Date
July 24, 2025, 4:41 a.m.
| Environment | |
|---|---|
| qemu-x86_64 |
[ 29.134499] ================================================================== [ 29.134749] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 29.136204] Write of size 8 at addr ffff888104625b88 by task kunit_try_catch/309 [ 29.137226] [ 29.137585] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.137756] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.137773] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.137797] Call Trace: [ 29.137817] <TASK> [ 29.137835] dump_stack_lvl+0x73/0xb0 [ 29.137867] print_report+0xd1/0x640 [ 29.137890] ? __virt_addr_valid+0x1db/0x2d0 [ 29.137915] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 29.137941] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.137967] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 29.137994] kasan_report+0x141/0x180 [ 29.138016] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 29.138047] kasan_check_range+0x10c/0x1c0 [ 29.138072] __kasan_check_write+0x18/0x20 [ 29.138095] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 29.138122] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.138149] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.138173] ? trace_hardirqs_on+0x37/0xe0 [ 29.138196] ? kasan_bitops_generic+0x92/0x1c0 [ 29.138223] kasan_bitops_generic+0x121/0x1c0 [ 29.138246] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.138271] ? __pfx_read_tsc+0x10/0x10 [ 29.138292] ? ktime_get_ts64+0x86/0x230 [ 29.138317] kunit_try_run_case+0x1a5/0x480 [ 29.138342] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.138365] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.138390] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.138416] ? __kthread_parkme+0x82/0x180 [ 29.138436] ? preempt_count_sub+0x50/0x80 [ 29.138459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.138482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.138506] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.138529] kthread+0x337/0x6f0 [ 29.138549] ? trace_preempt_on+0x20/0xc0 [ 29.138571] ? __pfx_kthread+0x10/0x10 [ 29.138610] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.138633] ? calculate_sigpending+0x7b/0xa0 [ 29.138657] ? __pfx_kthread+0x10/0x10 [ 29.138680] ret_from_fork+0x116/0x1d0 [ 29.138699] ? __pfx_kthread+0x10/0x10 [ 29.138719] ret_from_fork_asm+0x1a/0x30 [ 29.138751] </TASK> [ 29.138761] [ 29.151791] Allocated by task 309: [ 29.152014] kasan_save_stack+0x45/0x70 [ 29.152164] kasan_save_track+0x18/0x40 [ 29.152598] kasan_save_alloc_info+0x3b/0x50 [ 29.152832] __kasan_kmalloc+0xb7/0xc0 [ 29.152961] __kmalloc_cache_noprof+0x189/0x420 [ 29.153240] kasan_bitops_generic+0x92/0x1c0 [ 29.153511] kunit_try_run_case+0x1a5/0x480 [ 29.153737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.154042] kthread+0x337/0x6f0 [ 29.154162] ret_from_fork+0x116/0x1d0 [ 29.154288] ret_from_fork_asm+0x1a/0x30 [ 29.154461] [ 29.154551] The buggy address belongs to the object at ffff888104625b80 [ 29.154551] which belongs to the cache kmalloc-16 of size 16 [ 29.155024] The buggy address is located 8 bytes inside of [ 29.155024] allocated 9-byte region [ffff888104625b80, ffff888104625b89) [ 29.155824] [ 29.156055] The buggy address belongs to the physical page: [ 29.156477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104625 [ 29.156792] flags: 0x200000000000000(node=0|zone=2) [ 29.156953] page_type: f5(slab) [ 29.157108] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 29.157434] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.157892] page dumped because: kasan: bad access detected [ 29.158116] [ 29.158179] Memory state around the buggy address: [ 29.158377] ffff888104625a80: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.158721] ffff888104625b00: 00 06 fc fc 00 06 fc fc 00 06 fc fc fa fb fc fc [ 29.159093] >ffff888104625b80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.159400] ^ [ 29.159568] ffff888104625c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.160031] ffff888104625c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.160434] ================================================================== [ 29.271123] ================================================================== [ 29.271502] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 29.271955] Read of size 8 at addr ffff888104625b88 by task kunit_try_catch/309 [ 29.272316] [ 29.272423] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.272472] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.272486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.272508] Call Trace: [ 