Date
July 22, 2025, 5:13 a.m.
| Environment | |
|---|---|
| qemu-x86_64 |
[ 27.416699] ================================================================== [ 27.416978] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 27.417399] Read of size 8 at addr ffff888104919c88 by task kunit_try_catch/309 [ 27.417946] [ 27.418047] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.418096] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.418109] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.418130] Call Trace: [ 27.418145] <TASK> [ 27.418160] dump_stack_lvl+0x73/0xb0 [ 27.418190] print_report+0xd1/0x640 [ 27.418214] ? __virt_addr_valid+0x1db/0x2d0 [ 27.418239] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 27.418267] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.418295] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 27.418323] kasan_report+0x141/0x180 [ 27.418346] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 27.418378] kasan_check_range+0x10c/0x1c0 [ 27.418403] __kasan_check_read+0x15/0x20 [ 27.418427] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 27.418455] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.418483] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.418509] ? trace_hardirqs_on+0x37/0xe0 [ 27.418531] ? kasan_bitops_generic+0x92/0x1c0 [ 27.418558] kasan_bitops_generic+0x121/0x1c0 [ 27.418583] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.418610] ? __pfx_read_tsc+0x10/0x10 [ 27.418632] ? ktime_get_ts64+0x86/0x230 [ 27.418658] kunit_try_run_case+0x1a5/0x480 [ 27.418684] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.418796] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.418826] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.418939] ? __kthread_parkme+0x82/0x180 [ 27.418961] ? preempt_count_sub+0x50/0x80 [ 27.418986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.419012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.419037] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.419062] kthread+0x337/0x6f0 [ 27.419096] ? trace_preempt_on+0x20/0xc0 [ 27.419120] ? __pfx_kthread+0x10/0x10 [ 27.419142] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.419179] ? calculate_sigpending+0x7b/0xa0 [ 27.419203] ? __pfx_kthread+0x10/0x10 [ 27.419225] ret_from_fork+0x116/0x1d0 [ 27.419247] ? __pfx_kthread+0x10/0x10 [ 27.419269] ret_from_fork_asm+0x1a/0x30 [ 27.419301] </TASK> [ 27.419312] [ 27.428991] Allocated by task 309: [ 27.429127] kasan_save_stack+0x45/0x70 [ 27.429274] kasan_save_track+0x18/0x40 [ 27.429408] kasan_save_alloc_info+0x3b/0x50 [ 27.429560] __kasan_kmalloc+0xb7/0xc0 [ 27.429817] __kmalloc_cache_noprof+0x189/0x420 [ 27.430477] kasan_bitops_generic+0x92/0x1c0 [ 27.431086] kunit_try_run_case+0x1a5/0x480 [ 27.432080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.432777] kthread+0x337/0x6f0 [ 27.433297] ret_from_fork+0x116/0x1d0 [ 27.433935] ret_from_fork_asm+0x1a/0x30 [ 27.434105] [ 27.434416] The buggy address belongs to the object at ffff888104919c80 [ 27.434416] which belongs to the cache kmalloc-16 of size 16 [ 27.435927] The buggy address is located 8 bytes inside of [ 27.435927] allocated 9-byte region [ffff888104919c80, ffff888104919c89) [ 27.437186] [ 27.437374] The buggy address belongs to the physical page: [ 27.437874] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104919 [ 27.438439] flags: 0x200000000000000(node=0|zone=2) [ 27.438714] page_type: f5(slab) [ 27.438896] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.439230] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.439643] page dumped because: kasan: bad access detected [ 27.439999] [ 27.440105] Memory state around the buggy address: [ 27.440522] ffff888104919b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.440766] ffff888104919c00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.441365] >ffff888104919c80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.441744] ^ [ 27.442278] ffff888104919d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.442730] ffff888104919d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.443152] ================================================================== [ 27.443939] ================================================================== [ 27.444394] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 27.445419] Read of size 8 at addr ffff888104919c88 by task kunit_try_catch/309 [ 27.445810] [ 27.446363] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.446420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.446434] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.446512] Call Trace: [ 27.446531] <TASK> [ 27.446547] dump_stack_lvl+0x73/0xb0 [ 27.446579] print_report+0xd1/0x640 [ 27.446689] ? __virt_addr_valid+0x1db/0x2d0 [ 