Date
July 17, 2025, 10:12 a.m.
| Environment | |
|---|---|
| qemu-x86_64 |
[ 27.925826] ================================================================== [ 27.926326] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 27.926858] Write of size 8 at addr ffff8881048d1b08 by task kunit_try_catch/310 [ 27.927228] [ 27.927305] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250717 #1 PREEMPT(voluntary) [ 27.927351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.927362] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.927383] Call Trace: [ 27.927395] <TASK> [ 27.927408] dump_stack_lvl+0x73/0xb0 [ 27.927458] print_report+0xd1/0x610 [ 27.927479] ? __virt_addr_valid+0x1db/0x2d0 [ 27.927514] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 27.927549] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.927574] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 27.927611] kasan_report+0x141/0x180 [ 27.927633] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 27.927665] kasan_check_range+0x10c/0x1c0 [ 27.927687] __kasan_check_write+0x18/0x20 [ 27.927710] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 27.927745] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.927772] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.927795] ? trace_hardirqs_on+0x37/0xe0 [ 27.927827] ? kasan_bitops_generic+0x92/0x1c0 [ 27.927853] kasan_bitops_generic+0x121/0x1c0 [ 27.927876] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.927900] ? __pfx_read_tsc+0x10/0x10 [ 27.927921] ? ktime_get_ts64+0x86/0x230 [ 27.927944] kunit_try_run_case+0x1a5/0x480 [ 27.927967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.927988] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.928011] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.928034] ? __kthread_parkme+0x82/0x180 [ 27.928058] ? preempt_count_sub+0x50/0x80 [ 27.928092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.928115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.928138] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.928169] kthread+0x337/0x6f0 [ 27.928187] ? trace_preempt_on+0x20/0xc0 [ 27.928209] ? __pfx_kthread+0x10/0x10 [ 27.928239] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.928259] ? calculate_sigpending+0x7b/0xa0 [ 27.928293] ? __pfx_kthread+0x10/0x10 [ 27.928313] ret_from_fork+0x116/0x1d0 [ 27.928331] ? __pfx_kthread+0x10/0x10 [ 27.928350] ret_from_fork_asm+0x1a/0x30 [ 27.928390] </TASK> [ 27.928400] [ 27.936211] Allocated by task 310: [ 27.936452] kasan_save_stack+0x45/0x70 [ 27.936646] kasan_save_track+0x18/0x40 [ 27.936805] kasan_save_alloc_info+0x3b/0x50 [ 27.937009] __kasan_kmalloc+0xb7/0xc0 [ 27.937203] __kmalloc_cache_noprof+0x189/0x420 [ 27.937436] kasan_bitops_generic+0x92/0x1c0 [ 27.937640] kunit_try_run_case+0x1a5/0x480 [ 27.937841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.938074] kthread+0x337/0x6f0 [ 27.938246] ret_from_fork+0x116/0x1d0 [ 27.938423] ret_from_fork_asm+0x1a/0x30 [ 27.938615] [ 27.938678] The buggy address belongs to the object at ffff8881048d1b00 [ 27.938678] which belongs to the cache kmalloc-16 of size 16 [ 27.939019] The buggy address is located 8 bytes inside of [ 27.939019] allocated 9-byte region [ffff8881048d1b00, ffff8881048d1b09) [ 27.939529] [ 27.939626] The buggy address belongs to the physical page: [ 27.939841] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1048d1 [ 27.940073] flags: 0x200000000000000(node=0|zone=2) [ 27.940234] page_type: f5(slab) [ 27.940347] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.941000] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.941368] page dumped because: kasan: bad access detected [ 27.941635] [ 27.941723] Memory state around the buggy address: [ 27.941963] ffff8881048d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.942199] ffff8881048d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.942756] >ffff8881048d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.943046] ^ [ 27.943239] ffff8881048d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.943585] ffff8881048d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.943874] ================================================================== [ 27.907758] ================================================================== [ 27.908359] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 27.908728] Write of size 8 at addr ffff8881048d1b08 by task kunit_try_catch/310 [ 27.909040] [ 27.909153] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250717 #1 PREEMPT(voluntary) [ 27.909198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.909210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.909230] Call