Date
June 19, 2025, 12:07 p.m.
| Environment | |
|---|---|
| qemu-x86_64 |
[ 30.047993] ================================================================== [ 30.048665] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 30.049514] Read of size 8 at addr ffff888101892c28 by task kunit_try_catch/290 [ 30.049995] [ 30.050453] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250619 #1 PREEMPT(voluntary) [ 30.050596] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.050626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.050670] Call Trace: [ 30.050716] <TASK> [ 30.050759] dump_stack_lvl+0x73/0xb0 [ 30.050853] print_report+0xd1/0x650 [ 30.050902] ? __virt_addr_valid+0x1db/0x2d0 [ 30.050954] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 30.051011] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.051059] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 30.051127] kasan_report+0x141/0x180 [ 30.051178] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 30.051544] __asan_report_load8_noabort+0x18/0x20 [ 30.051636] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 30.051696] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 30.051755] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.052052] ? trace_hardirqs_on+0x37/0xe0 [ 30.052109] ? kasan_bitops_generic+0x92/0x1c0 [ 30.052158] kasan_bitops_generic+0x121/0x1c0 [ 30.052188] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 30.052216] ? __pfx_read_tsc+0x10/0x10 [ 30.052241] ? ktime_get_ts64+0x86/0x230 [ 30.052269] kunit_try_run_case+0x1a5/0x480 [ 30.052298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.052323] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.052349] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.052374] ? __kthread_parkme+0x82/0x180 [ 30.052397] ? preempt_count_sub+0x50/0x80 [ 30.052423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.052449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.052475] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.052500] kthread+0x337/0x6f0 [ 30.052522] ? trace_preempt_on+0x20/0xc0 [ 30.052546] ? __pfx_kthread+0x10/0x10 [ 30.052569] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.052593] ? calculate_sigpending+0x7b/0xa0 [ 30.052620] ? __pfx_kthread+0x10/0x10 [ 30.052644] ret_from_fork+0x116/0x1d0 [ 30.052665] ? __pfx_kthread+0x10/0x10 [ 30.052688] ret_from_fork_asm+0x1a/0x30 [ 30.052723] </TASK> [ 30.052737] [ 30.066155] Allocated by task 290: [ 30.066475] kasan_save_stack+0x45/0x70 [ 30.066796] kasan_save_track+0x18/0x40 [ 30.067081] kasan_save_alloc_info+0x3b/0x50 [ 30.067594] __kasan_kmalloc+0xb7/0xc0 [ 30.067812] __kmalloc_cache_noprof+0x189/0x420 [ 30.068254] kasan_bitops_generic+0x92/0x1c0 [ 30.068622] kunit_try_run_case+0x1a5/0x480 [ 30.069527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.070008] kthread+0x337/0x6f0 [ 30.070216] ret_from_fork+0x116/0x1d0 [ 30.070546] ret_from_fork_asm+0x1a/0x30 [ 30.071208] [ 30.071345] The buggy address belongs to the object at ffff888101892c20 [ 30.071345] which belongs to the cache kmalloc-16 of size 16 [ 30.072419] The buggy address is located 8 bytes inside of [ 30.072419] allocated 9-byte region [ffff888101892c20, ffff888101892c29) [ 30.072866] [ 30.072980] The buggy address belongs to the physical page: [ 30.073323] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 30.073942] flags: 0x200000000000000(node=0|zone=2) [ 30.074742] page_type: f5(slab) [ 30.075475] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 30.076274] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 30.076585] page dumped because: kasan: bad access detected [ 30.077282] [ 30.077480] Memory state around the buggy address: [ 30.077884] ffff888101892b00: 00 00 fc fc 00 04 fc fc 00 04 fc fc 00 00 fc fc [ 30.078676] ffff888101892b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 30.079194] >ffff888101892c00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 30.079515] ^ [ 30.079759] ffff888101892c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.080358] ffff888101892d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.081191] ================================================================== [ 29.867755] ================================================================== [ 29.868424] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 29.869191] Write of size 8 at addr ffff888101892c28 by task kunit_try_catch/290 [ 29.869721] [ 29.869918] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250619 #1 PREEMPT(voluntary) [ 29.870029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.870059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.870115] Call