29.272525] <TASK> [ 29.272542] dump_stack_lvl+0x73/0xb0 [ 29.272568] print_report+0xd1/0x640 [ 29.272603] ? __virt_addr_valid+0x1db/0x2d0 [ 29.272627] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 29.272653] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.272679] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 29.272706] kasan_report+0x141/0x180 [ 29.272728] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 29.272760] kasan_check_range+0x10c/0x1c0 [ 29.272789] __kasan_check_read+0x15/0x20 [ 29.272812] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 29.272839] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.272867] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.272892] ? trace_hardirqs_on+0x37/0xe0 [ 29.272915] ? kasan_bitops_generic+0x92/0x1c0 [ 29.272942] kasan_bitops_generic+0x121/0x1c0 [ 29.272966] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.272991] ? __pfx_read_tsc+0x10/0x10 [ 29.273013] ? ktime_get_ts64+0x86/0x230 [ 29.273037] kunit_try_run_case+0x1a5/0x480 [ 29.273061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.273084] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.273109] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.273134] ? __kthread_parkme+0x82/0x180 [ 29.273154] ? preempt_count_sub+0x50/0x80 [ 29.273177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.273201] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.273224] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.273248] kthread+0x337/0x6f0 [ 29.273266] ? trace_preempt_on+0x20/0xc0 [ 29.273287] ? __pfx_kthread+0x10/0x10 [ 29.273308] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.273330] ? calculate_sigpending+0x7b/0xa0 [ 29.273353] ? __pfx_kthread+0x10/0x10 [ 29.273374] ret_from_fork+0x116/0x1d0 [ 29.273392] ? __pfx_kthread+0x10/0x10 [ 29.273412] ret_from_fork_asm+0x1a/0x30 [ 29.273443] </TASK> [ 29.273453] [ 29.282900] Allocated by task 309: [ 29.283072] kasan_save_stack+0x45/0x70 [ 29.283448] kasan_save_track+0x18/0x40 [ 29.283645] kasan_save_alloc_info+0x3b/0x50 [ 29.283930] __kasan_kmalloc+0xb7/0xc0 [ 29.284236] __kmalloc_cache_noprof+0x189/0x420 [ 29.284384] kasan_bitops_generic+0x92/0x1c0 [ 29.284525] kunit_try_run_case+0x1a5/0x480 [ 29.284682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.284903] kthread+0x337/0x6f0 [ 29.285216] ret_from_fork+0x116/0x1d0 [ 29.285591] ret_from_fork_asm+0x1a/0x30 [ 29.285893] [ 29.286053] The buggy address belongs to the object at ffff888104625b80 [ 29.286053] which belongs to the cache kmalloc-16 of size 16 [ 29.286719] The buggy address is located 8 bytes inside of [ 29.286719] allocated 9-byte region [ffff888104625b80, ffff888104625b89) [ 29.287548] [ 29.287625] The buggy address belongs to the physical page: [ 29.287884] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104625 [ 29.288308] flags: 0x200000000000000(node=0|zone=2) [ 29.288556] page_type: f5(slab) [ 29.288823] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 29.289235] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.289599] page dumped because: kasan: bad access detected [ 29.289851] [ 29.289942] Memory state around the buggy address: [ 29.290174] ffff888104625a80: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.290414] ffff888104625b00: 00 06 fc fc 00 06 fc fc 00 06 fc fc fa fb fc fc [ 29.290763] >ffff888104625b80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.291114] ^ [ 29.291284] ffff888104625c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.291617] ffff888104625c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.291994] ================================================================== [ 29.102692] ================================================================== [ 29.103550] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 29.104081] Write of size 8 at addr ffff888104625b88 by task kunit_try_catch/309 [ 29.104458] [ 29.104545] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.104644] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.104660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.104681] Call Trace: [ 29.104699] <TASK> [ 29.104717] dump_stack_lvl+0x73/0xb0 [ 29.104744] print_report+0xd1/0x640 [ 29.104798] ? __virt_addr_valid+0x1db/0x2d0 [ 29.104823] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 29.104849] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.104879] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 29.104906] kasan_report+0x141/0x180 [ 29.105017] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 29.105053] kasan_check_range+0x10c/0x1c0 [ 29.105076] __kasan_check_write+0x18/0x20 [ 