_fork+0x116/0x1d0 [ 25.640173] ret_from_fork_asm+0x1a/0x30 [ 25.640525] [ 25.640705] The buggy address belongs to the object at ffff888105376d80 [ 25.640705] which belongs to the cache kmalloc-16 of size 16 [ 25.641733] The buggy address is located 8 bytes inside of [ 25.641733] allocated 9-byte region [ffff888105376d80, ffff888105376d89) [ 25.642752] [ 25.642905] The buggy address belongs to the physical page: [ 25.643376] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105376 [ 25.644043] flags: 0x200000000000000(node=0|zone=2) [ 25.644470] page_type: f5(slab) [ 25.644786] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.645423] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.646063] page dumped because: kasan: bad access detected [ 25.646532] [ 25.646702] Memory state around the buggy address: [ 25.646993] ffff888105376c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.647204] ffff888105376d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.647668] >ffff888105376d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.648289] ^ [ 25.648651] ffff888105376e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.649269] ffff888105376e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.649798] ================================================================== [ 25.650874] ================================================================== [ 25.651613] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 25.652824] Write of size 8 at addr ffff888105376d88 by task kunit_try_catch/310 [ 25.653456] [ 25.653661] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 25.653716] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.653728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.653750] Call Trace: [ 25.653770] <TASK> [ 25.653789] dump_stack_lvl+0x73/0xb0 [ 25.653823] print_report+0xd1/0x610 [ 25.653845] ? __virt_addr_valid+0x1db/0x2d0 [ 25.653870] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 25.653896] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.653921] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 25.653948] kasan_report+0x141/0x180 [ 25.653970] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 25.654000] kasan_check_range+0x10c/0x1c0 [ 25.654023] __kasan_check_write+0x18/0x20 [ 25.654046] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 25.654072] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.654100] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.654124] ? finish_task_switch.isra.0+0x156/0x700 [ 25.654146] ? kasan_bitops_generic+0x92/0x1c0 [ 25.654172] kasan_bitops_generic+0x121/0x1c0 [ 25.654195] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.654219] ? __pfx_read_tsc+0x10/0x10 [ 25.654243] ? ktime_get_ts64+0x86/0x230 [ 25.654269] kunit_try_run_case+0x1a5/0x480 [ 25.654294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.654327] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.654351] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.654374] ? __kthread_parkme+0x82/0x180 [ 25.654395] ? preempt_count_sub+0x50/0x80 [ 25.654419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.654443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.654470] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.654496] kthread+0x337/0x6f0 [ 25.654515] ? trace_preempt_on+0x20/0xc0 [ 25.654539] ? __pfx_kthread+0x10/0x10 [ 25.654559] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.654601] ? calculate_sigpending+0x7b/0xa0 [ 25.654625] ? __pfx_kthread+0x10/0x10 [ 25.654646] ret_from_fork+0x116/0x1d0 [ 25.654666] ? __pfx_kthread+0x10/0x10 [ 25.654686] ret_from_fork_asm+0x1a/0x30 [ 25.654718] </TASK> [ 25.654728] [ 25.667477] Allocated by task 310: [ 25.667825] kasan_save_stack+0x45/0x70 [ 25.668192] kasan_save_track+0x18/0x40 [ 25.668531] kasan_save_alloc_info+0x3b/0x50 [ 25.668933] __kasan_kmalloc+0xb7/0xc0 [ 25.669257] __kmalloc_cache_noprof+0x189/0x420 [ 25.669611] kasan_bitops_generic+0x92/0x1c0 [ 25.669893] kunit_try_run_case+0x1a5/0x480 [ 25.670036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.670207] kthread+0x337/0x6f0 [ 25.670333] ret_from_fork+0x116/0x1d0 [ 25.670461] ret_from_fork_asm+0x1a/0x30 [ 25.670675] [ 25.670824] The buggy address belongs to the object at ffff888105376d80 [ 25.670824] which belongs to the cache kmalloc-16 of size 16 [ 25.671855] The buggy address is located 8 bytes inside of [ 25.671855] allocated 9-byte region [ffff888105376d80, ffff888105376d89) [ 25.672859] [ 25.673019] The buggy address belongs to the physical page: [ 