Trace: [ 29.870161] <TASK> [ 29.870206] dump_stack_lvl+0x73/0xb0 [ 29.870278] print_report+0xd1/0x650 [ 29.870332] ? __virt_addr_valid+0x1db/0x2d0 [ 29.870385] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 29.870441] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.870488] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 29.870533] kasan_report+0x141/0x180 [ 29.870573] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 29.870632] kasan_check_range+0x10c/0x1c0 [ 29.870681] __kasan_check_write+0x18/0x20 [ 29.870731] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 29.870792] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.870856] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.870909] ? trace_hardirqs_on+0x37/0xe0 [ 29.870949] ? kasan_bitops_generic+0x92/0x1c0 [ 29.870999] kasan_bitops_generic+0x121/0x1c0 [ 29.871048] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.871096] ? __pfx_read_tsc+0x10/0x10 [ 29.871848] ? ktime_get_ts64+0x86/0x230 [ 29.871915] kunit_try_run_case+0x1a5/0x480 [ 29.871967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.872175] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.872235] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.872291] ? __kthread_parkme+0x82/0x180 [ 29.872339] ? preempt_count_sub+0x50/0x80 [ 29.872378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.872405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.872433] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.872459] kthread+0x337/0x6f0 [ 29.872482] ? trace_preempt_on+0x20/0xc0 [ 29.872508] ? __pfx_kthread+0x10/0x10 [ 29.872531] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.872556] ? calculate_sigpending+0x7b/0xa0 [ 29.872584] ? __pfx_kthread+0x10/0x10 [ 29.872607] ret_from_fork+0x116/0x1d0 [ 29.872629] ? __pfx_kthread+0x10/0x10 [ 29.872652] ret_from_fork_asm+0x1a/0x30 [ 29.872685] </TASK> [ 29.872699] [ 29.880749] Allocated by task 290: [ 29.881326] kasan_save_stack+0x45/0x70 [ 29.881744] kasan_save_track+0x18/0x40 [ 29.882393] kasan_save_alloc_info+0x3b/0x50 [ 29.882762] __kasan_kmalloc+0xb7/0xc0 [ 29.883110] __kmalloc_cache_noprof+0x189/0x420 [ 29.884155] kasan_bitops_generic+0x92/0x1c0 [ 29.884609] kunit_try_run_case+0x1a5/0x480 [ 29.884986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.885668] kthread+0x337/0x6f0 [ 29.885992] ret_from_fork+0x116/0x1d0 [ 29.886595] ret_from_fork_asm+0x1a/0x30 [ 29.887664] [ 29.887869] The buggy address belongs to the object at ffff888101892c20 [ 29.887869] which belongs to the cache kmalloc-16 of size 16 [ 29.888321] The buggy address is located 8 bytes inside of [ 29.888321] allocated 9-byte region [ffff888101892c20, ffff888101892c29) [ 29.889294] [ 29.889534] The buggy address belongs to the physical page: [ 29.889960] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 29.890771] flags: 0x200000000000000(node=0|zone=2) [ 29.891249] page_type: f5(slab) [ 29.891927] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.892537] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.893445] page dumped because: kasan: bad access detected [ 29.893701] [ 29.893838] Memory state around the buggy address: [ 29.894229] ffff888101892b00: 00 00 fc fc 00 04 fc fc 00 04 fc fc 00 00 fc fc [ 29.895606] ffff888101892b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.896485] >ffff888101892c00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 29.896942] ^ [ 29.897500] ffff888101892c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.897932] ffff888101892d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.898696] ================================================================== [ 29.900751] ================================================================== [ 29.901792] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 29.902480] Write of size 8 at addr ffff888101892c28 by task kunit_try_catch/290 [ 29.903560] [ 29.903770] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250619 #1 PREEMPT(voluntary) [ 29.903884] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.903958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.904255] Call Trace: [ 29.904327] <TASK> [ 29.904372] dump_stack_lvl+0x73/0xb0 [ 29.904455] print_report+0xd1/0x650 [ 29.904505] ? __virt_addr_valid+0x1db/0x2d0 [ 29.904550] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 29.904595] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.904623] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 29.904654] kasan_report+0x141/0x180 [ 29.904678] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 29.904712] kasan_check_range+0x10c/0x1c0 [ 29.904738] __kasan_check_write+0x18/0x20 [ 29.904762] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 29.904792] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.904823] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.904850] ? trace_hardirqs_on+0x37/0xe0 [ 29.904875] ? kasan_bitops_generic+0x92/0x1c0 [ 29.904927] kasan_bitops_generic+0x121/0x1c0 [ 29.904977] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.905052] ? __pfx_read_tsc+0x10/0x10 [ 29.905093] ? ktime_get_ts64+0x86/0x230 [ 29.905153] kunit_try_run_case+0x1a5/0x480 [ 29.905192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.905217] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.905244] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.905270] ? __kthread_parkme+0x82/0x180 [ 29.905294] ? preempt_count_sub+0x50/0x80 [ 29.905320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.905346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.905372] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.905398] kthread+0x337/0x6f0 [ 29.905421] ? trace_preempt_on+0x20/0xc0 [ 29.905446] ? __pfx_kthread+0x10/0x10 [ 29.905470] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.905493] ? calculate_sigpending+0x7b/0xa0 [ 29.905520] ? __pfx_kthread+0x10/0x10 [ 29.905543] ret_from_fork+0x116/0x1d0 [ 29.905565] ? __pfx_kthread+0x10/0x10 [ 29.905588] ret_from_fork_asm+0x1a/0x30 [ 29.905623] </TASK> [ 29.905636] [ 29.921710] Allocated by task 290: [ 29.922401] kasan_save_stack+0x45/0x70 [ 29.922769] kasan_save_track+0x18/0x40 [ 29.923063] kasan_save_alloc_info+0x3b/0x50 [ 29.923506] __kasan_kmalloc+0xb7/0xc0 [ 29.923819] __kmalloc_cache_noprof+0x189/0x420 [ 29.924350] kasan_bitops_generic+0x92/0x1c0 [ 29.924673] kunit_try_run_case+0x1a5/0x480 [ 29.925047] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.925432] kthread+0x337/0x6f0 [ 29.925663] ret_from_fork+0x116/0x1d0 [ 29.925911] ret_from_fork_asm+0x1a/0x30 [ 29.927067] [ 29.927225] The buggy address belongs to the object at ffff888101892c20 [ 29.927225] which belongs to the cache kmalloc-16 of size 16 [ 29.927459] The buggy address is located 8 bytes inside of [ 29.927459] allocated 9-byte region [ffff888101892c20, ffff888101892c29) [ 29.927670] [ 29.927721] The buggy address belongs to the physical page: [ 29.927828] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 29.929468] flags: 0x200000000000000(node=0|zone=2) [ 29.929910] page_type: f5(slab) [ 29.930585] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.931506] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.932145] page dumped because: kasan: bad access detected [ 29.932549] [ 29.932719] Memory state around the buggy address: [ 29.933204] ffff888101892b00: 00 00 fc fc 00 04 fc fc 00 04 fc fc 00 00 fc fc [ 29.933600] ffff888101892b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.933889] >ffff888101892c00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 29.934455] ^ [ 29.934655] ffff888101892c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.935802] ffff888101892d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.936370] ================================================================== [ 29.798397] ================================================================== [ 29.798826] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 29.800013] Write of size 8 at addr ffff888101892c28 by task kunit_try_catch/290 [ 29.800915] [ 29.801161] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250619 #1 PREEMPT(voluntary) [ 29.801272] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.801300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.801350] Call Trace: [ 29.801382] <TASK> [ 29.801432] dump_stack_lvl+0x73/0xb0 [ 29.801534] print_report+0xd1/0x650 [ 29.801596] ? __virt_addr_valid+0x1db/0x2d0 [ 29.801812] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 29.801853] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.801884] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 29.801924] kasan_report+0x141/0x180 [ 29.801989] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 29.802041] kasan_check_range+0x10c/0x1c0 [ 29.802069] __kasan_check_write+0x18/0x20 [ 29.802095] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 29.802149] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.802184] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.802212] ? trace_hardirqs_on+0x37/0xe0 [ 29.802239] ? kasan_bitops_generic+0x92/0x1c0 [ 29.802268] kasan_bitops_generic+0x121/0x1c0 [ 29.802295] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.802322] ? __pfx_read_tsc+0x10/0x10 [ 29.802347] ? ktime_get_ts64+0x86/0x230 [ 29.802376] kunit_try_run_case+0x1a5/0x480 [ 