29.105109] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 29.105136] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.105197] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.105222] ? trace_hardirqs_on+0x37/0xe0 [ 29.105245] ? kasan_bitops_generic+0x92/0x1c0 [ 29.105272] kasan_bitops_generic+0x121/0x1c0 [ 29.105295] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.105351] ? __pfx_read_tsc+0x10/0x10 [ 29.105373] ? ktime_get_ts64+0x86/0x230 [ 29.105398] kunit_try_run_case+0x1a5/0x480 [ 29.105423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.105446] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.105500] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.105525] ? __kthread_parkme+0x82/0x180 [ 29.105545] ? preempt_count_sub+0x50/0x80 [ 29.105567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.105603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.105625] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.105677] kthread+0x337/0x6f0 [ 29.105698] ? trace_preempt_on+0x20/0xc0 [ 29.105719] ? __pfx_kthread+0x10/0x10 [ 29.105739] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.105761] ? calculate_sigpending+0x7b/0xa0 [ 29.105795] ? __pfx_kthread+0x10/0x10 [ 29.105816] ret_from_fork+0x116/0x1d0 [ 29.105835] ? __pfx_kthread+0x10/0x10 [ 29.106003] ret_from_fork_asm+0x1a/0x30 [ 29.106089] </TASK> [ 29.106101] [ 29.119605] Allocated by task 309: [ 29.119740] kasan_save_stack+0x45/0x70 [ 29.119973] kasan_save_track+0x18/0x40 [ 29.120350] kasan_save_alloc_info+0x3b/0x50 [ 29.120870] __kasan_kmalloc+0xb7/0xc0 [ 29.121312] __kmalloc_cache_noprof+0x189/0x420 [ 29.121733] kasan_bitops_generic+0x92/0x1c0 [ 29.122343] kunit_try_run_case+0x1a5/0x480 [ 29.122760] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.123225] kthread+0x337/0x6f0 [ 29.123539] ret_from_fork+0x116/0x1d0 [ 29.123791] ret_from_fork_asm+0x1a/0x30 [ 29.124357] [ 29.124429] The buggy address belongs to the object at ffff888104625b80 [ 29.124429] which belongs to the cache kmalloc-16 of size 16 [ 29.124831] The buggy address is located 8 bytes inside of [ 29.124831] allocated 9-byte region [ffff888104625b80, ffff888104625b89) [ 29.126176] [ 29.126343] The buggy address belongs to the physical page: [ 29.126868] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104625 [ 29.127698] flags: 0x200000000000000(node=0|zone=2) [ 29.128176] page_type: f5(slab) [ 29.128295] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 29.128520] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.128746] page dumped because: kasan: bad access detected [ 29.128911] [ 29.129111] Memory state around the buggy address: [ 29.129678] ffff888104625a80: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.130485] ffff888104625b00: 00 06 fc fc 00 06 fc fc 00 06 fc fc fa fb fc fc [ 29.131191] >ffff888104625b80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.131960] ^ [ 29.132298] ffff888104625c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.132946] ffff888104625c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.133615] ================================================================== [ 29.204558] ================================================================== [ 29.205105] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 29.205490] Write of size 8 at addr ffff888104625b88 by task kunit_try_catch/309 [ 29.205839] [ 29.206124] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.206219] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.206234] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.206256] Call Trace: [ 29.206274] <TASK> [ 29.206291] dump_stack_lvl+0x73/0xb0 [ 29.206346] print_report+0xd1/0x640 [ 29.206369] ? __virt_addr_valid+0x1db/0x2d0 [ 29.206393] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 29.206420] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.206445] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 29.206472] kasan_report+0x141/0x180 [ 29.206495] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 29.206526] kasan_check_range+0x10c/0x1c0 [ 29.206550] __kasan_check_write+0x18/0x20 [ 29.206584] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 29.206612] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.206641] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.206665] ? trace_hardirqs_on+0x37/0xe0 [ 29.206688] ? kasan_bitops_generic+0x92/0x1c0 [ 29.206714] kasan_bitops_generic+0x121/0x1c0 [ 29.206738] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.206763] ? __pfx_read_tsc+0x10/0x10 [ 29.206862] ? ktime_get_ts64+0x86/0x230 [ 29.206893] kunit_try_run_case+0x1a5/0x480 [ 