Trace: [ 27.909255] <TASK> [ 27.909268] dump_stack_lvl+0x73/0xb0 [ 27.909296] print_report+0xd1/0x610 [ 27.909338] ? __virt_addr_valid+0x1db/0x2d0 [ 27.909360] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 27.909386] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.909411] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 27.909448] kasan_report+0x141/0x180 [ 27.909470] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 27.909502] kasan_check_range+0x10c/0x1c0 [ 27.909535] __kasan_check_write+0x18/0x20 [ 27.909558] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 27.909585] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.909612] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.909644] ? trace_hardirqs_on+0x37/0xe0 [ 27.909666] ? kasan_bitops_generic+0x92/0x1c0 [ 27.909693] kasan_bitops_generic+0x121/0x1c0 [ 27.909726] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.909749] ? __pfx_read_tsc+0x10/0x10 [ 27.909769] ? ktime_get_ts64+0x86/0x230 [ 27.909801] kunit_try_run_case+0x1a5/0x480 [ 27.909823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.909845] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.909878] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.909901] ? __kthread_parkme+0x82/0x180 [ 27.909929] ? preempt_count_sub+0x50/0x80 [ 27.909951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.909983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.910006] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.910028] kthread+0x337/0x6f0 [ 27.910057] ? trace_preempt_on+0x20/0xc0 [ 27.910089] ? __pfx_kthread+0x10/0x10 [ 27.910109] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.910129] ? calculate_sigpending+0x7b/0xa0 [ 27.910160] ? __pfx_kthread+0x10/0x10 [ 27.910181] ret_from_fork+0x116/0x1d0 [ 27.910199] ? __pfx_kthread+0x10/0x10 [ 27.910228] ret_from_fork_asm+0x1a/0x30 [ 27.910259] </TASK> [ 27.910269] [ 27.918237] Allocated by task 310: [ 27.918462] kasan_save_stack+0x45/0x70 [ 27.918607] kasan_save_track+0x18/0x40 [ 27.918793] kasan_save_alloc_info+0x3b/0x50 [ 27.919013] __kasan_kmalloc+0xb7/0xc0 [ 27.919178] __kmalloc_cache_noprof+0x189/0x420 [ 27.919402] kasan_bitops_generic+0x92/0x1c0 [ 27.919606] kunit_try_run_case+0x1a5/0x480 [ 27.919797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.919989] kthread+0x337/0x6f0 [ 27.920170] ret_from_fork+0x116/0x1d0 [ 27.920366] ret_from_fork_asm+0x1a/0x30 [ 27.920549] [ 27.920649] The buggy address belongs to the object at ffff8881048d1b00 [ 27.920649] which belongs to the cache kmalloc-16 of size 16 [ 27.921140] The buggy address is located 8 bytes inside of [ 27.921140] allocated 9-byte region [ffff8881048d1b00, ffff8881048d1b09) [ 27.921632] [ 27.921697] The buggy address belongs to the physical page: [ 27.921860] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1048d1 [ 27.922105] flags: 0x200000000000000(node=0|zone=2) [ 27.922258] page_type: f5(slab) [ 27.922412] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.922755] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.923089] page dumped because: kasan: bad access detected [ 27.923372] [ 27.923456] Memory state around the buggy address: [ 27.923648] ffff8881048d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.923920] ffff8881048d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.924137] >ffff8881048d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.924340] ^ [ 27.924453] ffff8881048d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.924812] ffff8881048d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.925160] ================================================================== [ 27.999587] ================================================================== [ 28.000056] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 28.000419] Read of size 8 at addr ffff8881048d1b08 by task kunit_try_catch/310 [ 28.000642] [ 28.000719] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250717 #1 PREEMPT(voluntary) [ 28.000765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.000777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.000798] Call Trace: [ 28.000810] <TASK> [ 28.000825] dump_stack_lvl+0x73/0xb0 [ 28.000853] print_report+0xd1/0x610 [ 28.000875] ? __virt_addr_valid+0x1db/0x2d0 [ 28.000897] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 28.000923] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.000949] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 28.000975] kasan_report+0x141/0x180 [ 28.000997] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 28.001028] kasan_check_range+0x10c/0x1c0 [ 