29.802406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.802432] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.802459] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.802485] ? __kthread_parkme+0x82/0x180 [ 29.802508] ? preempt_count_sub+0x50/0x80 [ 29.802535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.802561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.802588] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.802614] kthread+0x337/0x6f0 [ 29.802636] ? trace_preempt_on+0x20/0xc0 [ 29.802660] ? __pfx_kthread+0x10/0x10 [ 29.802683] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.802707] ? calculate_sigpending+0x7b/0xa0 [ 29.802734] ? __pfx_kthread+0x10/0x10 [ 29.802759] ret_from_fork+0x116/0x1d0 [ 29.802780] ? __pfx_kthread+0x10/0x10 [ 29.802804] ret_from_fork_asm+0x1a/0x30 [ 29.802838] </TASK> [ 29.802852] [ 29.818354] Allocated by task 290: [ 29.818733] kasan_save_stack+0x45/0x70 [ 29.819194] kasan_save_track+0x18/0x40 [ 29.819542] kasan_save_alloc_info+0x3b/0x50 [ 29.819889] __kasan_kmalloc+0xb7/0xc0 [ 29.820327] __kmalloc_cache_noprof+0x189/0x420 [ 29.820726] kasan_bitops_generic+0x92/0x1c0 [ 29.821184] kunit_try_run_case+0x1a5/0x480 [ 29.821356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.821525] kthread+0x337/0x6f0 [ 29.821662] ret_from_fork+0x116/0x1d0 [ 29.821810] ret_from_fork_asm+0x1a/0x30 [ 29.821988] [ 29.822090] The buggy address belongs to the object at ffff888101892c20 [ 29.822090] which belongs to the cache kmalloc-16 of size 16 [ 29.822942] The buggy address is located 8 bytes inside of [ 29.822942] allocated 9-byte region [ffff888101892c20, ffff888101892c29) [ 29.823781] [ 29.823934] The buggy address belongs to the physical page: [ 29.824662] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 29.825719] flags: 0x200000000000000(node=0|zone=2) [ 29.826333] page_type: f5(slab) [ 29.826627] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.827237] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.827626] page dumped because: kasan: bad access detected [ 29.828329] [ 29.828483] Memory state around the buggy address: [ 29.828803] ffff888101892b00: 00 00 fc fc 00 04 fc fc 00 04 fc fc 00 00 fc fc [ 29.829830] ffff888101892b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.830781] >ffff888101892c00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 29.831547] ^ [ 29.831831] ffff888101892c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.832432] ffff888101892d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.832787] ================================================================== [ 29.937274] ================================================================== [ 29.937803] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 29.938608] Write of size 8 at addr ffff888101892c28 by task kunit_try_catch/290 [ 29.939473] [ 29.939698] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250619 #1 PREEMPT(voluntary) [ 29.939808] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.939836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.939883] Call Trace: [ 29.939924] <TASK> [ 29.939963] dump_stack_lvl+0x73/0xb0 [ 29.940037] print_report+0xd1/0x650 [ 29.940086] ? __virt_addr_valid+0x1db/0x2d0 [ 29.940160] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 29.940216] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.940271] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 29.940331] kasan_report+0x141/0x180 [ 29.940380] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 29.941082] kasan_check_range+0x10c/0x1c0 [ 29.941149] __kasan_check_write+0x18/0x20 [ 29.941193] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 29.941238] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.941271] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.941298] ? trace_hardirqs_on+0x37/0xe0 [ 29.941324] ? kasan_bitops_generic+0x92/0x1c0 [ 29.941353] kasan_bitops_generic+0x121/0x1c0 [ 29.941379] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.941406] ? __pfx_read_tsc+0x10/0x10 [ 29.941431] ? ktime_get_ts64+0x86/0x230 [ 29.941459] kunit_try_run_case+0x1a5/0x480 [ 29.941486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.941511] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.941537] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.941563] ? __kthread_parkme+0x82/0x180 [ 29.941586] ? preempt_count_sub+0x50/0x80 [ 29.941612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.941638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.941664] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.941689] kthread+0x337/0x6f0 [ 29.941711] ? trace_preempt_on+0x20/0xc0 [ 