29.206919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.206942] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.206968] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.206992] ? __kthread_parkme+0x82/0x180 [ 29.207014] ? preempt_count_sub+0x50/0x80 [ 29.207037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.207062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.207086] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.207109] kthread+0x337/0x6f0 [ 29.207128] ? trace_preempt_on+0x20/0xc0 [ 29.207151] ? __pfx_kthread+0x10/0x10 [ 29.207171] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.207194] ? calculate_sigpending+0x7b/0xa0 [ 29.207263] ? __pfx_kthread+0x10/0x10 [ 29.207309] ret_from_fork+0x116/0x1d0 [ 29.207329] ? __pfx_kthread+0x10/0x10 [ 29.207350] ret_from_fork_asm+0x1a/0x30 [ 29.207381] </TASK> [ 29.207392] [ 29.216846] Allocated by task 309: [ 29.217026] kasan_save_stack+0x45/0x70 [ 29.217266] kasan_save_track+0x18/0x40 [ 29.217568] kasan_save_alloc_info+0x3b/0x50 [ 29.217921] __kasan_kmalloc+0xb7/0xc0 [ 29.218125] __kmalloc_cache_noprof+0x189/0x420 [ 29.218371] kasan_bitops_generic+0x92/0x1c0 [ 29.218583] kunit_try_run_case+0x1a5/0x480 [ 29.218814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.219150] kthread+0x337/0x6f0 [ 29.219362] ret_from_fork+0x116/0x1d0 [ 29.219524] ret_from_fork_asm+0x1a/0x30 [ 29.219750] [ 29.220058] The buggy address belongs to the object at ffff888104625b80 [ 29.220058] which belongs to the cache kmalloc-16 of size 16 [ 29.220637] The buggy address is located 8 bytes inside of [ 29.220637] allocated 9-byte region [ffff888104625b80, ffff888104625b89) [ 29.221289] [ 29.221367] The buggy address belongs to the physical page: [ 29.221539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104625 [ 29.222116] flags: 0x200000000000000(node=0|zone=2) [ 29.222471] page_type: f5(slab) [ 29.222692] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 29.223111] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.223546] page dumped because: kasan: bad access detected [ 29.223768] [ 29.223831] Memory state around the buggy address: [ 29.223979] ffff888104625a80: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.224528] ffff888104625b00: 00 06 fc fc 00 06 fc fc 00 06 fc fc fa fb fc fc [ 29.225227] >ffff888104625b80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.225489] ^ [ 29.225665] ffff888104625c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.225880] ffff888104625c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.226674] ================================================================== [ 29.160980] ================================================================== [ 29.161282] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 29.161672] Write of size 8 at addr ffff888104625b88 by task kunit_try_catch/309 [ 29.162193] [ 29.162373] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.162430] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.162444] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.162468] Call Trace: [ 29.162488] <TASK> [ 29.162507] dump_stack_lvl+0x73/0xb0 [ 29.162537] print_report+0xd1/0x640 [ 29.162560] ? __virt_addr_valid+0x1db/0x2d0 [ 29.162597] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 29.162624] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.162650] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 29.162677] kasan_report+0x141/0x180 [ 29.162721] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 29.162753] kasan_check_range+0x10c/0x1c0 [ 29.162776] __kasan_check_write+0x18/0x20 [ 29.162799] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 29.162825] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.162853] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.162877] ? trace_hardirqs_on+0x37/0xe0 [ 29.162900] ? kasan_bitops_generic+0x92/0x1c0 [ 29.162926] kasan_bitops_generic+0x121/0x1c0 [ 29.162949] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.163050] ? __pfx_read_tsc+0x10/0x10 [ 29.163077] ? ktime_get_ts64+0x86/0x230 [ 29.163102] kunit_try_run_case+0x1a5/0x480 [ 29.163129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.163152] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.163178] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.163203] ? __kthread_parkme+0x82/0x180 [ 29.163224] ? preempt_count_sub+0x50/0x80 [ 29.163247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.163278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.163301] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.163325] kthread+0x337/0x6f0 [ 29.163344] ? trace_preempt_on+0x20/0xc0 [ 