27.446715] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 27.446743] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.446769] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 27.446798] kasan_report+0x141/0x180 [ 27.446820] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 27.446867] __asan_report_load8_noabort+0x18/0x20 [ 27.446892] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 27.446920] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.446949] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.446974] ? trace_hardirqs_on+0x37/0xe0 [ 27.446997] ? kasan_bitops_generic+0x92/0x1c0 [ 27.447025] kasan_bitops_generic+0x121/0x1c0 [ 27.447050] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.447075] ? __pfx_read_tsc+0x10/0x10 [ 27.447097] ? ktime_get_ts64+0x86/0x230 [ 27.447124] kunit_try_run_case+0x1a5/0x480 [ 27.447150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.447175] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.447201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.447227] ? __kthread_parkme+0x82/0x180 [ 27.447248] ? preempt_count_sub+0x50/0x80 [ 27.447273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.447297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.447321] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.447346] kthread+0x337/0x6f0 [ 27.447367] ? trace_preempt_on+0x20/0xc0 [ 27.447390] ? __pfx_kthread+0x10/0x10 [ 27.447412] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.447435] ? calculate_sigpending+0x7b/0xa0 [ 27.447479] ? __pfx_kthread+0x10/0x10 [ 27.447501] ret_from_fork+0x116/0x1d0 [ 27.447522] ? __pfx_kthread+0x10/0x10 [ 27.447543] ret_from_fork_asm+0x1a/0x30 [ 27.447574] </TASK> [ 27.447585] [ 27.459079] Allocated by task 309: [ 27.459394] kasan_save_stack+0x45/0x70 [ 27.459655] kasan_save_track+0x18/0x40 [ 27.460309] kasan_save_alloc_info+0x3b/0x50 [ 27.460565] __kasan_kmalloc+0xb7/0xc0 [ 27.460769] __kmalloc_cache_noprof+0x189/0x420 [ 27.461008] kasan_bitops_generic+0x92/0x1c0 [ 27.461219] kunit_try_run_case+0x1a5/0x480 [ 27.461435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.461765] kthread+0x337/0x6f0 [ 27.461957] ret_from_fork+0x116/0x1d0 [ 27.462115] ret_from_fork_asm+0x1a/0x30 [ 27.462279] [ 27.462381] The buggy address belongs to the object at ffff888104919c80 [ 27.462381] which belongs to the cache kmalloc-16 of size 16 [ 27.462943] The buggy address is located 8 bytes inside of [ 27.462943] allocated 9-byte region [ffff888104919c80, ffff888104919c89) [ 27.463638] [ 27.463713] The buggy address belongs to the physical page: [ 27.463987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104919 [ 27.464368] flags: 0x200000000000000(node=0|zone=2) [ 27.464725] page_type: f5(slab) [ 27.464908] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.465202] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.465547] page dumped because: kasan: bad access detected [ 27.465896] [ 27.465984] Memory state around the buggy address: [ 27.466198] ffff888104919b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.466506] ffff888104919c00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.466955] >ffff888104919c80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.467248] ^ [ 27.467451] ffff888104919d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.467667] ffff888104919d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.468280] ================================================================== [ 27.299761] ================================================================== [ 27.300104] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 27.300678] Write of size 8 at addr ffff888104919c88 by task kunit_try_catch/309 [ 27.301063] [ 27.301175] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.301222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.301235] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.301258] Call Trace: [ 27.301272] <TASK> [ 27.301297] dump_stack_lvl+0x73/0xb0 [ 27.301325] print_report+0xd1/0x640 [ 27.301349] ? __virt_addr_valid+0x1db/0x2d0 [ 27.301384] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 27.301412] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.301439] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 27.301507] kasan_report+0x141/0x180 [ 27.301534] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 27.301573] kasan_check_range+0x10c/0x1c0 [ 27.301598] __kasan_check_write+0x18/0x20 [ 27.301623] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 27.301651] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.301681] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.301705] ? trace_hardirqs_on+0x37/0xe0 [ 27.301727] ? kasan_bitops_generic+0x92/0x1c0 [ 27.301756] kasan_bitops_generic+0x121/0x1c0 [ 