29.941735] ? __pfx_kthread+0x10/0x10 [ 29.941758] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.941782] ? calculate_sigpending+0x7b/0xa0 [ 29.941809] ? __pfx_kthread+0x10/0x10 [ 29.941832] ret_from_fork+0x116/0x1d0 [ 29.941854] ? __pfx_kthread+0x10/0x10 [ 29.941877] ret_from_fork_asm+0x1a/0x30 [ 29.941922] </TASK> [ 29.941943] [ 29.957586] Allocated by task 290: [ 29.957857] kasan_save_stack+0x45/0x70 [ 29.958907] kasan_save_track+0x18/0x40 [ 29.959708] kasan_save_alloc_info+0x3b/0x50 [ 29.960088] __kasan_kmalloc+0xb7/0xc0 [ 29.960547] __kmalloc_cache_noprof+0x189/0x420 [ 29.961197] kasan_bitops_generic+0x92/0x1c0 [ 29.961927] kunit_try_run_case+0x1a5/0x480 [ 29.962133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.962410] kthread+0x337/0x6f0 [ 29.963153] ret_from_fork+0x116/0x1d0 [ 29.963392] ret_from_fork_asm+0x1a/0x30 [ 29.963643] [ 29.963755] The buggy address belongs to the object at ffff888101892c20 [ 29.963755] which belongs to the cache kmalloc-16 of size 16 [ 29.964889] The buggy address is located 8 bytes inside of [ 29.964889] allocated 9-byte region [ffff888101892c20, ffff888101892c29) [ 29.965844] [ 29.965949] The buggy address belongs to the physical page: [ 29.966205] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 29.966465] flags: 0x200000000000000(node=0|zone=2) [ 29.966646] page_type: f5(slab) [ 29.966789] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.967029] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.968757] page dumped because: kasan: bad access detected [ 29.969583] [ 29.969756] Memory state around the buggy address: [ 29.969981] ffff888101892b00: 00 00 fc fc 00 04 fc fc 00 04 fc fc 00 00 fc fc [ 29.970311] ffff888101892b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.970544] >ffff888101892c00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 29.970768] ^ [ 29.970927] ffff888101892c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.971975] ffff888101892d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.972451] ================================================================== [ 29.974662] ================================================================== [ 29.975762] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 29.976703] Write of size 8 at addr ffff888101892c28 by task kunit_try_catch/290 [ 29.977308] [ 29.977985] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250619 #1 PREEMPT(voluntary) [ 29.978269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.978288] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.978316] Call Trace: [ 29.978357] <TASK> [ 29.978398] dump_stack_lvl+0x73/0xb0 [ 29.978459] print_report+0xd1/0x650 [ 29.978486] ? __virt_addr_valid+0x1db/0x2d0 [ 29.978513] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 29.978544] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.978574] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 29.978604] kasan_report+0x141/0x180 [ 29.978627] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 29.978663] kasan_check_range+0x10c/0x1c0 [ 29.978689] __kasan_check_write+0x18/0x20 [ 29.978715] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 29.978745] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.978776] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.978803] ? trace_hardirqs_on+0x37/0xe0 [ 29.978827] ? kasan_bitops_generic+0x92/0x1c0 [ 29.978857] kasan_bitops_generic+0x121/0x1c0 [ 29.978884] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.978921] ? __pfx_read_tsc+0x10/0x10 [ 29.978952] ? ktime_get_ts64+0x86/0x230 [ 29.979215] kunit_try_run_case+0x1a5/0x480 [ 29.979258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.979286] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.979314] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.979340] ? __kthread_parkme+0x82/0x180 [ 29.979364] ? preempt_count_sub+0x50/0x80 [ 29.979391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.979417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.979444] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.979470] kthread+0x337/0x6f0 [ 29.979492] ? trace_preempt_on+0x20/0xc0 [ 29.979518] ? __pfx_kthread+0x10/0x10 [ 29.979542] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.979565] ? calculate_sigpending+0x7b/0xa0 [ 29.979592] ? __pfx_kthread+0x10/0x10 [ 29.979616] ret_from_fork+0x116/0x1d0 [ 29.979637] ? __pfx_kthread+0x10/0x10 [ 29.979660] ret_from_fork_asm+0x1a/0x30 [ 29.979695] </TASK> [ 29.979708] [ 29.995556] Allocated by task 290: [ 29.995902] kasan_save_stack+0x45/0x70 [ 29.996510] kasan_save_track+0x18/0x40 [ 29.996743] kasan_save_alloc_info+0x3b/0x50 [ 29.997172] __kasan_kmalloc+0xb7/0xc0 [ 