29.163367] ? __pfx_kthread+0x10/0x10 [ 29.163389] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.163413] ? calculate_sigpending+0x7b/0xa0 [ 29.163438] ? __pfx_kthread+0x10/0x10 [ 29.163462] ret_from_fork+0x116/0x1d0 [ 29.163483] ? __pfx_kthread+0x10/0x10 [ 29.163505] ret_from_fork_asm+0x1a/0x30 [ 29.163559] </TASK> [ 29.163571] [ 29.172348] Allocated by task 309: [ 29.172494] kasan_save_stack+0x45/0x70 [ 29.172666] kasan_save_track+0x18/0x40 [ 29.172797] kasan_save_alloc_info+0x3b/0x50 [ 29.173226] __kasan_kmalloc+0xb7/0xc0 [ 29.173439] __kmalloc_cache_noprof+0x189/0x420 [ 29.173668] kasan_bitops_generic+0x92/0x1c0 [ 29.173987] kunit_try_run_case+0x1a5/0x480 [ 29.174135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.174302] kthread+0x337/0x6f0 [ 29.174418] ret_from_fork+0x116/0x1d0 [ 29.174546] ret_from_fork_asm+0x1a/0x30 [ 29.174789] [ 29.174913] The buggy address belongs to the object at ffff888104625b80 [ 29.174913] which belongs to the cache kmalloc-16 of size 16 [ 29.175560] The buggy address is located 8 bytes inside of [ 29.175560] allocated 9-byte region [ffff888104625b80, ffff888104625b89) [ 29.176445] [ 29.176546] The buggy address belongs to the physical page: [ 29.176753] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104625 [ 29.177496] flags: 0x200000000000000(node=0|zone=2) [ 29.177706] page_type: f5(slab) [ 29.178008] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 29.178361] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.178598] page dumped because: kasan: bad access detected [ 29.178874] [ 29.178999] Memory state around the buggy address: [ 29.179273] ffff888104625a80: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.179542] ffff888104625b00: 00 06 fc fc 00 06 fc fc 00 06 fc fc fa fb fc fc [ 29.179837] >ffff888104625b80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.180275] ^ [ 29.180399] ffff888104625c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.180641] ffff888104625c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.180948] ================================================================== [ 29.250616] ================================================================== [ 29.251028] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 29.251361] Write of size 8 at addr ffff888104625b88 by task kunit_try_catch/309 [ 29.251698] [ 29.251874] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.251932] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.251946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.251968] Call Trace: [ 29.251987] <TASK> [ 29.252007] dump_stack_lvl+0x73/0xb0 [ 29.252037] print_report+0xd1/0x640 [ 29.252060] ? __virt_addr_valid+0x1db/0x2d0 [ 29.252084] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 29.252111] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.252137] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 29.252165] kasan_report+0x141/0x180 [ 29.252188] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 29.252219] kasan_check_range+0x10c/0x1c0 [ 29.252242] __kasan_check_write+0x18/0x20 [ 29.252265] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 29.252292] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.252320] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.252344] ? trace_hardirqs_on+0x37/0xe0 [ 29.252366] ? kasan_bitops_generic+0x92/0x1c0 [ 29.252393] kasan_bitops_generic+0x121/0x1c0 [ 29.252456] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.252481] ? __pfx_read_tsc+0x10/0x10 [ 29.252502] ? ktime_get_ts64+0x86/0x230 [ 29.252526] kunit_try_run_case+0x1a5/0x480 [ 29.252552] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.252586] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.252612] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.252638] ? __kthread_parkme+0x82/0x180 [ 29.252659] ? preempt_count_sub+0x50/0x80 [ 29.252683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.252707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.252730] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.252753] kthread+0x337/0x6f0 [ 29.252773] ? trace_preempt_on+0x20/0xc0 [ 29.252807] ? __pfx_kthread+0x10/0x10 [ 29.252827] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.252850] ? calculate_sigpending+0x7b/0xa0 [ 29.252874] ? __pfx_kthread+0x10/0x10 [ 29.252895] ret_from_fork+0x116/0x1d0 [ 29.252948] ? __pfx_kthread+0x10/0x10 [ 29.252968] ret_from_fork_asm+0x1a/0x30 [ 29.253025] </TASK> [ 29.253036] [ 29.262207] Allocated by task 309: [ 29.262332] kasan_save_stack+0x45/0x70 [ 29.262470] kasan_save_track+0x18/0x40 [ 29.262629] kasan_save_alloc_info+0x3b/0x50 [ 29.262919] __kasan_kmalloc+0xb7/0xc0 [ 29.263307] __kmalloc_cache_noprof+0x189/0x420 [ 29.263648] kasan_bitops_generic+0x92/0x1c0 [ 29.264041] kunit_try_run_case+0x1a5/0x480 [ 29.264276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.264523] kthread+0x337/0x6f0 [ 29.264650] ret_from_fork+0x116/0x1d0 [ 29.264776] ret_from_fork_asm+0x1a/0x30 [ 29.265108] [ 29.265290] The buggy address belongs to the object at ffff888104625b80 [ 29.265290] which belongs to the cache kmalloc-16 of size 16 [ 29.265921] The buggy address is located 8 bytes inside of [ 29.265921] allocated 9-byte region [ffff888104625b80, ffff888104625b89) [ 29.266435] [ 29.266529] The buggy address belongs to the physical page: [ 29.266874] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104625 [ 29.267399] flags: 0x200000000000000(node=0|zone=2) [ 29.267630] page_type: f5(slab) [ 29.267795] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 29.268260] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.268602] page dumped because: kasan: bad access detected [ 29.268838] [ 29.268900] Memory state around the buggy address: [ 29.269047] ffff888104625a80: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.269253] ffff888104625b00: 00 06 fc fc 00 06 fc fc 00 06 fc fc fa fb fc fc [ 29.269463] >ffff888104625b80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.269730] ^ [ 29.269899] ffff888104625c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.270214] ffff888104625c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.270526] ================================================================== [ 29.227289] ================================================================== [ 29.227670] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 29.228152] Write of size 8 at addr ffff888104625b88 by task kunit_try_catch/309 [ 29.228413] [ 29.228722] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.228824] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.228838] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.228902] Call Trace: [ 29.228970] <TASK> [ 29.228987] dump_stack_lvl+0x73/0xb0 [ 29.229017] print_report+0xd1/0x640 [ 29.229039] ? __virt_addr_valid+0x1db/0x2d0 [ 29.229062] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 29.229088] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.229145] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 29.229173] kasan_report+0x141/0x180 [ 29.229195] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 29.229226] kasan_check_range+0x10c/0x1c0 [ 29.229249] __kasan_check_write+0x18/0x20 [ 29.229303] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 29.229330] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.229358] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.229383] ? trace_hardirqs_on+0x37/0xe0 [ 29.229435] ? kasan_bitops_generic+0x92/0x1c0 [ 29.229463] kasan_bitops_generic+0x121/0x1c0 [ 29.229486] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.229510] ? __pfx_read_tsc+0x10/0x10 [ 29.229531] ? ktime_get_ts64+0x86/0x230 [ 29.229596] kunit_try_run_case+0x1a5/0x480 [ 29.229620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.229644] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.229669] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.229694] ? __kthread_parkme+0x82/0x180 [ 29.229714] ? preempt_count_sub+0x50/0x80 [ 29.229738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.229762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.229854] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.229883] kthread+0x337/0x6f0 [ 29.229938] ? trace_preempt_on+0x20/0xc0 [ 29.229960] ? __pfx_kthread+0x10/0x10 [ 29.229981] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.230015] ? calculate_sigpending+0x7b/0xa0 [ 29.230039] ? __pfx_kthread+0x10/0x10 [ 29.230061] ret_from_fork+0x116/0x1d0 [ 29.230115] ? __pfx_kthread+0x10/0x10 [ 29.230138] ret_from_fork_asm+0x1a/0x30 [ 29.230170] </TASK> [ 29.230182] [ 29.240375] Allocated by task 309: [ 29.240641] kasan_save_stack+0x45/0x70 [ 29.241187] kasan_save_track+0x18/0x40 [ 29.241344] kasan_save_alloc_info+0x3b/0x50 [ 29.241609] __kasan_kmalloc+0xb7/0xc0 [ 29.241822] __kmalloc_cache_noprof+0x189/0x420 [ 29.242116] kasan_bitops_generic+0x92/0x1c0 [ 29.242352] kunit_try_run_case+0x1a5/0x480 [ 29.242558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.242900] kthread+0x337/0x6f0 [ 29.243110] ret_from_fork+0x116/0x1d0 [ 29.243314] ret_from_fork_asm+0x1a/0x30 [ 29.243503] [ 29.243604] The buggy address belongs to the object at ffff888104625b80 [ 29.243604] which belongs to the cache kmalloc-16 of size 16 [ 29.244236] The buggy address is located 8 bytes inside