27.301781] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.301806] ? __pfx_read_tsc+0x10/0x10 [ 27.301838] ? ktime_get_ts64+0x86/0x230 [ 27.301865] kunit_try_run_case+0x1a5/0x480 [ 27.301890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.301914] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.301941] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.301967] ? __kthread_parkme+0x82/0x180 [ 27.301989] ? preempt_count_sub+0x50/0x80 [ 27.302013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.302038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.302063] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.302088] kthread+0x337/0x6f0 [ 27.302108] ? trace_preempt_on+0x20/0xc0 [ 27.302131] ? __pfx_kthread+0x10/0x10 [ 27.302153] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.302177] ? calculate_sigpending+0x7b/0xa0 [ 27.302250] ? __pfx_kthread+0x10/0x10 [ 27.302273] ret_from_fork+0x116/0x1d0 [ 27.302293] ? __pfx_kthread+0x10/0x10 [ 27.302315] ret_from_fork_asm+0x1a/0x30 [ 27.302346] </TASK> [ 27.302358] [ 27.317837] Allocated by task 309: [ 27.317976] kasan_save_stack+0x45/0x70 [ 27.318126] kasan_save_track+0x18/0x40 [ 27.318297] kasan_save_alloc_info+0x3b/0x50 [ 27.318450] __kasan_kmalloc+0xb7/0xc0 [ 27.318760] __kmalloc_cache_noprof+0x189/0x420 [ 27.319046] kasan_bitops_generic+0x92/0x1c0 [ 27.319262] kunit_try_run_case+0x1a5/0x480 [ 27.319412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.319662] kthread+0x337/0x6f0 [ 27.320038] ret_from_fork+0x116/0x1d0 [ 27.320282] ret_from_fork_asm+0x1a/0x30 [ 27.320432] [ 27.320617] The buggy address belongs to the object at ffff888104919c80 [ 27.320617] which belongs to the cache kmalloc-16 of size 16 [ 27.321152] The buggy address is located 8 bytes inside of [ 27.321152] allocated 9-byte region [ffff888104919c80, ffff888104919c89) [ 27.321604] [ 27.321688] The buggy address belongs to the physical page: [ 27.321990] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104919 [ 27.322361] flags: 0x200000000000000(node=0|zone=2) [ 27.322565] page_type: f5(slab) [ 27.322730] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.323080] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.323364] page dumped because: kasan: bad access detected [ 27.323681] [ 27.323770] Memory state around the buggy address: [ 27.323998] ffff888104919b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.324524] ffff888104919c00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.325105] >ffff888104919c80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.325514] ^ [ 27.325676] ffff888104919d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.325982] ffff888104919d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.326359] ================================================================== [ 27.372317] ================================================================== [ 27.373010] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 27.373827] Write of size 8 at addr ffff888104919c88 by task kunit_try_catch/309 [ 27.374220] [ 27.374308] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.374356] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.374368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.374390] Call Trace: [ 27.374405] <TASK> [ 27.374418] dump_stack_lvl+0x73/0xb0 [ 27.374449] print_report+0xd1/0x640 [ 27.374571] ? __virt_addr_valid+0x1db/0x2d0 [ 27.374598] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 27.374665] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.374693] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 27.374723] kasan_report+0x141/0x180 [ 27.374757] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 27.374789] kasan_check_range+0x10c/0x1c0 [ 27.374814] __kasan_check_write+0x18/0x20 [ 27.374875] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 27.374903] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.374943] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.374968] ? trace_hardirqs_on+0x37/0xe0 [ 27.374991] ? kasan_bitops_generic+0x92/0x1c0 [ 27.375019] kasan_bitops_generic+0x121/0x1c0 [ 27.375043] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.375069] ? __pfx_read_tsc+0x10/0x10 [ 27.375091] ? ktime_get_ts64+0x86/0x230 [ 27.375115] kunit_try_run_case+0x1a5/0x480 [ 27.375140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.375175] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.375201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.375228] ? __kthread_parkme+0x82/0x180 [ 27.375249] ? preempt_count_sub+0x50/0x80 [ 27.375300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.375326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.375351] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.375387] kthread+0x337/0x6f0 [ 27.375409] ? trace_preempt_on+0x20/0xc0 [ 27.375449] ? __pfx_kthread+0x10/0x10 [ 27.375480] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.375504] ? calculate_sigpending+0x7b/0xa0 [ 27.375529] ? __pfx_kthread+0x10/0x10 [ 27.375603] ret_from_fork+0x116/0x1d0 [ 27.375656] ? __pfx_kthread+0x10/0x10 [ 27.375678] ret_from_fork_asm+0x1a/0x30 [ 27.375710] </TASK> [ 27.375733] [ 27.386447] Allocated by task 309: [ 27.386626] kasan_save_stack+0x45/0x70 [ 27.386776] kasan_save_track+0x18/0x40 [ 27.386956] kasan_save_alloc_info+0x3b/0x50 [ 27.387109] __kasan_kmalloc+0xb7/0xc0 [ 27.387242] __kmalloc_cache_noprof+0x189/0x420 [ 27.387459] kasan_bitops_generic+0x92/0x1c0 [ 27.387847] kunit_try_run_case+0x1a5/0x480 [ 27.388110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.388296] kthread+0x337/0x6f0 [ 27.388422] ret_from_fork+0x116/0x1d0 [ 27.388557] ret_from_fork_asm+0x1a/0x30 [ 27.388697] [ 27.388918] The buggy address belongs to the object at ffff888104919c80 [ 27.388918] which belongs to the cache kmalloc-16 of size 16 [ 27.389459] The buggy address is located 8 bytes inside of [ 27.389459] allocated 9-byte region [ffff888104919c80, ffff888104919c89) [ 27.390148] [ 27.390256] The buggy address belongs to the physical page: [ 27.390612] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104919 [ 27.391005] flags: 0x200000000000000(node=0|zone=2) [ 27.391174] page_type: f5(slab) [ 27.391294] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.391905] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.392263] page dumped because: kasan: bad access detected [ 27.392439] [ 27.392507] Memory state around the buggy address: [ 27.392662] ffff888104919b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.393041] ffff888104919c00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.393361] >ffff888104919c80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.393868] ^ [ 27.394163] ffff888104919d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.394538] ffff888104919d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.394873] ================================================================== [ 27.395330] ================================================================== [ 27.395699] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 27.396103] Write of size 8 at addr ffff888104919c88 by task kunit_try_catch/309 [ 27.396493] [ 27.396574] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.396619] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.396631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.396654] Call Trace: [ 27.396669] <TASK> [ 27.396683] dump_stack_lvl+0x73/0xb0 [ 27.396712] print_report+0xd1/0x640 [ 27.396735] ? __virt_addr_valid+0x1db/0x2d0 [ 27.396759] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 27.396787] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.396880] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 27.396914] kasan_report+0x141/0x180 [ 27.396938] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 27.396982] kasan_check_range+0x10c/0x1c0 [ 27.397006] __kasan_check_write+0x18/0x20 [ 27.397031] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 27.397072] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.397101] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.397127] ? trace_hardirqs_on+0x37/0xe0 [ 27.397149] ? kasan_bitops_generic+0x92/0x1c0 [ 27.397178] kasan_bitops_generic+0x121/0x1c0 [ 27.397202] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.397227] ? __pfx_read_tsc+0x10/0x10 [ 27.397250] ? ktime_get_ts64+0x86/0x230 [ 27.397275] kunit_try_run_case+0x1a5/0x480 [ 27.397300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.397324] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.397351] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.397377] ? __kthread_parkme+0x82/0x180 [ 27.397398] ? preempt_count_sub+0x50/0x80 [ 27.397422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.397447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.397473] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.397498] kthread+0x337/0x6f0 [ 27.397529] ? trace_preempt_on+0x20/0xc0 [ 27.397552] ? __pfx_kthread+0x10/0x10 [ 27.397696] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.397734] ? calculate_sigpending+0x7b/0xa0 [ 27.397759] ? __pfx_kthread+0x10/0x10 [ 27.397840] ret_from_fork+0x116/0x1d0 [ 27.397863] ? __pfx_kthread+0x10/0x10 [ 27.397885] ret_from_fork_asm+0x1a/0x30 [ 27.397917] </TASK> [ 27.397928] [ 27.407629] Allocated by task 309: [ 27.407844] kasan_save_stack+0x45/0x70 [ 27.407995] kasan_save_track+0x18/0x40 [ 27.408198] kasan_save_alloc_info+0x3b/0x50 [ 27.408429] __kasan_kmalloc+0xb7/0xc0 [ 27.408648] __kmalloc_cache_noprof+0x189/0x420 [ 27.408878] kasan_bitops_generic+0x92/0x1c0 [ 27.409107] kunit_try_run_case+0x1a5/0x480 [ 27.409324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.409747] kthread+0x337/0x6f0 [ 27.409906] ret_from_fork+0x116/0x1d0 [ 27.410132] ret_from_fork_asm+0x1a/0x30 [ 27.410309] [ 27.410382] The buggy address belongs to the object at ffff888104919c80 [ 27.410382] which belongs to the cache kmalloc-16 of size 16 [ 27.411075] The buggy address is located 8 bytes inside of [ 27.411075] allocated 9-byte region [ffff888104919c80, ffff888104919c89) [ 27.411766] [ 27.411885] The buggy address belongs to the physical page: [ 27.412157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104919 [ 27.412600] flags: 0x200000000000000(node=0|zone=2) [ 27.412827] page_type: f5(slab) [ 27.413028] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.413343] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.413572] page dumped because: kasan: bad access detected [ 27.413746] [ 27.413813] Memory state around the buggy address: [ 27.413979] ffff888104919b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.414221] ffff888104919c00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.414696] >ffff888104919c80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.415141] ^ [ 27.415324] ffff888104919d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.415733] ffff888104919d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.416050] ================================================================== [ 27.256560] ================================================================== [ 27.256938] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 27.257450] Write of size 8 at addr ffff888104919c88 by task kunit_try_catch/309 [ 27.257688] [ 27.257770] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.257817] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.257839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.257860] Call Trace: [ 27.257876] <TASK> [ 27.257902] dump_stack_lvl+0x73/0xb0 [ 27.257930] print_report+0xd1/0x640 [ 27.257954] ? __virt_addr_valid+0x1db/0x2d0 [ 27.257988] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 27.258016] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.258044] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 27.258073] kasan_report+0x141/0x180 [ 27.258096] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 27.258129] kasan_check_range+0x10c/0x1c0 [ 27.258153] __kasan_check_write+0x18/0x20 [ 27.258177] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 27.258206] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.258235] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.258259] ? trace_hardirqs_on+0x37/0xe0 [ 27.258283] ? kasan_bitops_generic+0x92/0x1c0 [ 27.258310] kasan_bitops_generic+0x121/0x1c0 [ 27.258335] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.258456] ? __pfx_read_tsc+0x10/0x10 [ 27.258483] ? ktime_get_ts64+0x86/0x230 [ 27.258520] kunit_try_run_case+0x1a5/0x480 [ 27.258547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.258665] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.258700] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.258727] ? __kthread_parkme+0x82/0x180 [ 27.258748] ? preempt_count_sub+0x50/0x80 [ 27.258772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.258797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.258821] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.258857] kthread+0x337/0x6f0 [ 27.258878] ? trace_preempt_on+0x20/0xc0 [ 27.258902] ? __pfx_kthread+0x10/0x10 [ 27.258985] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.259027] ? calculate_sigpending+0x7b/0xa0 [ 27.259052] ? __pfx_kthread+0x10/0x10 [ 27.259075] ret_from_fork+0x116/0x1d0 [ 27.259106] ? __pfx_kthread+0x10/0x10 [ 27.259128] ret_from_fork_asm+0x1a/0x30 [ 27.259160] </TASK> [ 27.259188] [ 27.268860] Allocated by task 309: [ 27.269038] kasan_save_stack+0x45/0x70 [ 27.269326] kasan_save_track+0x18/0x40 [ 27.269564] kasan_save_alloc_info+0x3b/0x50 [ 27.269809] __kasan_kmalloc+0xb7/0xc0 [ 27.269991] __kmalloc_cache_noprof+0x189/0x420 [ 27.270151] kasan_bitops_generic+0x92/0x1c0 [ 27.270300] kunit_try_run_case+0x1a5/0x480 [ 27.270447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.270624] kthread+0x337/0x6f0 [ 27.270745] ret_from_fork+0x116/0x1d0 [ 27.270914] ret_from_fork_asm+0x1a/0x30 [ 27.271231] [ 27.271336] The buggy address belongs to the object at ffff888104919c80 [ 27.271336] which belongs to the cache kmalloc-16 of size 16 [ 27.271876] The buggy address is located 8 bytes inside of [ 27.271876] allocated 9-byte region [ffff888104919c80, ffff888104919c89) [ 27.272640] [ 27.272719] The buggy address belongs to the physical page: [ 27.272916] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104919 [ 27.273232] flags: 0x200000000000000(node=0|zone=2) [ 