29.998454] __kmalloc_cache_noprof+0x189/0x420 [ 29.998640] kasan_bitops_generic+0x92/0x1c0 [ 29.998891] kunit_try_run_case+0x1a5/0x480 [ 29.999333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.000361] kthread+0x337/0x6f0 [ 30.000530] ret_from_fork+0x116/0x1d0 [ 30.001601] ret_from_fork_asm+0x1a/0x30 [ 30.001855] [ 30.002356] The buggy address belongs to the object at ffff888101892c20 [ 30.002356] which belongs to the cache kmalloc-16 of size 16 [ 30.003161] The buggy address is located 8 bytes inside of [ 30.003161] allocated 9-byte region [ffff888101892c20, ffff888101892c29) [ 30.003921] [ 30.004162] The buggy address belongs to the physical page: [ 30.004570] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 30.004948] flags: 0x200000000000000(node=0|zone=2) [ 30.005377] page_type: f5(slab) [ 30.005670] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 30.007018] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 30.007608] page dumped because: kasan: bad access detected [ 30.007988] [ 30.008139] Memory state around the buggy address: [ 30.008358] ffff888101892b00: 00 00 fc fc 00 04 fc fc 00 04 fc fc 00 00 fc fc [ 30.008802] ffff888101892b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 30.009267] >ffff888101892c00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 30.009583] ^ [ 30.010601] ffff888101892c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.011324] ffff888101892d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.011735] ================================================================== [ 30.012494] ================================================================== [ 30.012861] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 30.013453] Read of size 8 at addr ffff888101892c28 by task kunit_try_catch/290 [ 30.013833] [ 30.014055] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250619 #1 PREEMPT(voluntary) [ 30.014799] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.014838] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.014889] Call Trace: [ 30.014935] <TASK> [ 30.014980] dump_stack_lvl+0x73/0xb0 [ 30.015067] print_report+0xd1/0x650 [ 30.015138] ? __virt_addr_valid+0x1db/0x2d0 [ 30.015339] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 30.015436] ? kasan_complete_mode_report_info+0x2a/0x200 [ 30.015511] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 30.015600] kasan_report+0x141/0x180 [ 30.015672] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 30.015745] kasan_check_range+0x10c/0x1c0 [ 30.015794] __kasan_check_read+0x15/0x20 [ 30.015838] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 30.015882] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 30.015923] ? __kmalloc_cache_noprof+0x189/0x420 [ 30.016004] ? trace_hardirqs_on+0x37/0xe0 [ 30.016032] ? kasan_bitops_generic+0x92/0x1c0 [ 30.016062] kasan_bitops_generic+0x121/0x1c0 [ 30.016088] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 30.016156] ? __pfx_read_tsc+0x10/0x10 [ 30.016192] ? ktime_get_ts64+0x86/0x230 [ 30.016239] kunit_try_run_case+0x1a5/0x480 [ 30.016279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.016318] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 30.016356] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 30.016383] ? __kthread_parkme+0x82/0x180 [ 30.016408] ? preempt_count_sub+0x50/0x80 [ 30.016435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 30.016461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.016487] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 30.016513] kthread+0x337/0x6f0 [ 30.016535] ? trace_preempt_on+0x20/0xc0 [ 30.016560] ? __pfx_kthread+0x10/0x10 [ 30.016583] ? _raw_spin_unlock_irq+0x47/0x80 [ 30.016606] ? calculate_sigpending+0x7b/0xa0 [ 30.016632] ? __pfx_kthread+0x10/0x10 [ 30.016656] ret_from_fork+0x116/0x1d0 [ 30.016678] ? __pfx_kthread+0x10/0x10 [ 30.016700] ret_from_fork_asm+0x1a/0x30 [ 30.016734] </TASK> [ 30.016748] [ 30.030004] Allocated by task 290: [ 30.031143] kasan_save_stack+0x45/0x70 [ 30.031663] kasan_save_track+0x18/0x40 [ 30.032504] kasan_save_alloc_info+0x3b/0x50 [ 30.032781] __kasan_kmalloc+0xb7/0xc0 [ 30.033546] __kmalloc_cache_noprof+0x189/0x420 [ 30.033759] kasan_bitops_generic+0x92/0x1c0 [ 30.034128] kunit_try_run_case+0x1a5/0x480 [ 30.034532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.034824] kthread+0x337/0x6f0 [ 30.035087] ret_from_fork+0x116/0x1d0 [ 30.035778] ret_from_fork_asm+0x1a/0x30 [ 30.036211] [ 30.036322] The buggy address belongs to the object at ffff888101892c20 [ 30.036322] which belongs to the cache kmalloc-16 of size 16 [ 30.037483] The buggy address is located 8 bytes inside of [ 30.037483] allocated 