of [ 29.244236] allocated 9-byte region [ffff888104625b80, ffff888104625b89) [ 29.244759] [ 29.244927] The buggy address belongs to the physical page: [ 29.245157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104625 [ 29.245392] flags: 0x200000000000000(node=0|zone=2) [ 29.245550] page_type: f5(slab) [ 29.245726] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 29.246649] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.246919] page dumped because: kasan: bad access detected [ 29.247085] [ 29.247148] Memory state around the buggy address: [ 29.247307] ffff888104625a80: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.247523] ffff888104625b00: 00 06 fc fc 00 06 fc fc 00 06 fc fc fa fb fc fc [ 29.248304] >ffff888104625b80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.248687] ^ [ 29.248890] ffff888104625c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.249279] ffff888104625c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.250059] ================================================================== [ 29.181662] ================================================================== [ 29.182203] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 29.182822] Write of size 8 at addr ffff888104625b88 by task kunit_try_catch/309 [ 29.183289] [ 29.183397] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.183492] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.183505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.183551] Call Trace: [ 29.183571] <TASK> [ 29.183600] dump_stack_lvl+0x73/0xb0 [ 29.183629] print_report+0xd1/0x640 [ 29.183653] ? __virt_addr_valid+0x1db/0x2d0 [ 29.183678] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 29.183705] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.183731] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 29.183789] kasan_report+0x141/0x180 [ 29.183863] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 29.183896] kasan_check_range+0x10c/0x1c0 [ 29.183933] __kasan_check_write+0x18/0x20 [ 29.183957] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 29.184020] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.184050] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.184075] ? trace_hardirqs_on+0x37/0xe0 [ 29.184097] ? kasan_bitops_generic+0x92/0x1c0 [ 29.184124] kasan_bitops_generic+0x121/0x1c0 [ 29.184147] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.184172] ? __pfx_read_tsc+0x10/0x10 [ 29.184225] ? ktime_get_ts64+0x86/0x230 [ 29.184250] kunit_try_run_case+0x1a5/0x480 [ 29.184276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.184298] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.184324] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.184379] ? __kthread_parkme+0x82/0x180 [ 29.184399] ? preempt_count_sub+0x50/0x80 [ 29.184423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.184447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.184470] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.184494] kthread+0x337/0x6f0 [ 29.184512] ? trace_preempt_on+0x20/0xc0 [ 29.184566] ? __pfx_kthread+0x10/0x10 [ 29.184599] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.184622] ? calculate_sigpending+0x7b/0xa0 [ 29.184646] ? __pfx_kthread+0x10/0x10 [ 29.184667] ret_from_fork+0x116/0x1d0 [ 29.184719] ? __pfx_kthread+0x10/0x10 [ 29.184740] ret_from_fork_asm+0x1a/0x30 [ 29.184772] </TASK> [ 29.184782] [ 29.194906] Allocated by task 309: [ 29.195223] kasan_save_stack+0x45/0x70 [ 29.195464] kasan_save_track+0x18/0x40 [ 29.195670] kasan_save_alloc_info+0x3b/0x50 [ 29.195881] __kasan_kmalloc+0xb7/0xc0 [ 29.196066] __kmalloc_cache_noprof+0x189/0x420 [ 29.196416] kasan_bitops_generic+0x92/0x1c0 [ 29.196629] kunit_try_run_case+0x1a5/0x480 [ 29.196894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.197162] kthread+0x337/0x6f0 [ 29.197330] ret_from_fork+0x116/0x1d0 [ 29.197511] ret_from_fork_asm+0x1a/0x30 [ 29.197728] [ 29.197852] The buggy address belongs to the object at ffff888104625b80 [ 29.197852] which belongs to the cache kmalloc-16 of size 16 [ 29.198446] The buggy address is located 8 bytes inside of [ 29.198446] allocated 9-byte region [ffff888104625b80, ffff888104625b89) [ 29.199129] [ 29.199299] The buggy address belongs to the physical page: [ 29.199559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104625 [ 29.199976] flags: 0x200000000000000(node=0|zone=2) [ 29.200143] page_type: f5(slab) [ 29.200259] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 29.200485] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.201026] page dumped because: kasan: bad access detected [ 29.201349] [ 29.201471] Memory