Date
July 25, 2025, 3:13 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 34.668570] ================================================================== [ 34.668769] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 34.668849] Write of size 8 at addr fff00000c91b2888 by task kunit_try_catch/293 [ 34.668902] [ 34.669038] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 34.669128] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 34.669226] Hardware name: linux,dummy-virt (DT) [ 34.669260] Call trace: [ 34.669301] show_stack+0x20/0x38 (C) [ 34.669577] dump_stack_lvl+0x8c/0xd0 [ 34.669664] print_report+0x118/0x5e8 [ 34.669731] kasan_report+0xdc/0x128 [ 34.669806] kasan_check_range+0x100/0x1a8 [ 34.669894] __kasan_check_write+0x20/0x30 [ 34.669959] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 34.670012] kasan_bitops_generic+0x110/0x1c8 [ 34.670081] kunit_try_run_case+0x170/0x3f0 [ 34.670131] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.670424] kthread+0x328/0x630 [ 34.670522] ret_from_fork+0x10/0x20 [ 34.670600] [ 34.670673] Allocated by task 293: [ 34.670707] kasan_save_stack+0x3c/0x68 [ 34.670786] kasan_save_track+0x20/0x40 [ 34.670898] kasan_save_alloc_info+0x40/0x58 [ 34.670950] __kasan_kmalloc+0xd4/0xd8 [ 34.671014] __kmalloc_cache_noprof+0x16c/0x3c0 [ 34.671070] kasan_bitops_generic+0xa0/0x1c8 [ 34.671178] kunit_try_run_case+0x170/0x3f0 [ 34.671320] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.671370] kthread+0x328/0x630 [ 34.671404] ret_from_fork+0x10/0x20 [ 34.671442] [ 34.671465] The buggy address belongs to the object at fff00000c91b2880 [ 34.671465] which belongs to the cache kmalloc-16 of size 16 [ 34.671576] The buggy address is located 8 bytes inside of [ 34.671576] allocated 9-byte region [fff00000c91b2880, fff00000c91b2889) [ 34.671805] [ 34.671859] The buggy address belongs to the physical page: [ 34.671920] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1091b2 [ 34.672016] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.672137] page_type: f5(slab) [ 34.672193] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 34.672274] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 34.672365] page dumped because: kasan: bad access detected [ 34.672428] [ 34.672489] Memory state around the buggy address: [ 34.672631] fff00000c91b2780: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 34.672708] fff00000c91b2800: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 34.673073] >fff00000c91b2880: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.673239] ^ [ 34.673320] fff00000c91b2900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.673430] fff00000c91b2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.673570] ================================================================== [ 34.674568] ================================================================== [ 34.674742] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 34.674827] Read of size 8 at addr fff00000c91b2888 by task kunit_try_catch/293 [ 34.675020] [ 34.675250] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 34.675360] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 34.675486] Hardware name: linux,dummy-virt (DT) [ 34.675566] Call trace: [ 34.675626] show_stack+0x20/0x38 (C) [ 34.675753] dump_stack_lvl+0x8c/0xd0 [ 34.675804] print_report+0x118/0x5e8 [ 34.675851] kasan_report+0xdc/0x128 [ 34.675895] __asan_report_load8_noabort+0x20/0x30 [ 34.676285] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 34.676409] kasan_bitops_generic+0x110/0x1c8 [ 34.676516] kunit_try_run_case+0x170/0x3f0 [ 34.676685] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.676845] kthread+0x328/0x630 [ 34.676941] ret_from_fork+0x10/0x20 [ 34.677076] [ 34.677120] Allocated by task 293: [ 34.677154] kasan_save_stack+0x3c/0x68 [ 34.677262] kasan_save_track+0x20/0x40 [ 34.677715] kasan_save_alloc_info+0x40/0x58 [ 34.677804] __kasan_kmalloc+0xd4/0xd8 [ 34.677974] __kmalloc_cache_noprof+0x16c/0x3c0 [ 34.678031] kasan_bitops_generic+0xa0/0x1c8 [ 34.678119] kunit_try_run_case+0x170/0x3f0 [ 34.678216] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.678277] kthread+0x328/0x630 [ 34.678311] ret_from_fork+0x10/0x20 [ 34.678380] [ 34.678592] The buggy address belongs to the object at fff00000c91b2880 [ 34.678592] which belongs to the cache kmalloc-16 of size 16 [ 34.679252] The buggy address is located 8 bytes inside of [ 34.679252] allocated 9-byte region [fff00000c91b2880, fff00000c91b2889) [ 34.679372] [ 34.679398] The buggy address belongs to the physical page: [ 34.679446] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1091b2 [ 34.679513] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.679826] page_type: f5(slab) [ 34.680054] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 34.680192] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 34.680334] page dumped because: kasan: bad access detected [ 34.680419] [ 34.680459] Memory state around the buggy address: [ 34.680502] fff00000c91b2780: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 34.680777] fff00000c91b2800: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 34.680956] >fff00000c91b2880: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.681070] ^ [ 34.681168] fff00000c91b2900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.681313] fff00000c91b2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.681376] ================================================================== [ 34.665015] ================================================================== [ 34.665246] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 34.665311] Read of size 8 at addr fff00000c91b2888 by task kunit_try_catch/293 [ 34.665364] [ 34.665398] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 34.665589] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 34.665664] Hardware name: linux,dummy-virt (DT) [ 34.665700] Call trace: [ 34.665745] show_stack+0x20/0x38 (C) [ 34.665798] dump_stack_lvl+0x8c/0xd0 [ 34.665864] print_report+0x118/0x5e8 [ 34.665990] kasan_report+0xdc/0x128 [ 34.666036] __asan_report_load8_noabort+0x20/0x30 [ 34.666088] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 34.666141] kasan_bitops_generic+0x110/0x1c8 [ 34.666202] kunit_try_run_case+0x170/0x3f0 [ 34.666251] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.666312] kthread+0x328/0x630 [ 34.666358] ret_from_fork+0x10/0x20 [ 34.666409] [ 34.666437] Allocated by task 293: [ 34.666480] kasan_save_stack+0x3c/0x68 [ 34.666523] kasan_save_track+0x20/0x40 [ 34.666560] kasan_save_alloc_info+0x40/0x58 [ 34.666600] __kasan_kmalloc+0xd4/0xd8 [ 34.666654] __kmalloc_cache_noprof+0x16c/0x3c0 [ 34.666713] kasan_bitops_generic+0xa0/0x1c8 [ 34.666756] kunit_try_run_case+0x170/0x3f0 [ 34.666796] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.666849] kthread+0x328/0x630 [ 34.666886] ret_from_fork+0x10/0x20 [ 34.666938] [ 34.666961] The buggy address belongs to the object at fff00000c91b2880 [ 34.666961] which belongs to the cache kmalloc-16 of size 16 [ 34.667020] The buggy address is located 8 bytes inside of [ 34.667020] allocated 9-byte region [fff00000c91b2880, fff00000c91b2889) [ 34.667084] [ 34.667105] The buggy address belongs to the physical page: [ 34.667142] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1091b2 [ 34.667198] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.667253] page_type: f5(slab) [ 34.667301] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 34.667352] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 34.667393] page dumped because: kasan: bad access detected [ 34.667436] [ 34.667456] Memory state around the buggy address: [ 34.667489] fff00000c91b2780: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 34.667536] fff00000c91b2800: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 34.667581] >fff00000c91b2880: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.667628] ^ [ 34.667668] fff00000c91b2900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.667714] fff00000c91b2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.667755] ================================================================== [ 34.656715] ================================================================== [ 34.656817] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 34.657038] Write of size 8 at addr fff00000c91b2888 by task kunit_try_catch/293 [ 34.657103] [ 34.657157] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 34.657294] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 34.657335] Hardware name: linux,dummy-virt (DT) [ 34.657370] Call trace: [ 34.657412] show_stack+0x20/0x38 (C) [ 34.657591] dump_stack_lvl+0x8c/0xd0 [ 34.657811] print_report+0x118/0x5e8 [ 34.657895] kasan_report+0xdc/0x128 [ 34.657970] kasan_check_range+0x100/0x1a8 [ 34.658033] __kasan_check_write+0x20/0x30 [ 34.658099] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 34.658172] kasan_bitops_generic+0x110/0x1c8 [ 34.658224] kunit_try_run_case+0x170/0x3f0 [ 34.658274] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.658328] kthread+0x328/0x630 [ 34.658555] ret_from_fork+0x10/0x20 [ 34.658622] [ 34.658688] Allocated by task 293: [ 34.658765] kasan_save_stack+0x3c/0x68 [ 34.658830] kasan_save_track+0x20/0x40 [ 34.658869] kasan_save_alloc_info+0x40/0x58 [ 34.658909] __kasan_kmalloc+0xd4/0xd8 [ 34.659050] __kmalloc_cache_noprof+0x16c/0x3c0 [ 34.659210] kasan_bitops_generic+0xa0/0x1c8 [ 34.659380] kunit_try_run_case+0x170/0x3f0 [ 34.659613] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.659771] kthread+0x328/0x630 [ 34.659811] ret_from_fork+0x10/0x20 [ 34.659850] [ 34.659933] The buggy address belongs to the object at fff00000c91b2880 [ 34.659933] which belongs to the cache kmalloc-16 of size 16 [ 34.660041] The buggy address is located 8 bytes inside of [ 34.660041] allocated 9-byte region [fff00000c91b2880, fff00000c91b2889) [ 34.660130] [ 34.660153] The buggy address belongs to the physical page: [ 34.660239] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1091b2 [ 34.660620] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.660791] page_type: f5(slab) [ 34.660866] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 34.660963] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 34.661016] page dumped because: kasan: bad access detected [ 34.661049] [ 34.661107] Memory state around the buggy address: [ 34.661404] fff00000c91b2780: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 34.661514] fff00000c91b2800: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 34.661619] >fff00000c91b2880: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.661673] ^ [ 34.661733] fff00000c91b2900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.661890] fff00000c91b2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.662029] ================================================================== [ 34.690803] ================================================================== [ 34.690864] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 34.691176] Write of size 8 at addr fff00000c91b2888 by task kunit_try_catch/293 [ 34.691470] [ 34.691510] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 34.691762] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 34.691939] Hardware name: linux,dummy-virt (DT) [ 34.692026] Call trace: [ 34.692116] show_stack+0x20/0x38 (C) [ 34.692728] dump_stack_lvl+0x8c/0xd0 [ 34.692940] print_report+0x118/0x5e8 [ 34.693115] kasan_report+0xdc/0x128 [ 34.693602] kasan_check_range+0x100/0x1a8 [ 34.693949] __kasan_check_write+0x20/0x30 [ 34.694062] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 34.694231] kasan_bitops_generic+0x110/0x1c8 [ 34.694808] kunit_try_run_case+0x170/0x3f0 [ 34.695140] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.695205] kthread+0x328/0x630 [ 34.695417] ret_from_fork+0x10/0x20 [ 34.695677] [ 34.695885] Allocated by task 293: [ 34.696112] kasan_save_stack+0x3c/0x68 [ 34.696206] kasan_save_track+0x20/0x40 [ 34.696286] kasan_save_alloc_info+0x40/0x58 [ 34.696465] __kasan_kmalloc+0xd4/0xd8 [ 34.696576] __kmalloc_cache_noprof+0x16c/0x3c0 [ 34.696692] kasan_bitops_generic+0xa0/0x1c8 [ 34.696780] kunit_try_run_case+0x170/0x3f0 [ 34.696915] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.697006] kthread+0x328/0x630 [ 34.697041] ret_from_fork+0x10/0x20 [ 34.697300] [ 34.697469] The buggy address belongs to the object at fff00000c91b2880 [ 34.697469] which belongs to the cache kmalloc-16 of size 16 [ 34.697600] The buggy address is located 8 bytes inside of [ 34.697600] allocated 9-byte region [fff00000c91b2880, fff00000c91b2889) [ 34.697724] [ 34.698141] The buggy address belongs to the physical page: [ 34.698448] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1091b2 [ 34.698573] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.699013] page_type: f5(slab) [ 34.699144] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 34.699249] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 34.699388] page dumped because: kasan: bad access detected [ 34.699510] [ 34.699662] Memory state around the buggy address: [ 34.699916] fff00000c91b2780: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 34.700104] fff00000c91b2800: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 34.700195] >fff00000c91b2880: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.700286] ^ [ 34.700365] fff00000c91b2900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.700519] fff00000c91b2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.700615] ================================================================== [ 34.702323] ================================================================== [ 