9-byte region [ffff888101892c20, ffff888101892c29) [ 30.038723] [ 30.038962] The buggy address belongs to the physical page: [ 30.039234] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 30.040148] flags: 0x200000000000000(node=0|zone=2) [ 30.040503] page_type: f5(slab) [ 30.040777] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 30.041240] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 30.041716] page dumped because: kasan: bad access detected [ 30.042840] [ 30.043068] Memory state around the buggy address: [ 30.043333] ffff888101892b00: 00 00 fc fc 00 04 fc fc 00 04 fc fc 00 00 fc fc [ 30.043779] ffff888101892b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 30.044591] >ffff888101892c00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 30.044922] ^ [ 30.045367] ffff888101892c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.045847] ffff888101892d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 30.046468] ================================================================== [ 29.761772] ================================================================== [ 29.762302] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 29.762800] Write of size 8 at addr ffff888101892c28 by task kunit_try_catch/290 [ 29.763831] [ 29.764856] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250619 #1 PREEMPT(voluntary) [ 29.764954] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.764980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.765014] Call Trace: [ 29.765043] <TASK> [ 29.765070] dump_stack_lvl+0x73/0xb0 [ 29.765147] print_report+0xd1/0x650 [ 29.765175] ? __virt_addr_valid+0x1db/0x2d0 [ 29.765202] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 29.765233] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.765262] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 29.765293] kasan_report+0x141/0x180 [ 29.765316] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 29.765350] kasan_check_range+0x10c/0x1c0 [ 29.765376] __kasan_check_write+0x18/0x20 [ 29.765401] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 29.765432] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.765463] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.765490] ? trace_hardirqs_on+0x37/0xe0 [ 29.765515] ? kasan_bitops_generic+0x92/0x1c0 [ 29.765544] kasan_bitops_generic+0x121/0x1c0 [ 29.765570] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.765597] ? __pfx_read_tsc+0x10/0x10 [ 29.765623] ? ktime_get_ts64+0x86/0x230 [ 29.765651] kunit_try_run_case+0x1a5/0x480 [ 29.765679] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.765704] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.765730] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.765756] ? __kthread_parkme+0x82/0x180 [ 29.765780] ? preempt_count_sub+0x50/0x80 [ 29.765806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.765832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.765858] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.765884] kthread+0x337/0x6f0 [ 29.765913] ? trace_preempt_on+0x20/0xc0 [ 29.766065] ? __pfx_kthread+0x10/0x10 [ 29.766090] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.766128] ? calculate_sigpending+0x7b/0xa0 [ 29.766157] ? __pfx_kthread+0x10/0x10 [ 29.766181] ret_from_fork+0x116/0x1d0 [ 29.766203] ? __pfx_kthread+0x10/0x10 [ 29.766226] ret_from_fork_asm+0x1a/0x30 [ 29.766260] </TASK> [ 29.766274] [ 29.780883] Allocated by task 290: [ 29.781298] kasan_save_stack+0x45/0x70 [ 29.781832] kasan_save_track+0x18/0x40 [ 29.782017] kasan_save_alloc_info+0x3b/0x50 [ 29.782205] __kasan_kmalloc+0xb7/0xc0 [ 29.782542] __kmalloc_cache_noprof+0x189/0x420 [ 29.783085] kasan_bitops_generic+0x92/0x1c0 [ 29.783716] kunit_try_run_case+0x1a5/0x480 [ 29.784020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.784265] kthread+0x337/0x6f0 [ 29.784468] ret_from_fork+0x116/0x1d0 [ 29.785390] ret_from_fork_asm+0x1a/0x30 [ 29.786184] [ 29.786439] The buggy address belongs to the object at ffff888101892c20 [ 29.786439] which belongs to the cache kmalloc-16 of size 16 [ 29.787385] The buggy address is located 8 bytes inside of [ 29.787385] allocated 9-byte region [ffff888101892c20, ffff888101892c29) [ 29.788467] [ 29.788661] The buggy address belongs to the physical page: [ 29.789147] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 29.789518] flags: 0x200000000000000(node=0|zone=2) [ 29.789745] page_type: f5(slab) [ 29.789915] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.791247] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.791829] page dumped because: kasan: bad access detected [ 29.792242] [ 29.792339] Memory state around