28.001051] __kasan_check_read+0x15/0x20 [ 28.001074] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 28.001111] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.001139] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.001162] ? trace_hardirqs_on+0x37/0xe0 [ 28.001184] ? kasan_bitops_generic+0x92/0x1c0 [ 28.001211] kasan_bitops_generic+0x121/0x1c0 [ 28.001233] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.001257] ? __pfx_read_tsc+0x10/0x10 [ 28.001278] ? ktime_get_ts64+0x86/0x230 [ 28.001301] kunit_try_run_case+0x1a5/0x480 [ 28.001324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.001346] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.001368] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.001439] ? __kthread_parkme+0x82/0x180 [ 28.001462] ? preempt_count_sub+0x50/0x80 [ 28.001484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.001519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.001542] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.001564] kthread+0x337/0x6f0 [ 28.001583] ? trace_preempt_on+0x20/0xc0 [ 28.001606] ? __pfx_kthread+0x10/0x10 [ 28.001626] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.001647] ? calculate_sigpending+0x7b/0xa0 [ 28.001669] ? __pfx_kthread+0x10/0x10 [ 28.001690] ret_from_fork+0x116/0x1d0 [ 28.001708] ? __pfx_kthread+0x10/0x10 [ 28.001729] ret_from_fork_asm+0x1a/0x30 [ 28.001759] </TASK> [ 28.001769] [ 28.014161] Allocated by task 310: [ 28.014353] kasan_save_stack+0x45/0x70 [ 28.014750] kasan_save_track+0x18/0x40 [ 28.015132] kasan_save_alloc_info+0x3b/0x50 [ 28.015322] __kasan_kmalloc+0xb7/0xc0 [ 28.015609] __kmalloc_cache_noprof+0x189/0x420 [ 28.015941] kasan_bitops_generic+0x92/0x1c0 [ 28.016094] kunit_try_run_case+0x1a5/0x480 [ 28.016232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.016732] kthread+0x337/0x6f0 [ 28.017044] ret_from_fork+0x116/0x1d0 [ 28.017414] ret_from_fork_asm+0x1a/0x30 [ 28.017787] [ 28.017952] The buggy address belongs to the object at ffff8881048d1b00 [ 28.017952] which belongs to the cache kmalloc-16 of size 16 [ 28.019114] The buggy address is located 8 bytes inside of [ 28.019114] allocated 9-byte region [ffff8881048d1b00, ffff8881048d1b09) [ 28.019744] [ 28.019901] The buggy address belongs to the physical page: [ 28.020409] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1048d1 [ 28.021071] flags: 0x200000000000000(node=0|zone=2) [ 28.021548] page_type: f5(slab) [ 28.021799] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.022031] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.022260] page dumped because: kasan: bad access detected [ 28.022744] [ 28.022907] Memory state around the buggy address: [ 28.023373] ffff8881048d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.023967] ffff8881048d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.024585] >ffff8881048d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.025198] ^ [ 28.025571] ffff8881048d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.026058] ffff8881048d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.026401] ================================================================== [ 27.882587] ================================================================== [ 27.883076] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 27.883928] Write of size 8 at addr ffff8881048d1b08 by task kunit_try_catch/310 [ 27.884828] [ 27.885051] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250717 #1 PREEMPT(voluntary) [ 27.885111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.885124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.885145] Call Trace: [ 27.885159] <TASK> [ 27.885175] dump_stack_lvl+0x73/0xb0 [ 27.885204] print_report+0xd1/0x610 [ 27.885226] ? __virt_addr_valid+0x1db/0x2d0 [ 27.885249] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 27.885276] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.885334] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 27.885362] kasan_report+0x141/0x180 [ 27.885384] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 27.885427] kasan_check_range+0x10c/0x1c0 [ 27.885449] __kasan_check_write+0x18/0x20 [ 27.885472] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 27.885499] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.885527] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.885549] ? trace_hardirqs_on+0x37/0xe0 [ 27.885571] ? kasan_bitops_generic+0x92/0x1c0 [ 27.885598] kasan_bitops_generic+0x121/0x1c0 [ 27.885620] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.885645] ? __pfx_read_tsc+0x10/0x10 [ 27.885667] ? ktime_get_ts64+0x86/0x230 [ 27.885690] kunit_try_run_case+0x1a5/0x480 [ 27.885713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.885734] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.885757] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.885779] ? __kthread_parkme+0x82/0x180 [ 27.885802] ? preempt_count_sub+0x50/0x80 [ 27.885825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.885847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.885870] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.885893] kthread+0x337/0x6f0 [ 27.885911] ? trace_preempt_on+0x20/0xc0 [ 27.885938] ? __pfx_kthread+0x10/0x10 [ 27.885958] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.885978] ? calculate_sigpending+0x7b/0xa0 [ 27.886001] ? __pfx_kthread+0x10/0x10 [ 27.886022] ret_from_fork+0x116/0x1d0 [ 27.886040] ? __pfx_kthread+0x10/0x10 [ 27.886060] ret_from_fork_asm+0x1a/0x30 [ 27.886099] </TASK> [ 27.886109] [ 27.898751] Allocated by task 310: [ 27.898872] kasan_save_stack+0x45/0x70 [ 27.899008] kasan_save_track+0x18/0x40 [ 27.899145] kasan_save_alloc_info+0x3b/0x50 [ 27.899290] __kasan_kmalloc+0xb7/0xc0 [ 27.899634] __kmalloc_cache_noprof+0x189/0x420 [ 27.900031] kasan_bitops_generic+0x92/0x1c0 [ 27.900416] kunit_try_run_case+0x1a5/0x480 [ 27.900690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.900942] kthread+0x337/0x6f0 [ 27.901266] ret_from_fork+0x116/0x1d0 [ 27.901620] ret_from_fork_asm+0x1a/0x30 [ 27.901804] [ 27.901888] The buggy address belongs to the object at ffff8881048d1b00 [ 27.901888] which belongs to the cache kmalloc-16 of size 16 [ 27.902983] The buggy address is located 8 bytes inside of [ 27.902983] allocated 9-byte region [ffff8881048d1b00, ffff8881048d1b09) [ 27.903574] [ 27.903640] The buggy address belongs to the physical page: [ 27.903805] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1048d1 [ 27.904035] flags: 0x200000000000000(node=0|zone=2) [ 27.904220] page_type: f5(slab) [ 27.904411] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.904691] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.904942] page dumped because: kasan: bad access detected [ 27.905220] [ 27.905319] Memory state around the buggy address: [ 27.905560] ffff8881048d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.905839] ffff8881048d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.906056] >ffff8881048d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.906403] ^ [ 27.906575] ffff8881048d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.906816] ffff8881048d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.907145] ================================================================== [ 27.981695] ================================================================== [ 27.982063] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 27.982542] Write of size 8 at addr ffff8881048d1b08 by task kunit_try_catch/310 [ 27.982881] [ 27.982967] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250717 #1 PREEMPT(voluntary) [ 27.983013] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.983025] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.983046] Call Trace: [ 27.983058] <TASK> [ 27.983070] dump_stack_lvl+0x73/0xb0 [ 27.983110] print_report+0xd1/0x610 [ 27.983133] ? __virt_addr_valid+0x1db/0x2d0 [ 27.983156] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 27.983182] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.983208] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 27.983234] kasan_report+0x141/0x180 [ 27.983256] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 27.983298] kasan_check_range+0x10c/0x1c0 [ 27.983321] __kasan_check_write+0x18/0x20 [ 27.983343] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 27.983371] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.983398] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.983421] ? trace_hardirqs_on+0x37/0xe0 [ 27.983443] ? kasan_bitops_generic+0x92/0x1c0 [ 27.983471] kasan_bitops_generic+0x121/0x1c0 [ 27.983493] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.983518] ? __pfx_read_tsc+0x10/0x10 [ 27.983538] ? ktime_get_ts64+0x86/0x230 [ 27.983561] kunit_try_run_case+0x1a5/0x480 [ 27.983584] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.983606] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.983628] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.983651] ? __kthread_parkme+0x82/0x180 [ 27.983675] ? preempt_count_sub+0x50/0x80 [ 27.983698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.983721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.983743] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.983765] kthread+0x337/0x6f0 [ 