34.702486] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 34.702562] Read of size 8 at addr fff00000c91b2888 by task kunit_try_catch/293 [ 34.702615] [ 34.702661] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 34.702762] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 34.702804] Hardware name: linux,dummy-virt (DT) [ 34.702837] Call trace: [ 34.702860] show_stack+0x20/0x38 (C) [ 34.702911] dump_stack_lvl+0x8c/0xd0 [ 34.703549] print_report+0x118/0x5e8 [ 34.703628] kasan_report+0xdc/0x128 [ 34.703862] __asan_report_load8_noabort+0x20/0x30 [ 34.704190] kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 34.704327] kasan_bitops_generic+0x110/0x1c8 [ 34.704717] kunit_try_run_case+0x170/0x3f0 [ 34.704860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.704951] kthread+0x328/0x630 [ 34.705333] ret_from_fork+0x10/0x20 [ 34.705516] [ 34.705542] Allocated by task 293: [ 34.705602] kasan_save_stack+0x3c/0x68 [ 34.705981] kasan_save_track+0x20/0x40 [ 34.706182] kasan_save_alloc_info+0x40/0x58 [ 34.706300] __kasan_kmalloc+0xd4/0xd8 [ 34.706405] __kmalloc_cache_noprof+0x16c/0x3c0 [ 34.706456] kasan_bitops_generic+0xa0/0x1c8 [ 34.706737] kunit_try_run_case+0x170/0x3f0 [ 34.706991] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.707242] kthread+0x328/0x630 [ 34.707348] ret_from_fork+0x10/0x20 [ 34.707390] [ 34.707411] The buggy address belongs to the object at fff00000c91b2880 [ 34.707411] which belongs to the cache kmalloc-16 of size 16 [ 34.709769] page dumped because: kasan: bad access detected [ 34.711164] fff00000c91b2900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.713305] [ 34.713814] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 34.714106] Hardware name: linux,dummy-virt (DT) [ 34.714352] Call trace: [ 34.714388] show_stack+0x20/0x38 (C) [ 34.714870] kasan_check_range+0x100/0x1a8 [ 34.715881] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.718689] kunit_try_run_case+0x170/0x3f0 [ 34.718910] [ 34.719538] [ 34.720706] page dumped because: kasan: bad access detected [ 34.724421] Write of size 8 at addr fff00000c91b2888 by task kunit_try_catch/293 [ 34.724767] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 34.724941] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 34.725063] show_stack+0x20/0x38 (C) [ 34.725825] kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 34.726661] [ 34.726858] Allocated by task 293: [ 34.727314] kasan_save_alloc_info+0x40/0x58 [ 34.727991] kunit_try_run_case+0x170/0x3f0 [ 34.728529] kthread+0x328/0x630 [ 34.728955] The buggy address is located 8 bytes inside of [ 34.728955] allocated 9-byte region [fff00000c91b2880, fff00000c91b2889) [ 34.730331] [ 34.730444] fff00000c91b2800: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 34.731050] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 34.731157] [ 34.731198] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 34.731338] Hardware name: linux,dummy-virt (DT) [ 34.732490] kunit_try_run_case+0x170/0x3f0 [ 34.733432] ret_from_fork+0x10/0x20 [ 34.734856] __kasan_kmalloc+0xd4/0xd8 [ 34.736898] The buggy address is located 8 bytes inside of [ 34.736898] allocated 9-byte region [fff00000c91b2880, fff00000c91b2889) [ 34.738144] page dumped because: kasan: bad access detected [ 34.738807] >fff00000c91b2880: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.741614] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 34.742027] [ 34.742062] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 34.742785] Call trace: [ 34.743425] kasan_report+0xdc/0x128 [ 34.743859] kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 34.745699] [ 34.746202] kasan_save_track+0x20/0x40 [ 34.746899] __kmalloc_cache_noprof+0x16c/0x3c0 [ 34.747391] kthread+0x328/0x630 [ 34.747891] The buggy address is located 8 bytes inside of [ 34.747891] allocated 9-byte region [fff00000c91b2880, fff00000c91b2889) [ 34.749914] ^ [ 34.752401] Read of size 8 at addr fff00000c91b2888 by task kunit_try_catch/293 [ 34.752630] [ 34.752706] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 34.753225] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 34.753284] Hardware name: linux,dummy-virt (DT) [ 34.753320] Call trace: [ 34.753408] dump_stack_lvl+0x8c/0xd0 [ 34.753601] kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 34.753825] kthread+0x328/0x630 [ 34.754375] kasan_save_track+0x20/0x40 [ 34.754492] __kmalloc_cache_noprof+0x16c/0x3c0 [ 34.754689] kthread+0x328/0x630 [ 34.754785] The buggy address belongs to the object at fff00000c91b2880 [ 34.754785] which belongs to the cache kmalloc-16 of size 16 [ 34.756105] page_type: f5(slab) [ 34.756324] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 34.757179] fff00000c91b2800: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 34.760652] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc0 [ 34.761306] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 34.762149] kasan_check_range+0x100/0x1a8 [ 34.762577] kasan_bitops_generic+0x11c/0x1c8 [ 34.764061] kthread+0x328/0x630 [ 34.764464] [ 34.764802] kasan_save_track+0x20/0x40 [ 34.765883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.766750] The buggy address is located 8 bytes inside of [ 34.766750] allocated 9-byte region [fff00000c91b2880, fff00000c91b2889) [ 34.768062] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 34.770293] ================================================================== [ 34.684028] ================================================================== [ 34.684092] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 34.684150] Write of size 8 at addr fff00000c91b2888 by task kunit_try_catch/293 [ 34.684232] [ 34.684269] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B W N 6.16.0-rc7-next-20250725 #1 PREEMPT [ 34.684368] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST [ 34.684401] Hardware name: linux,dummy-virt (DT) [ 34.684446] Call trace: [ 34.684471] show_stack+0x20/0x38 (C) [ 34.684528] dump_stack_lvl+0x8c/0xd0 [ 34.684577] print_report+0x118/0x5e8 [ 34.684624] kasan_report+0xdc/0x128 [ 34.684685] kasan_check_range+0x100/0x1a8 [ 34.684733] __kasan_check_write+0x20/0x30 [ 34.684782] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 34.684845] kasan_bitops_generic+0x110/0x1c8 [ 34.684897] kunit_try_run_case+0x170/0x3f0 [ 34.684953] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.685029] kthread+0x328/0x630 [ 34.685073] ret_from_fork+0x10/0x20 [ 34.685120] [ 34.685143] Allocated by task 293: [ 34.685183] kasan_save_stack+0x3c/0x68 [ 34.685225] kasan_save_track+0x20/0x40 [ 34.685263] kasan_save_alloc_info+0x40/0x58 [ 34.685302] __kasan_kmalloc+0xd4/0xd8 [ 34.685337] __kmalloc_cache_noprof+0x16c/0x3c0 [ 34.685380] kasan_bitops_generic+0xa0/0x1c8 [ 34.685422] kunit_try_run_case+0x170/0x3f0 [ 34.685462] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 