state around the buggy address: [ 29.201902] ffff888104625a80: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.202391] ffff888104625b00: 00 06 fc fc 00 06 fc fc 00 06 fc fc fa fb fc fc [ 29.202658] >ffff888104625b80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.202868] ^ [ 29.203270] ffff888104625c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.203678] ffff888104625c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.204093] ================================================================== [ 29.292513] ================================================================== [ 29.292918] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 29.293437] Read of size 8 at addr ffff888104625b88 by task kunit_try_catch/309 [ 29.293850] [ 29.293969] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) [ 29.294017] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 29.294031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.294104] Call Trace: [ 29.294122] <TASK> [ 29.294170] dump_stack_lvl+0x73/0xb0 [ 29.294197] print_report+0xd1/0x640 [ 29.294219] ? __virt_addr_valid+0x1db/0x2d0 [ 29.294243] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 29.294270] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.294296] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 29.294355] kasan_report+0x141/0x180 [ 29.294378] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 29.294410] __asan_report_load8_noabort+0x18/0x20 [ 29.294435] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 29.294462] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.294519] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.294544] ? trace_hardirqs_on+0x37/0xe0 [ 29.294566] ? kasan_bitops_generic+0x92/0x1c0 [ 29.294606] kasan_bitops_generic+0x121/0x1c0 [ 29.294629] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.294685] ? __pfx_read_tsc+0x10/0x10 [ 29.294707] ? ktime_get_ts64+0x86/0x230 [ 29.294732] kunit_try_run_case+0x1a5/0x480 [ 29.294756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.294779] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.294804] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.294859] ? __kthread_parkme+0x82/0x180 [ 29.294879] ? preempt_count_sub+0x50/0x80 [ 29.294902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.294938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.294963] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.295091] kthread+0x337/0x6f0 [ 29.295112] ? trace_preempt_on+0x20/0xc0 [ 29.295133] ? __pfx_kthread+0x10/0x10 [ 29.295163] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.295186] ? calculate_sigpending+0x7b/0xa0 [ 29.295210] ? __pfx_kthread+0x10/0x10 [ 29.295232] ret_from_fork+0x116/0x1d0 [ 29.295257] ? __pfx_kthread+0x10/0x10 [ 29.295277] ret_from_fork_asm+0x1a/0x30 [ 29.295308] </TASK> [ 29.295318] [ 29.304313] Allocated by task 309: [ 29.304541] kasan_save_stack+0x45/0x70 [ 29.304757] kasan_save_track+0x18/0x40 [ 29.305000] kasan_save_alloc_info+0x3b/0x50 [ 29.305174] __kasan_kmalloc+0xb7/0xc0 [ 29.305294] __kmalloc_cache_noprof+0x189/0x420 [ 29.305527] kasan_bitops_generic+0x92/0x1c0 [ 29.305749] kunit_try_run_case+0x1a5/0x480 [ 29.306071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.306313] kthread+0x337/0x6f0 [ 29.306491] ret_from_fork+0x116/0x1d0 [ 29.306680] ret_from_fork_asm+0x1a/0x30 [ 29.306890] [ 29.307043] The buggy address belongs to the object at ffff888104625b80 [ 29.307043] which belongs to the cache kmalloc-16 of size 16 [ 29.307557] The buggy address is located 8 bytes inside of [ 29.307557] allocated 9-byte region [ffff888104625b80, ffff888104625b89) [ 29.308227] [ 29.308345] The buggy address belongs to the physical page: [ 29.308559] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104625 [ 29.309027] flags: 0x200000000000000(node=0|zone=2) [ 29.309275] page_type: f5(slab) [ 29.309435] raw: 0200000000000000 ffff888100041640 dead000000000100 dead000000000122 [ 29.309758] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.310159] page dumped because: kasan: bad access detected [ 29.310399] [ 29.310516] Memory state around the buggy address: [ 29.310726] ffff888104625a80: 00 00 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.311199] ffff888104625b00: 00 06 fc fc 00 06 fc fc 00 06 fc fc fa fb fc fc [ 29.311819] >ffff888104625b80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.312026] ^ [ 29.312219] ffff888104625c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.312523] ffff888104625c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.312838] ==================================================================