25.673496] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105376 [ 25.674184] flags: 0x200000000000000(node=0|zone=2) [ 25.674651] page_type: f5(slab) [ 25.674940] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.675329] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.675550] page dumped because: kasan: bad access detected [ 25.676027] [ 25.676172] Memory state around the buggy address: [ 25.676612] ffff888105376c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.677218] ffff888105376d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.677847] >ffff888105376d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.678067] ^ [ 25.678187] ffff888105376e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.678619] ffff888105376e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.679189] ================================================================== [ 25.680297] ================================================================== [ 25.681518] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 25.682064] Write of size 8 at addr ffff888105376d88 by task kunit_try_catch/310 [ 25.682287] [ 25.682387] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 25.682442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.682454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.682476] Call Trace: [ 25.682499] <TASK> [ 25.682518] dump_stack_lvl+0x73/0xb0 [ 25.682548] print_report+0xd1/0x610 [ 25.682597] ? __virt_addr_valid+0x1db/0x2d0 [ 25.682624] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 25.682653] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.682679] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 25.682706] kasan_report+0x141/0x180 [ 25.682728] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 25.682759] kasan_check_range+0x10c/0x1c0 [ 25.682782] __kasan_check_write+0x18/0x20 [ 25.682805] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 25.682832] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.682859] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.682885] ? finish_task_switch.isra.0+0x156/0x700 [ 25.682907] ? kasan_bitops_generic+0x92/0x1c0 [ 25.682934] kasan_bitops_generic+0x121/0x1c0 [ 25.682959] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.682984] ? __pfx_read_tsc+0x10/0x10 [ 25.683007] ? ktime_get_ts64+0x86/0x230 [ 25.683032] kunit_try_run_case+0x1a5/0x480 [ 25.683057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.683079] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.683102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.683125] ? __kthread_parkme+0x82/0x180 [ 25.683145] ? preempt_count_sub+0x50/0x80 [ 25.683168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.683191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.683218] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.683245] kthread+0x337/0x6f0 [ 25.683264] ? trace_preempt_on+0x20/0xc0 [ 25.683288] ? __pfx_kthread+0x10/0x10 [ 25.683319] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.683340] ? calculate_sigpending+0x7b/0xa0 [ 25.683364] ? __pfx_kthread+0x10/0x10 [ 25.683385] ret_from_fork+0x116/0x1d0 [ 25.683404] ? __pfx_kthread+0x10/0x10 [ 25.683425] ret_from_fork_asm+0x1a/0x30 [ 25.683457] </TASK> [ 25.683468] [ 25.693371] Allocated by task 310: [ 25.693558] kasan_save_stack+0x45/0x70 [ 25.693787] kasan_save_track+0x18/0x40 [ 25.693953] kasan_save_alloc_info+0x3b/0x50 [ 25.694121] __kasan_kmalloc+0xb7/0xc0 [ 25.694314] __kmalloc_cache_noprof+0x189/0x420 [ 25.694495] kasan_bitops_generic+0x92/0x1c0 [ 25.694722] kunit_try_run_case+0x1a5/0x480 [ 25.694905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.695122] kthread+0x337/0x6f0 [ 25.695279] ret_from_fork+0x116/0x1d0 [ 25.695418] ret_from_fork_asm+0x1a/0x30 [ 25.695551] [ 25.695634] The buggy address belongs to the object at ffff888105376d80 [ 25.695634] which belongs to the cache kmalloc-16 of size 16 [ 25.696121] The buggy address is located 8 bytes inside of [ 25.696121] allocated 9-byte region [ffff888105376d80, ffff888105376d89) [ 25.696647] [ 25.696716] The buggy address belongs to the physical page: [ 25.696884] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105376 [ 25.697152] flags: 0x200000000000000(node=0|zone=2) [ 25.697393] page_type: f5(slab) [ 25.697559] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.697917] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.698248] page dumped because: kasan: bad access detected [ 25.698461] [ 25.698548] Memory state around the buggy address: [ 