the buggy address: [ 29.793036] ffff888101892b00: 00 00 fc fc 00 04 fc fc 00 04 fc fc 00 00 fc fc [ 29.793489] ffff888101892b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.794669] >ffff888101892c00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 29.794995] ^ [ 29.795307] ffff888101892c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.795750] ffff888101892d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.796117] ================================================================== [ 29.834366] ================================================================== [ 29.834662] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 29.835634] Write of size 8 at addr ffff888101892c28 by task kunit_try_catch/290 [ 29.836306] [ 29.836526] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc2-next-20250619 #1 PREEMPT(voluntary) [ 29.836638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.836664] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.836711] Call Trace: [ 29.836755] <TASK> [ 29.836798] dump_stack_lvl+0x73/0xb0 [ 29.836872] print_report+0xd1/0x650 [ 29.836957] ? __virt_addr_valid+0x1db/0x2d0 [ 29.837673] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 29.837742] ? kasan_complete_mode_report_info+0x2a/0x200 [ 29.837792] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 29.837844] kasan_report+0x141/0x180 [ 29.837893] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 29.838150] kasan_check_range+0x10c/0x1c0 [ 29.838185] __kasan_check_write+0x18/0x20 [ 29.838214] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 29.838244] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 29.838276] ? __kmalloc_cache_noprof+0x189/0x420 [ 29.838304] ? trace_hardirqs_on+0x37/0xe0 [ 29.838329] ? kasan_bitops_generic+0x92/0x1c0 [ 29.838359] kasan_bitops_generic+0x121/0x1c0 [ 29.838385] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 29.838412] ? __pfx_read_tsc+0x10/0x10 [ 29.838437] ? ktime_get_ts64+0x86/0x230 [ 29.838465] kunit_try_run_case+0x1a5/0x480 [ 29.838493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.838518] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 29.838545] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 29.838571] ? __kthread_parkme+0x82/0x180 [ 29.838594] ? preempt_count_sub+0x50/0x80 [ 29.838621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 29.838646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.838672] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 29.838698] kthread+0x337/0x6f0 [ 29.838720] ? trace_preempt_on+0x20/0xc0 [ 29.838745] ? __pfx_kthread+0x10/0x10 [ 29.838767] ? _raw_spin_unlock_irq+0x47/0x80 [ 29.838791] ? calculate_sigpending+0x7b/0xa0 [ 29.838818] ? __pfx_kthread+0x10/0x10 [ 29.838842] ret_from_fork+0x116/0x1d0 [ 29.838863] ? __pfx_kthread+0x10/0x10 [ 29.838885] ret_from_fork_asm+0x1a/0x30 [ 29.838951] </TASK> [ 29.838969] [ 29.852797] Allocated by task 290: [ 29.853371] kasan_save_stack+0x45/0x70 [ 29.853638] kasan_save_track+0x18/0x40 [ 29.853837] kasan_save_alloc_info+0x3b/0x50 [ 29.854177] __kasan_kmalloc+0xb7/0xc0 [ 29.854489] __kmalloc_cache_noprof+0x189/0x420 [ 29.854849] kasan_bitops_generic+0x92/0x1c0 [ 29.855320] kunit_try_run_case+0x1a5/0x480 [ 29.855510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.855736] kthread+0x337/0x6f0 [ 29.856051] ret_from_fork+0x116/0x1d0 [ 29.856389] ret_from_fork_asm+0x1a/0x30 [ 29.856700] [ 29.856867] The buggy address belongs to the object at ffff888101892c20 [ 29.856867] which belongs to the cache kmalloc-16 of size 16 [ 29.857557] The buggy address is located 8 bytes inside of [ 29.857557] allocated 9-byte region [ffff888101892c20, ffff888101892c29) [ 29.858976] [ 29.859196] The buggy address belongs to the physical page: [ 29.859775] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101892 [ 29.860382] flags: 0x200000000000000(node=0|zone=2) [ 29.860610] page_type: f5(slab) [ 29.860786] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 29.861266] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 29.861812] page dumped because: kasan: bad access detected [ 29.863151] [ 29.863356] Memory state around the buggy address: [ 29.863589] ffff888101892b00: 00 00 fc fc 00 04 fc fc 00 04 fc fc 00 00 fc fc [ 29.863854] ffff888101892b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 29.864438] >ffff888101892c00: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 29.865454] ^ [ 29.865721] ffff888101892c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.866817] ffff888101892d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 29.867098] ==================================================================