27.983783] ? trace_preempt_on+0x20/0xc0 [ 27.983805] ? __pfx_kthread+0x10/0x10 [ 27.983825] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.983846] ? calculate_sigpending+0x7b/0xa0 [ 27.983868] ? __pfx_kthread+0x10/0x10 [ 27.983889] ret_from_fork+0x116/0x1d0 [ 27.983907] ? __pfx_kthread+0x10/0x10 [ 27.983927] ret_from_fork_asm+0x1a/0x30 [ 27.983959] </TASK> [ 27.983968] [ 27.991572] Allocated by task 310: [ 27.991744] kasan_save_stack+0x45/0x70 [ 27.991897] kasan_save_track+0x18/0x40 [ 27.992103] kasan_save_alloc_info+0x3b/0x50 [ 27.992275] __kasan_kmalloc+0xb7/0xc0 [ 27.992462] __kmalloc_cache_noprof+0x189/0x420 [ 27.992674] kasan_bitops_generic+0x92/0x1c0 [ 27.992869] kunit_try_run_case+0x1a5/0x480 [ 27.993004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.993176] kthread+0x337/0x6f0 [ 27.993310] ret_from_fork+0x116/0x1d0 [ 27.993507] ret_from_fork_asm+0x1a/0x30 [ 27.993692] [ 27.993775] The buggy address belongs to the object at ffff8881048d1b00 [ 27.993775] which belongs to the cache kmalloc-16 of size 16 [ 27.994292] The buggy address is located 8 bytes inside of [ 27.994292] allocated 9-byte region [ffff8881048d1b00, ffff8881048d1b09) [ 27.994756] [ 27.994819] The buggy address belongs to the physical page: [ 27.994989] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1048d1 [ 27.995384] flags: 0x200000000000000(node=0|zone=2) [ 27.995634] page_type: f5(slab) [ 27.995817] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.996130] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.996527] page dumped because: kasan: bad access detected [ 27.996740] [ 27.996831] Memory state around the buggy address: [ 27.997033] ffff8881048d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.997332] ffff8881048d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.997615] >ffff8881048d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.997893] ^ [ 27.998063] ffff8881048d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.998393] ffff8881048d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.998705] ================================================================== [ 28.027138] ================================================================== [ 28.028027] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 28.028975] Read of size 8 at addr ffff8881048d1b08 by task kunit_try_catch/310 [ 28.029819] [ 28.030018] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250717 #1 PREEMPT(voluntary) [ 28.030066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.030087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.030108] Call Trace: [ 28.030120] <TASK> [ 28.030134] dump_stack_lvl+0x73/0xb0 [ 28.030164] print_report+0xd1/0x610 [ 28.030195] ? __virt_addr_valid+0x1db/0x2d0 [ 28.030218] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 28.030243] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.030280] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 28.030309] kasan_report+0x141/0x180 [ 28.030331] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 28.030362] __asan_report_load8_noabort+0x18/0x20 [ 28.030387] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 28.030413] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 28.030441] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.030464] ? trace_hardirqs_on+0x37/0xe0 [ 28.030487] ? kasan_bitops_generic+0x92/0x1c0 [ 28.030514] kasan_bitops_generic+0x121/0x1c0 [ 28.030537] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.030561] ? __pfx_read_tsc+0x10/0x10 [ 28.030580] ? ktime_get_ts64+0x86/0x230 [ 28.030604] kunit_try_run_case+0x1a5/0x480 [ 28.030627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.030648] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.030671] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.030694] ? __kthread_parkme+0x82/0x180 [ 28.030716] ? preempt_count_sub+0x50/0x80 [ 28.030740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.030763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.030785] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.030807] kthread+0x337/0x6f0 [ 28.030826] ? trace_preempt_on+0x20/0xc0 [ 28.030847] ? __pfx_kthread+0x10/0x10 [ 28.030868] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.030888] ? calculate_sigpending+0x7b/0xa0 [ 28.030910] ? __pfx_kthread+0x10/0x10 [ 28.030931] ret_from_fork+0x116/0x1d0 [ 28.030949] ? __pfx_kthread+0x10/0x10 [ 28.030969] ret_from_fork_asm+0x1a/0x30 [ 28.030999] </TASK> [ 28.031009] [ 28.039661] Allocated by task 310: [ 28.039860] kasan_save_stack+0x45/0x70 [ 28.040091] kasan_save_track+0x18/0x40 [ 28.040258] kasan_save_alloc_info+0x3b/0x50 [ 28.040400] __kasan_kmalloc+0xb7/0xc0 [ 28.040590] __kmalloc_cache_noprof+0x189/0x420 [ 28.040838] kasan_bitops_generic+0x92/0x1c0 [ 28.041026] kunit_try_run_case+0x1a5/0x480 [ 28.041195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.041363] kthread+0x337/0x6f0 [ 28.041499] ret_from_fork+0x116/0x1d0 [ 28.041702] ret_from_fork_asm+0x1a/0x30 [ 28.041891] [ 28.042009] The buggy address belongs to the object at ffff8881048d1b00 [ 28.042009] which belongs to the cache kmalloc-16 of size 16 [ 28.042647] The buggy address is located 8 bytes inside of [ 28.042647] allocated 9-byte region [ffff8881048d1b00, ffff8881048d1b09) [ 28.043153] [ 28.043241] The buggy address belongs to the physical page: [ 28.043488] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1048d1 [ 28.043819] flags: 0x200000000000000(node=0|zone=2) [ 28.044043] page_type: f5(slab) [ 28.044216] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.044569] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.044894] page dumped because: kasan: bad access detected [ 28.045127] [ 28.045214] Memory state around the buggy address: [ 28.045448] ffff8881048d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.045718] ffff8881048d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.045985] >ffff8881048d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.046266] ^ [ 28.046457] ffff8881048d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.046769] ffff8881048d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.046977] ================================================================== [ 27.962589] ================================================================== [ 27.963383] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 27.963793] Write of size 8 at addr ffff8881048d1b08 by task kunit_try_catch/310 [ 27.964149] [ 27.964228] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250717 #1 PREEMPT(voluntary) [ 27.964289] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.964300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.964321] Call Trace: [ 27.964336] <TASK> [ 27.964349] dump_stack_lvl+0x73/0xb0 [ 27.964389] print_report+0xd1/0x610 [ 27.964410] ? __virt_addr_valid+0x1db/0x2d0 [ 27.964446] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 27.964472] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.964498] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 27.964535] kasan_report+0x141/0x180 [ 27.964557] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 27.964588] kasan_check_range+0x10c/0x1c0 [ 27.964611] __kasan_check_write+0x18/0x20 [ 27.964633] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 27.964661] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.964688] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.964711] ? trace_hardirqs_on+0x37/0xe0 [ 27.964733] ? kasan_bitops_generic+0x92/0x1c0 [ 27.964760] kasan_bitops_generic+0x121/0x1c0 [ 27.964783] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.964807] ? __pfx_read_tsc+0x10/0x10 [ 27.964827] ? ktime_get_ts64+0x86/0x230 [ 27.964850] kunit_try_run_case+0x1a5/0x480 [ 27.964883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.964905] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.964929] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.964962] ? __kthread_parkme+0x82/0x180 [ 27.964985] ? preempt_count_sub+0x50/0x80 [ 27.965007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.965038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.965060] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.965099] kthread+0x337/0x6f0 [ 27.965118] ? trace_preempt_on+0x20/0xc0 [ 27.965140] ? __pfx_kthread+0x10/0x10 [ 27.965160] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.965182] ? calculate_sigpending+0x7b/0xa0 [ 27.965213] ? __pfx_kthread+0x10/0x10 [ 27.965234] ret_from_fork+0x116/0x1d0 [ 27.965252] ? __pfx_kthread+0x10/0x10 [ 27.965271] ret_from_fork_asm+0x1a/0x30 [ 27.965321] </TASK> [ 27.965331] [ 27.973482] Allocated by task 310: [ 27.973630] kasan_save_stack+0x45/0x70 [ 27.973821] kasan_save_track+0x18/0x40 [ 27.973990] kasan_save_alloc_info+0x3b/0x50 [ 27.974188] __kasan_kmalloc+0xb7/0xc0 [ 27.974396] __kmalloc_cache_noprof+0x189/0x420 [ 27.974600] kasan_bitops_generic+0x92/0x1c0 [ 27.974778] kunit_try_run_case+0x1a5/0x480 [ 27.974915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.975201] kthread+0x337/0x6f0 [ 27.975400] ret_from_fork+0x116/0x1d0 [ 27.975577] ret_from_fork_asm+0x1a/0x30 [ 27.975752] [ 27.975837] The buggy address belongs to the object at ffff8881048d1b00 [ 27.975837] which belongs to the cache kmalloc-16 of size 16 [ 27.976343] The buggy address is located 8 bytes