34.685506] kthread+0x328/0x630 [ 34.685550] ret_from_fork+0x10/0x20 [ 34.685589] [ 34.685610] The buggy address belongs to the object at fff00000c91b2880 [ 34.685610] which belongs to the cache kmalloc-16 of size 16 [ 34.686460] The buggy address is located 8 bytes inside of [ 34.686460] allocated 9-byte region [fff00000c91b2880, fff00000c91b2889) [ 34.686541] [ 34.686567] The buggy address belongs to the physical page: [ 34.686631] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1091b2 [ 34.686884] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 34.687152] page_type: f5(slab) [ 34.687261] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 34.687532] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 34.687765] page dumped because: kasan: bad access detected [ 34.687868] [ 34.687960] Memory state around the buggy address: [ 34.688033] fff00000c91b2780: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 34.688401] fff00000c91b2800: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 34.688586] >fff00000c91b2880: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.688832] ^ [ 34.689147] fff00000c91b2900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.689427] fff00000c91b2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 34.689511] ==================================================================
[ 27.842625] ================================================================== [ 27.843592] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 27.844375] Write of size 8 at addr ffff8881057d7688 by task kunit_try_catch/310 [ 27.844703] [ 27.845109] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 27.845191] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.845205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.845228] Call Trace: [ 27.845242] <TASK> [ 27.845260] dump_stack_lvl+0x73/0xb0 [ 27.845293] print_report+0xd1/0x640 [ 27.845317] ? __virt_addr_valid+0x1db/0x2d0 [ 27.845343] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 27.845369] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.845397] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 27.845424] kasan_report+0x141/0x180 [ 27.845448] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 27.845479] kasan_check_range+0x10c/0x1c0 [ 27.845505] __kasan_check_write+0x18/0x20 [ 27.845530] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 27.845557] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.845585] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.845611] ? trace_hardirqs_on+0x37/0xe0 [ 27.845635] ? kasan_bitops_generic+0x92/0x1c0 [ 27.845665] kasan_bitops_generic+0x116/0x1c0 [ 27.845690] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.845716] ? __pfx_read_tsc+0x10/0x10 [ 27.845741] ? ktime_get_ts64+0x86/0x230 [ 27.845767] kunit_try_run_case+0x1a5/0x480 [ 27.845807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.845831] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.845855] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.845882] ? __kthread_parkme+0x82/0x180 [ 27.845904] ? preempt_count_sub+0x50/0x80 [ 27.845928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.845963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.845989] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.846013] kthread+0x337/0x6f0 [ 27.846034] ? trace_preempt_on+0x20/0xc0 [ 27.846069] ? __pfx_kthread+0x10/0x10 [ 27.846091] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.846116] ? calculate_sigpending+0x7b/0xa0 [ 27.846141] ? __pfx_kthread+0x10/0x10 [ 27.846163] ret_from_fork+0x116/0x1d0 [ 27.846184] ? __pfx_kthread+0x10/0x10 [ 27.846205] ret_from_fork_asm+0x1a/0x30 [ 27.846238] </TASK> [ 27.846251] [ 27.858425] Allocated by task 310: [ 27.858692] kasan_save_stack+0x45/0x70 [ 27.859049] kasan_save_track+0x18/0x40 [ 27.859227] kasan_save_alloc_info+0x3b/0x50 [ 27.859437] __kasan_kmalloc+0xb7/0xc0 [ 27.859614] __kmalloc_cache_noprof+0x189/0x420 [ 27.859829] kasan_bitops_generic+0x92/0x1c0 [ 27.860048] kunit_try_run_case+0x1a5/0x480 [ 27.860734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.861183] kthread+0x337/0x6f0 [ 27.861478] ret_from_fork+0x116/0x1d0 [ 27.861639] ret_from_fork_asm+0x1a/0x30 [ 27.862068] [ 27.862220] The buggy address belongs to the object at ffff8881057d7680 [ 27.862220] which belongs to the cache kmalloc-16 of size 16 [ 27.862993] The buggy address is located 8 bytes inside of [ 27.862993] allocated 9-byte region [ffff8881057d7680, ffff8881057d7689) [ 27.863737] [ 27.863837] The buggy address belongs to the physical page: [ 27.864301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057d7 [ 27.864745] flags: 0x200000000000000(node=0|zone=2) [ 27.865274] page_type: f5(slab) [ 27.865424] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.865769] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.866321] page dumped because: kasan: bad access detected [ 27.866649] [ 27.866734] Memory state around the buggy address: [ 27.867005] ffff8881057d7580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.867611] ffff8881057d7600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.868076] >ffff8881057d7680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.868385] ^ [ 27.868525] ffff8881057d7700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.868828] ffff8881057d7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.869425] ================================================================== [ 27.998941] ================================================================== [ 27.999436] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 27.999754] Write of size 8 at addr ffff8881057d7688 by task kunit_try_catch/310 [ 28.000288] [ 28.000591] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.000701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.000715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.000739] Call Trace: [ 28.000753] <TASK> [ 28.000769] dump_stack_lvl+0x73/0xb0 [ 28.000858] print_report+0xd1/0x640 [ 28.000882] ? __virt_addr_valid+0x1db/0x2d0 [ 28.000907] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 28.000933] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.000973] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 28.001000] kasan_report+0x141/0x180 [ 28.001023] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 28.001054] kasan_check_range+0x10c/0x1c0 [ 28.001079] __kasan_check_write+0x18/0x20 [ 28.001102] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 28.001136] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.001163] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.001188] ? trace_hardirqs_on+0x37/0xe0 [ 28.001210] ? kasan_bitops_generic+0x92/0x1c0 [ 28.001238] kasan_bitops_generic+0x116/0x1c0 [ 28.001263] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.001289] ? __pfx_read_tsc+0x10/0x10 [ 28.001312] ? ktime_get_ts64+0x86/0x230 [ 28.001336] kunit_try_run_case+0x1a5/0x480 [ 28.001361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.001384] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.001407] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.001435] ? __kthread_parkme+0x82/0x180 [ 28.001456] ? preempt_count_sub+0x50/0x80 [ 28.001480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.001505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.001530] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.001554] kthread+0x337/0x6f0 [ 28.001575] ? trace_preempt_on+0x20/0xc0 [ 28.001598] ? __pfx_kthread+0x10/0x10 [ 28.001620] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.001644] ? calculate_sigpending+0x7b/0xa0 [ 28.001668] ? __pfx_kthread+0x10/0x10 [ 28.001691] ret_from_fork+0x116/0x1d0 [ 28.001711] ? __pfx_kthread+0x10/0x10 [ 28.001733] ret_from_fork_asm+0x1a/0x30 [ 28.001764] </TASK> [ 28.001776] [ 28.018451] Allocated by task 310: [ 28.018592] kasan_save_stack+0x45/0x70 [ 28.018740] kasan_save_track+0x18/0x40 [ 28.018880] kasan_save_alloc_info+0x3b/0x50 [ 28.019478] __kasan_kmalloc+0xb7/0xc0 [ 28.019991] __kmalloc_cache_noprof+0x189/0x420 [ 28.020667] kasan_bitops_generic+0x92/0x1c0 [ 28.021191] kunit_try_run_case+0x1a5/0x480 [ 28.021754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.022565] kthread+0x337/0x6f0 [ 28.022814] ret_from_fork+0x116/0x1d0 [ 28.022963] ret_from_fork_asm+0x1a/0x30 [ 28.023490] [ 28.023664] The buggy address belongs to the object at ffff8881057d7680 [ 28.023664] which belongs to the cache kmalloc-16 of size 16 [ 28.025195] The buggy address is located 8 bytes inside of [ 28.025195] allocated 9-byte region [ffff8881057d7680, ffff8881057d7689) [ 28.025581] [ 28.025652] The buggy address belongs to the physical page: [ 28.025837] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057d7 [ 28.026103] flags: 0x200000000000000(node=0|zone=2) [ 28.026270] page_type: f5(slab) [ 28.026475] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.027225] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.027987] page dumped because: kasan: bad access detected [ 28.028510] [ 28.028664] Memory state around the buggy address: [ 28.029115] ffff8881057d7580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.029699] ffff8881057d7600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.030021] >ffff8881057d7680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.030624] ^ [ 28.031138] ffff8881057d7700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.031567] ffff8881057d7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.031837] ================================================================== [ 27.870147] ================================================================== [ 27.870455] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 27.871298] Write of size 8 at addr ffff8881057d7688 by task kunit_try_catch/310 [ 27.871703] [ 27.872020] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 27.872077] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.872091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.872172] Call Trace: [ 27.872194] <TASK> [ 27.872213] dump_stack_lvl+0x73/0xb0 [ 27.872245] print_report+0xd1/0x640 [ 27.872269] ? __virt_addr_valid+0x1db/0x2d0 [ 27.872295] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 27.872321] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.872348] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 27.872375] kasan_report+0x141/0x180 [ 27.872398] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 27.872430] kasan_check_range+0x10c/0x1c0 [ 27.872455] __kasan_check_write+0x18/0x20 [ 27.872480] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 27.872506] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.872535] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.872559] ? trace_hardirqs_on+0x37/0xe0 [ 27.872583] ? kasan_bitops_generic+0x92/0x1c0 [ 27.872611] kasan_bitops_generic+0x116/0x1c0 [ 27.872636] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.872662] ? __pfx_read_tsc+0x10/0x10 [ 27.872686] ? ktime_get_ts64+0x86/0x230 [ 27.872712] kunit_try_run_case+0x1a5/0x480 [ 27.872738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.872762] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.872842] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.872872] ? __kthread_parkme+0x82/0x180 [ 27.872896] ? preempt_count_sub+0x50/0x80 [ 27.872921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.872959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.872983] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.873009] kthread+0x337/0x6f0 [ 27.873031] ? trace_preempt_on+0x20/0xc0 [ 27.873054] ? __pfx_kthread+0x10/0x10 [ 27.873076] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.873102] ? calculate_sigpending+0x7b/0xa0 [ 27.873133] ? __pfx_kthread+0x10/0x10 [ 27.873156] ret_from_fork+0x116/0x1d0 [ 27.873176] ? __pfx_kthread+0x10/0x10 [ 27.873198] ret_from_fork_asm+0x1a/0x30 [ 27.873231] </TASK> [ 27.873243] [ 27.884440] Allocated by task 310: [ 27.884624] kasan_save_stack+0x45/0x70 [ 27.884788] kasan_save_track+0x18/0x40 [ 27.885016] kasan_save_alloc_info+0x3b/0x50 [ 27.885660] __kasan_kmalloc+0xb7/0xc0 [ 27.885880] __kmalloc_cache_noprof+0x189/0x420 [ 27.886282] kasan_bitops_generic+0x92/0x1c0 [ 27.886455] kunit_try_run_case+0x1a5/0x480 [ 27.886733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.887034] kthread+0x337/0x6f0 [ 27.887168] ret_from_fork+0x116/0x1d0 [ 27.887359] ret_from_fork_asm+0x1a/0x30 [ 27.887530] [ 27.887623] The buggy address belongs to the object at ffff8881057d7680 [ 27.887623] which belongs to the cache kmalloc-16 of size 16 [ 27.888600] The buggy address is located 8 bytes inside of [ 27.888600] allocated 9-byte region [ffff8881057d7680, ffff8881057d7689) [ 27.889241] [ 27.889554] The buggy address belongs to the physical page: [ 27.890032] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057d7 [ 27.890477] flags: 0x200000000000000(node=0|zone=2) [ 27.890694] page_type: f5(slab) [ 27.891042] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.891518] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.891878] page dumped because: kasan: bad access detected [ 27.892331] [ 27.892411] Memory state around the buggy address: [ 27.892624] ffff8881057d7580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.893158] ffff8881057d7600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.893541] >ffff8881057d7680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.893903] ^ [ 27.894220] ffff8881057d7700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.894490] ffff8881057d7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.894817] ================================================================== [ 