25.698764] ffff888105376c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.699054] ffff888105376d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.699330] >ffff888105376d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.699625] ^ [ 25.699793] ffff888105376e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.700057] ffff888105376e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.700316] ================================================================== [ 25.718702] ================================================================== [ 25.719348] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 25.719854] Read of size 8 at addr ffff888105376d88 by task kunit_try_catch/310 [ 25.720181] [ 25.720293] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) [ 25.720358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.720371] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.720392] Call Trace: [ 25.720411] <TASK> [ 25.720428] dump_stack_lvl+0x73/0xb0 [ 25.720458] print_report+0xd1/0x610 [ 25.720479] ? __virt_addr_valid+0x1db/0x2d0 [ 25.720503] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 25.720531] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.720557] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 25.720606] kasan_report+0x141/0x180 [ 25.720628] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 25.720659] __asan_report_load8_noabort+0x18/0x20 [ 25.720682] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 25.720709] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 25.720737] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.720761] ? finish_task_switch.isra.0+0x156/0x700 [ 25.720785] ? kasan_bitops_generic+0x92/0x1c0 [ 25.720811] kasan_bitops_generic+0x121/0x1c0 [ 25.720834] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 25.720859] ? __pfx_read_tsc+0x10/0x10 [ 25.720882] ? ktime_get_ts64+0x86/0x230 [ 25.720907] kunit_try_run_case+0x1a5/0x480 [ 25.720932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.720954] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.720977] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.721000] ? __kthread_parkme+0x82/0x180 [ 25.721020] ? preempt_count_sub+0x50/0x80 [ 25.721042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.721065] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.721092] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.721118] kthread+0x337/0x6f0 [ 25.721138] ? trace_preempt_on+0x20/0xc0 [ 25.723017] ? __pfx_kthread+0x10/0x10 [ 25.723046] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.723071] ? calculate_sigpending+0x7b/0xa0 [ 25.723096] ? __pfx_kthread+0x10/0x10 [ 25.723118] ret_from_fork+0x116/0x1d0 [ 25.723140] ? __pfx_kthread+0x10/0x10 [ 25.723161] ret_from_fork_asm+0x1a/0x30 [ 25.723192] </TASK> [ 25.723203] [ 25.736651] Allocated by task 310: [ 25.736818] kasan_save_stack+0x45/0x70 [ 25.737023] kasan_save_track+0x18/0x40 [ 25.737210] kasan_save_alloc_info+0x3b/0x50 [ 25.737395] __kasan_kmalloc+0xb7/0xc0 [ 25.737598] __kmalloc_cache_noprof+0x189/0x420 [ 25.737809] kasan_bitops_generic+0x92/0x1c0 [ 25.738003] kunit_try_run_case+0x1a5/0x480 [ 25.738184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.738396] kthread+0x337/0x6f0 [ 25.738559] ret_from_fork+0x116/0x1d0 [ 25.738722] ret_from_fork_asm+0x1a/0x30 [ 25.738894] [ 25.738962] The buggy address belongs to the object at ffff888105376d80 [ 25.738962] which belongs to the cache kmalloc-16 of size 16 [ 25.739480] The buggy address is located 8 bytes inside of [ 25.739480] allocated 9-byte region [ffff888105376d80, ffff888105376d89) [ 25.739964] [ 25.740055] The buggy address belongs to the physical page: [ 25.740261] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105376 [ 25.740622] flags: 0x200000000000000(node=0|zone=2) [ 25.740815] page_type: f5(slab) [ 25.740978] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 25.741210] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 25.741572] page dumped because: kasan: bad access detected [ 25.741817] [ 25.741888] Memory state around the buggy address: [ 25.742126] ffff888105376c80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.742404] ffff888105376d00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 25.742716] >ffff888105376d80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.742923] ^ [ 25.743067] ffff888105376e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.743408] ffff888105376e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.743717] ==================================================================