inside of [ 27.976343] allocated 9-byte region [ffff8881048d1b00, ffff8881048d1b09) [ 27.976677] [ 27.976738] The buggy address belongs to the physical page: [ 27.976896] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1048d1 [ 27.977149] flags: 0x200000000000000(node=0|zone=2) [ 27.977389] page_type: f5(slab) [ 27.977547] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.978128] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.978341] page dumped because: kasan: bad access detected [ 27.978498] [ 27.978557] Memory state around the buggy address: [ 27.978696] ffff8881048d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.979151] ffff8881048d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.979487] >ffff8881048d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.979824] ^ [ 27.980013] ffff8881048d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.980543] ffff8881048d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.980886] ================================================================== [ 27.857327] ================================================================== [ 27.858008] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 27.858433] Write of size 8 at addr ffff8881048d1b08 by task kunit_try_catch/310 [ 27.858732] [ 27.858814] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250717 #1 PREEMPT(voluntary) [ 27.858859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.858871] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.858891] Call Trace: [ 27.858904] <TASK> [ 27.858917] dump_stack_lvl+0x73/0xb0 [ 27.858945] print_report+0xd1/0x610 [ 27.858967] ? __virt_addr_valid+0x1db/0x2d0 [ 27.858989] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 27.859015] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.859040] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 27.859067] kasan_report+0x141/0x180 [ 27.859103] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 27.859134] kasan_check_range+0x10c/0x1c0 [ 27.859157] __kasan_check_write+0x18/0x20 [ 27.859180] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 27.859209] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.859239] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.859262] ? trace_hardirqs_on+0x37/0xe0 [ 27.859284] ? kasan_bitops_generic+0x92/0x1c0 [ 27.859311] kasan_bitops_generic+0x121/0x1c0 [ 27.859334] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.859358] ? __pfx_read_tsc+0x10/0x10 [ 27.859379] ? ktime_get_ts64+0x86/0x230 [ 27.859402] kunit_try_run_case+0x1a5/0x480 [ 27.859426] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.859448] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.859471] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.859494] ? __kthread_parkme+0x82/0x180 [ 27.859517] ? preempt_count_sub+0x50/0x80 [ 27.859540] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.859562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.859585] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.859607] kthread+0x337/0x6f0 [ 27.859625] ? trace_preempt_on+0x20/0xc0 [ 27.859647] ? __pfx_kthread+0x10/0x10 [ 27.859667] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.859688] ? calculate_sigpending+0x7b/0xa0 [ 27.859710] ? __pfx_kthread+0x10/0x10 [ 27.859751] ret_from_fork+0x116/0x1d0 [ 27.859769] ? __pfx_kthread+0x10/0x10 [ 27.859789] ret_from_fork_asm+0x1a/0x30 [ 27.859820] </TASK> [ 27.859831] [ 27.871561] Allocated by task 310: [ 27.871748] kasan_save_stack+0x45/0x70 [ 27.871936] kasan_save_track+0x18/0x40 [ 27.872066] kasan_save_alloc_info+0x3b/0x50 [ 27.872283] __kasan_kmalloc+0xb7/0xc0 [ 27.872480] __kmalloc_cache_noprof+0x189/0x420 [ 27.872680] kasan_bitops_generic+0x92/0x1c0 [ 27.872821] kunit_try_run_case+0x1a5/0x480 [ 27.872958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.873143] kthread+0x337/0x6f0 [ 27.873274] ret_from_fork+0x116/0x1d0 [ 27.873452] ret_from_fork_asm+0x1a/0x30 [ 27.873640] [ 27.873725] The buggy address belongs to the object at ffff8881048d1b00 [ 27.873725] which belongs to the cache kmalloc-16 of size 16 [ 27.874253] The buggy address is located 8 bytes inside of [ 27.874253] allocated 9-byte region [ffff8881048d1b00, ffff8881048d1b09) [ 27.874709] [ 27.874787] The buggy address belongs to the physical page: [ 27.875002] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1048d1 [ 27.875786] flags: 0x200000000000000(node=0|zone=2) [ 27.875953] page_type: f5(slab) [ 27.876068] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.877179] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.877771] page dumped because: kasan: bad access detected [ 27.878017] [ 