27.895686] ================================================================== [ 27.896001] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 27.896610] Write of size 8 at addr ffff8881057d7688 by task kunit_try_catch/310 [ 27.897284] [ 27.897400] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 27.897450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.897462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.897483] Call Trace: [ 27.897499] <TASK> [ 27.897514] dump_stack_lvl+0x73/0xb0 [ 27.897542] print_report+0xd1/0x640 [ 27.897567] ? __virt_addr_valid+0x1db/0x2d0 [ 27.897591] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 27.897617] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.897645] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 27.897672] kasan_report+0x141/0x180 [ 27.897696] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 27.897727] kasan_check_range+0x10c/0x1c0 [ 27.897752] __kasan_check_write+0x18/0x20 [ 27.897777] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 27.898034] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.898071] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.898097] ? trace_hardirqs_on+0x37/0xe0 [ 27.898120] ? kasan_bitops_generic+0x92/0x1c0 [ 27.898149] kasan_bitops_generic+0x116/0x1c0 [ 27.898174] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.898200] ? __pfx_read_tsc+0x10/0x10 [ 27.898225] ? ktime_get_ts64+0x86/0x230 [ 27.898252] kunit_try_run_case+0x1a5/0x480 [ 27.898278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.898302] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.898326] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.898353] ? __kthread_parkme+0x82/0x180 [ 27.898375] ? preempt_count_sub+0x50/0x80 [ 27.898399] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.898424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.898449] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.898474] kthread+0x337/0x6f0 [ 27.898495] ? trace_preempt_on+0x20/0xc0 [ 27.898519] ? __pfx_kthread+0x10/0x10 [ 27.898541] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.898567] ? calculate_sigpending+0x7b/0xa0 [ 27.898591] ? __pfx_kthread+0x10/0x10 [ 27.898613] ret_from_fork+0x116/0x1d0 [ 27.898634] ? __pfx_kthread+0x10/0x10 [ 27.898655] ret_from_fork_asm+0x1a/0x30 [ 27.898687] </TASK> [ 27.898699] [ 27.909676] Allocated by task 310: [ 27.909808] kasan_save_stack+0x45/0x70 [ 27.910533] kasan_save_track+0x18/0x40 [ 27.910869] kasan_save_alloc_info+0x3b/0x50 [ 27.911053] __kasan_kmalloc+0xb7/0xc0 [ 27.911395] __kmalloc_cache_noprof+0x189/0x420 [ 27.911563] kasan_bitops_generic+0x92/0x1c0 [ 27.911776] kunit_try_run_case+0x1a5/0x480 [ 27.912295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.912526] kthread+0x337/0x6f0 [ 27.912754] ret_from_fork+0x116/0x1d0 [ 27.913080] ret_from_fork_asm+0x1a/0x30 [ 27.913366] [ 27.913445] The buggy address belongs to the object at ffff8881057d7680 [ 27.913445] which belongs to the cache kmalloc-16 of size 16 [ 27.914144] The buggy address is located 8 bytes inside of [ 27.914144] allocated 9-byte region [ffff8881057d7680, ffff8881057d7689) [ 27.914642] [ 27.914726] The buggy address belongs to the physical page: [ 27.914954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057d7 [ 27.915702] flags: 0x200000000000000(node=0|zone=2) [ 27.916093] page_type: f5(slab) [ 27.916230] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.916559] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.916873] page dumped because: kasan: bad access detected [ 27.917127] [ 27.917500] Memory state around the buggy address: [ 27.917700] ffff8881057d7580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.918240] ffff8881057d7600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.918655] >ffff8881057d7680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.919099] ^ [ 27.919233] ffff8881057d7700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.919739] ffff8881057d7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.920294] ================================================================== [ 27.920938] ================================================================== [ 27.921626] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 27.922040] Write of size 8 at addr ffff8881057d7688 by task kunit_try_catch/310 [ 27.922663] [ 27.922755] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 27.922857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.922873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.923034] Call Trace: [ 27.923050] <TASK> [ 27.923067] dump_stack_lvl+0x73/0xb0 [ 27.923097] print_report+0xd1/0x640 [ 27.923120] ? __virt_addr_valid+0x1db/0x2d0 [ 27.923144] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 27.923171] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.923198] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 27.923225] kasan_report+0x141/0x180 [ 27.923249] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 27.923280] kasan_check_range+0x10c/0x1c0 [ 27.923305] __kasan_check_write+0x18/0x20 [ 27.923330] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 27.923356] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.923384] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.923410] ? trace_hardirqs_on+0x37/0xe0 [ 27.923433] ? kasan_bitops_generic+0x92/0x1c0 [ 27.923461] kasan_bitops_generic+0x116/0x1c0 [ 27.923486] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.923512] ? __pfx_read_tsc+0x10/0x10 [ 27.923534] ? ktime_get_ts64+0x86/0x230 [ 27.923560] kunit_try_run_case+0x1a5/0x480 [ 27.923585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.923609] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.923632] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.923660] ? __kthread_parkme+0x82/0x180 [ 27.923681] ? preempt_count_sub+0x50/0x80 [ 27.923706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.923731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.923756] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.923794] kthread+0x337/0x6f0 [ 27.923816] ? trace_preempt_on+0x20/0xc0 [ 27.923840] ? __pfx_kthread+0x10/0x10 [ 27.923862] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.923887] ? calculate_sigpending+0x7b/0xa0 [ 27.923911] ? __pfx_kthread+0x10/0x10 [ 27.923934] ret_from_fork+0x116/0x1d0 [ 27.923964] ? __pfx_kthread+0x10/0x10 [ 27.923985] ret_from_fork_asm+0x1a/0x30 [ 27.924017] </TASK> [ 27.924028] [ 27.935609] Allocated by task 310: [ 27.935976] kasan_save_stack+0x45/0x70 [ 27.936135] kasan_save_track+0x18/0x40 [ 27.936475] kasan_save_alloc_info+0x3b/0x50 [ 27.936693] __kasan_kmalloc+0xb7/0xc0 [ 27.936868] __kmalloc_cache_noprof+0x189/0x420 [ 27.937425] kasan_bitops_generic+0x92/0x1c0 [ 27.937602] kunit_try_run_case+0x1a5/0x480 [ 27.938017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.938328] kthread+0x337/0x6f0 [ 27.938572] ret_from_fork+0x116/0x1d0 [ 27.938732] ret_from_fork_asm+0x1a/0x30 [ 27.939149] [ 27.939227] The buggy address belongs to the object at ffff8881057d7680 [ 27.939227] which belongs to the cache kmalloc-16 of size 16 [ 27.939774] The buggy address is located 8 bytes inside of [ 27.939774] allocated 9-byte region [ffff8881057d7680, ffff8881057d7689) [ 27.940545] [ 27.940747] The buggy address belongs to the physical page: [ 27.941114] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057d7 [ 27.941469] flags: 0x200000000000000(node=0|zone=2) [ 27.941685] page_type: f5(slab) [ 27.942211] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.942527] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.943049] page dumped because: kasan: bad access detected [ 27.943405] [ 27.943479] Memory state around the buggy address: [ 27.943678] ffff8881057d7580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.944362] ffff8881057d7600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.944658] >ffff8881057d7680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.945153] ^ [ 27.945326] ffff8881057d7700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.945621] ffff8881057d7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.946244] ================================================================== [ 28.032912] ================================================================== [ 28.033782] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 28.034801] Write of size 8 at addr ffff8881057d7688 by task kunit_try_catch/310 [ 28.035409] [ 28.035502] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 28.035551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.035564] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.035584] Call Trace: [ 28.035597] <TASK> [ 28.035615] dump_stack_lvl+0x73/0xb0 [ 28.035643] print_report+0xd1/0x640 [ 28.035666] ? __virt_addr_valid+0x1db/0x2d0 [ 28.035692] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 28.035719] ? kasan_complete_mode_report_info+0x2a/0x200 [ 28.035745] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 28.035772] kasan_report+0x141/0x180 [ 28.035857] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 28.035891] kasan_check_range+0x10c/0x1c0 [ 28.035915] __kasan_check_write+0x18/0x20 [ 28.035940] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 28.035981] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 28.036009] ? __kmalloc_cache_noprof+0x189/0x420 [ 28.036035] ? trace_hardirqs_on+0x37/0xe0 [ 28.036059] ? kasan_bitops_generic+0x92/0x1c0 [ 28.036088] kasan_bitops_generic+0x116/0x1c0 [ 28.036112] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 28.036138] ? __pfx_read_tsc+0x10/0x10 [ 28.036160] ? ktime_get_ts64+0x86/0x230 [ 28.036196] kunit_try_run_case+0x1a5/0x480 [ 28.036221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.036245] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 28.036268] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 28.036295] ? __kthread_parkme+0x82/0x180 [ 28.036317] ? preempt_count_sub+0x50/0x80 [ 28.036341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 28.036366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.036391] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 28.036416] kthread+0x337/0x6f0 [ 28.036437] ? trace_preempt_on+0x20/0xc0 [ 28.036461] ? __pfx_kthread+0x10/0x10 [ 28.036483] ? _raw_spin_unlock_irq+0x47/0x80 [ 28.036509] ? calculate_sigpending+0x7b/0xa0 [ 28.036534] ? __pfx_kthread+0x10/0x10 [ 28.036556] ret_from_fork+0x116/0x1d0 [ 28.036577] ? __pfx_kthread+0x10/0x10 [ 28.036599] ret_from_fork_asm+0x1a/0x30 [ 28.036632] </TASK> [ 28.036643] [ 28.051637] Allocated by task 310: [ 28.051770] kasan_save_stack+0x45/0x70 [ 28.052178] kasan_save_track+0x18/0x40 [ 28.052517] kasan_save_alloc_info+0x3b/0x50 [ 28.052895] __kasan_kmalloc+0xb7/0xc0 [ 28.053256] __kmalloc_cache_noprof+0x189/0x420 [ 28.053955] kasan_bitops_generic+0x92/0x1c0 [ 28.054462] kunit_try_run_case+0x1a5/0x480 [ 28.054844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.055448] kthread+0x337/0x6f0 [ 28.055816] ret_from_fork+0x116/0x1d0 [ 28.056262] ret_from_fork_asm+0x1a/0x30 [ 28.056456] [ 28.056524] The buggy address belongs to the object at ffff8881057d7680 [ 28.056524] which belongs to the cache kmalloc-16 of size 16 [ 28.057118] The buggy address is located 8 bytes inside of [ 28.057118] allocated 9-byte region [ffff8881057d7680, ffff8881057d7689) [ 28.058348] [ 28.058680] The buggy address belongs to the physical page: [ 28.059276] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057d7 [ 28.060090] flags: 0x200000000000000(node=0|zone=2) [ 28.060266] page_type: f5(slab) [ 28.060389] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 28.060627] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 28.060858] page dumped because: kasan: bad access detected [ 28.061226] [ 28.061395] Memory state around the buggy address: [ 28.061810] ffff8881057d7580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.062548] ffff8881057d7600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 28.063267] >ffff8881057d7680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.064163] ^ [ 28.064496] ffff8881057d7700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.065171] ffff8881057d7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.065874] ================================================================== [ 27.973107] ================================================================== [ 27.973516] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 27.974201] Write of size 8 at addr ffff8881057d7688 by task kunit_try_catch/310 [ 27.974499] [ 27.974607] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 27.974653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.974665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.974685] Call Trace: [ 27.974700] <TASK> [ 27.974716] dump_stack_lvl+0x73/0xb0 [ 27.974742] print_report+0xd1/0x640 [ 27.974766] ? __virt_addr_valid+0x1db/0x2d0 [ 27.975031] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 27.975084] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.975113] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 27.975141] kasan_report+0x141/0x180 [ 27.975166] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 27.975197] kasan_check_range+0x10c/0x1c0 [ 27.975223] __kasan_check_write+0x18/0x20 [ 27.975247] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 27.975274] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.975301] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.975325] ? trace_hardirqs_on+0x37/0xe0 [ 27.975348] ? kasan_bitops_generic+0x92/0x1c0 [ 27.975376] kasan_bitops_generic+0x116/0x1c0 [ 27.975401] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.975429] ? __pfx_read_tsc+0x10/0x10 [ 27.975451] ? ktime_get_ts64+0x86/0x230 [ 27.975478] kunit_try_run_case+0x1a5/0x480 [ 27.975502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.975527] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.975549] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.975576] ? __kthread_parkme+0x82/0x180 [ 27.975597] ? preempt_count_sub+0x50/0x80 [ 27.975622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.975647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.975672] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.975698] kthread+0x337/0x6f0 [ 27.975718] ? trace_preempt_on+0x20/0xc0 [ 27.975741] ? __pfx_kthread+0x10/0x10 [ 27.975763] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.975839] ? calculate_sigpending+0x7b/0xa0 [ 27.975865] ? __pfx_kthread+0x10/0x10 [ 27.975889] ret_from_fork+0x116/0x1d0 [ 27.975909] ? __pfx_kthread+0x10/0x10 [ 27.975931] ret_from_fork_asm+0x1a/0x30 [ 27.975974] </TASK> [ 27.975986] [ 27.987410] Allocated by task 310: [ 27.987589] kasan_save_stack+0x45/0x70 [ 27.988064] kasan_save_track+0x18/0x40 [ 27.988247] kasan_save_alloc_info+0x3b/0x50 [ 27.988446] __kasan_kmalloc+0xb7/0xc0 [ 27.988617] __kmalloc_cache_noprof+0x189/0x420 [ 27.988814] kasan_bitops_generic+0x92/0x1c0 [ 27.989334] kunit_try_run_case+0x1a5/0x480 [ 27.989496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.989827] kthread+0x337/0x6f0 [ 27.990218] ret_from_fork+0x116/0x1d0 [ 27.990408] ret_from_fork_asm+0x1a/0x30 [ 27.990584] [ 27.990666] The buggy address belongs to the object at ffff8881057d7680 [ 27.990666] which belongs to the cache kmalloc-16 of size 16 [ 27.991461] The buggy address is located 8 bytes inside of [ 27.991461] allocated 9-byte region [ffff8881057d7680, ffff8881057d7689) [ 27.992236] [ 27.992317] The buggy address belongs to the physical page: [ 27.992585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057d7 [ 27.993282] flags: 0x200000000000000(node=0|zone=2) [ 27.993474] page_type: f5(slab) [ 27.993649] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.994044] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.994600] page dumped because: kasan: bad access detected [ 27.994833] [ 27.994993] Memory state around the buggy address: [ 27.995188] ffff8881057d7580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.995493] ffff8881057d7600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.996123] >ffff8881057d7680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.996423] ^ [ 27.996591] ffff8881057d7700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.997088] ffff8881057d7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.997401] ================================================================== [ 27.946848] ================================================================== [ 27.947736] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 27.948298] Write of size 8 at addr ffff8881057d7688 by task kunit_try_catch/310 [ 27.948625] [ 27.948728] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) [ 27.948777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.948789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.948810] Call Trace: [ 27.948825] <TASK> [ 27.948840] dump_stack_lvl+0x73/0xb0 [ 27.948869] print_report+0xd1/0x640 [ 27.948893] ? __virt_addr_valid+0x1db/0x2d0 [ 27.949268] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 27.949297] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.949324] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 27.949351] kasan_report+0x141/0x180 [ 27.949375] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 27.949409] kasan_check_range+0x10c/0x1c0 [ 27.949434] __kasan_check_write+0x18/0x20 [ 27.949458] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 27.949486] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 27.949514] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.949539] ? trace_hardirqs_on+0x37/0xe0 [ 27.949562] ? kasan_bitops_generic+0x92/0x1c0 [ 27.949591] kasan_bitops_generic+0x116/0x1c0 [ 27.949616] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.949642] ? __pfx_read_tsc+0x10/0x10 [ 27.949665] ? ktime_get_ts64+0x86/0x230 [ 27.949690] kunit_try_run_case+0x1a5/0x480 [ 27.949716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.949740] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.949763] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.949837] ? __kthread_parkme+0x82/0x180 [ 27.949859] ? preempt_count_sub+0x50/0x80 [ 27.949885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.949909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.949935] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.949971] kthread+0x337/0x6f0 [ 27.949992] ? trace_preempt_on+0x20/0xc0 [ 27.950015] ? __pfx_kthread+0x10/0x10 [ 27.950036] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.950073] ? calculate_sigpending+0x7b/0xa0 [ 27.950098] ? __pfx_kthread+0x10/0x10 [ 27.950122] ret_from_fork+0x116/0x1d0 [ 27.950142] ? __pfx_kthread+0x10/0x10 [ 27.950164] ret_from_fork_asm+0x1a/0x30 [ 27.950196] </TASK> [ 27.950208] [ 27.961576] Allocated by task 310: [ 27.961742] kasan_save_stack+0x45/0x70 [ 27.961913] kasan_save_track+0x18/0x40 [ 27.962555] kasan_save_alloc_info+0x3b/0x50 [ 27.962742] __kasan_kmalloc+0xb7/0xc0 [ 27.962966] __kmalloc_cache_noprof+0x189/0x420 [ 27.963725] kasan_bitops_generic+0x92/0x1c0 [ 27.964050] kunit_try_run_case+0x1a5/0x480 [ 27.964233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.964489] kthread+0x337/0x6f0 [ 27.964639] ret_from_fork+0x116/0x1d0 [ 27.964817] ret_from_fork_asm+0x1a/0x30 [ 27.964996] [ 27.965063] The buggy address belongs to the object at ffff8881057d7680 [ 27.965063] which belongs to the cache kmalloc-16 of size 16 [ 27.965987] The buggy address is located 8 bytes inside of [ 27.965987] allocated 9-byte region [ffff8881057d7680, ffff8881057d7689) [ 27.966677] [ 27.966940] The buggy address belongs to the physical page: [ 27.967456] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057d7 [ 27.967903] flags: 0x200000000000000(node=0|zone=2) [ 27.968338] page_type: f5(slab) [ 27.968491] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.969028] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.969312] page dumped because: kasan: bad access detected [ 27.969565] [ 27.969659] Memory state around the buggy address: [ 27.969862] ffff8881057d7580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.970512] ffff8881057d7600: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.970773] >ffff8881057d7680: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.971329] ^ [ 27.971479] ffff8881057d7700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.972122] ffff8881057d7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.972475] ==================================================================