27.878117] Memory state around the buggy address: [ 27.878575] ffff8881048d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.879062] ffff8881048d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.879533] >ffff8881048d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.879828] ^ [ 27.879983] ffff8881048d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.880535] ffff8881048d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.881037] ================================================================== [ 27.944449] ================================================================== [ 27.945069] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 27.945525] Write of size 8 at addr ffff8881048d1b08 by task kunit_try_catch/310 [ 27.945817] [ 27.945898] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6-next-20250717 #1 PREEMPT(voluntary) [ 27.945956] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.945967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.945999] Call Trace: [ 27.946012] <TASK> [ 27.946025] dump_stack_lvl+0x73/0xb0 [ 27.946053] print_report+0xd1/0x610 [ 27.946105] ? __virt_addr_valid+0x1db/0x2d0 [ 27.946127] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 27.946152] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.946177] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 27.946204] kasan_report+0x141/0x180 [ 27.946226] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 27.946258] kasan_check_range+0x10c/0x1c0 [ 27.946292] __kasan_check_write+0x18/0x20 [ 27.946314] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 27.946341] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.946369] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.946391] ? trace_hardirqs_on+0x37/0xe0 [ 27.946414] ? kasan_bitops_generic+0x92/0x1c0 [ 27.946441] kasan_bitops_generic+0x121/0x1c0 [ 27.946463] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.946488] ? __pfx_read_tsc+0x10/0x10 [ 27.946508] ? ktime_get_ts64+0x86/0x230 [ 27.946532] kunit_try_run_case+0x1a5/0x480 [ 27.946555] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.946576] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.946599] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.946622] ? __kthread_parkme+0x82/0x180 [ 27.946646] ? preempt_count_sub+0x50/0x80 [ 27.946668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.946691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.946714] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.946737] kthread+0x337/0x6f0 [ 27.946755] ? trace_preempt_on+0x20/0xc0 [ 27.946776] ? __pfx_kthread+0x10/0x10 [ 27.946796] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.946816] ? calculate_sigpending+0x7b/0xa0 [ 27.946838] ? __pfx_kthread+0x10/0x10 [ 27.946859] ret_from_fork+0x116/0x1d0 [ 27.946877] ? __pfx_kthread+0x10/0x10 [ 27.946897] ret_from_fork_asm+0x1a/0x30 [ 27.946927] </TASK> [ 27.946937] [ 27.954976] Allocated by task 310: [ 27.955119] kasan_save_stack+0x45/0x70 [ 27.955335] kasan_save_track+0x18/0x40 [ 27.955517] kasan_save_alloc_info+0x3b/0x50 [ 27.955716] __kasan_kmalloc+0xb7/0xc0 [ 27.955893] __kmalloc_cache_noprof+0x189/0x420 [ 27.956111] kasan_bitops_generic+0x92/0x1c0 [ 27.956344] kunit_try_run_case+0x1a5/0x480 [ 27.956551] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.956793] kthread+0x337/0x6f0 [ 27.956951] ret_from_fork+0x116/0x1d0 [ 27.957090] ret_from_fork_asm+0x1a/0x30 [ 27.957222] [ 27.957284] The buggy address belongs to the object at ffff8881048d1b00 [ 27.957284] which belongs to the cache kmalloc-16 of size 16 [ 27.958225] The buggy address is located 8 bytes inside of [ 27.958225] allocated 9-byte region [ffff8881048d1b00, ffff8881048d1b09) [ 27.958586] [ 27.958648] The buggy address belongs to the physical page: [ 27.958900] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1048d1 [ 27.959246] flags: 0x200000000000000(node=0|zone=2) [ 27.959426] page_type: f5(slab) [ 27.959537] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.959752] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.960052] page dumped because: kasan: bad access detected [ 27.960332] [ 27.960425] Memory state around the buggy address: [ 27.960654] ffff8881048d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.960968] ffff8881048d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.961257] >ffff8881048d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.961513] ^ [ 27.961625] ffff8881048d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.961822] ffff8881048d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.962027] ==================================================================