27.273510] page_type: f5(slab) [ 27.273743] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.274116] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.274704] page dumped because: kasan: bad access detected [ 27.274974] [ 27.275061] Memory state around the buggy address: [ 27.275306] ffff888104919b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.275771] ffff888104919c00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.276098] >ffff888104919c80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.276498] ^ [ 27.276740] ffff888104919d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.277002] ffff888104919d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.277356] ================================================================== [ 27.349697] ================================================================== [ 27.350076] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 27.350543] Write of size 8 at addr ffff888104919c88 by task kunit_try_catch/309 [ 27.350941] [ 27.351056] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.351134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.351147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.351168] Call Trace: [ 27.351183] <TASK> [ 27.351209] dump_stack_lvl+0x73/0xb0 [ 27.351246] print_report+0xd1/0x640 [ 27.351270] ? __virt_addr_valid+0x1db/0x2d0 [ 27.351323] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 27.351350] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.351377] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 27.351416] kasan_report+0x141/0x180 [ 27.351440] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 27.351497] kasan_check_range+0x10c/0x1c0 [ 27.351522] __kasan_check_write+0x18/0x20 [ 27.351599] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 27.351630] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.351690] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.351715] ? trace_hardirqs_on+0x37/0xe0 [ 27.351738] ? kasan_bitops_generic+0x92/0x1c0 [ 27.351777] kasan_bitops_generic+0x121/0x1c0 [ 27.351825] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.351863] ? __pfx_read_tsc+0x10/0x10 [ 27.351885] ? ktime_get_ts64+0x86/0x230 [ 27.351950] kunit_try_run_case+0x1a5/0x480 [ 27.351975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.352000] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.352025] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.352060] ? __kthread_parkme+0x82/0x180 [ 27.352084] ? preempt_count_sub+0x50/0x80 [ 27.352108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.352144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.352179] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.352204] kthread+0x337/0x6f0 [ 27.352224] ? trace_preempt_on+0x20/0xc0 [ 27.352248] ? __pfx_kthread+0x10/0x10 [ 27.352270] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.352294] ? calculate_sigpending+0x7b/0xa0 [ 27.352345] ? __pfx_kthread+0x10/0x10 [ 27.352368] ret_from_fork+0x116/0x1d0 [ 27.352389] ? __pfx_kthread+0x10/0x10 [ 27.352422] ret_from_fork_asm+0x1a/0x30 [ 27.352455] </TASK> [ 27.352481] [ 27.362439] Allocated by task 309: [ 27.362701] kasan_save_stack+0x45/0x70 [ 27.362961] kasan_save_track+0x18/0x40 [ 27.363182] kasan_save_alloc_info+0x3b/0x50 [ 27.363420] __kasan_kmalloc+0xb7/0xc0 [ 27.363633] __kmalloc_cache_noprof+0x189/0x420 [ 27.363928] kasan_bitops_generic+0x92/0x1c0 [ 27.364304] kunit_try_run_case+0x1a5/0x480 [ 27.364634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.364911] kthread+0x337/0x6f0 [ 27.365078] ret_from_fork+0x116/0x1d0 [ 27.365392] ret_from_fork_asm+0x1a/0x30 [ 27.365770] [ 27.365920] The buggy address belongs to the object at ffff888104919c80 [ 27.365920] which belongs to the cache kmalloc-16 of size 16 [ 27.366575] The buggy address is located 8 bytes inside of [ 27.366575] allocated 9-byte region [ffff888104919c80, ffff888104919c89) [ 27.367074] [ 27.367163] The buggy address belongs to the physical page: [ 27.367444] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104919 [ 27.367810] flags: 0x200000000000000(node=0|zone=2) [ 27.368164] page_type: f5(slab) [ 27.368375] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.368798] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.369174] page dumped because: kasan: bad access detected [ 27.369461] [ 27.369794] Memory state around the buggy address: [ 27.369979] ffff888104919b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.370206] ffff888104919c00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.370522] >ffff888104919c80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.370979] ^ [ 27.371155] ffff888104919d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.371527] ffff888104919d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.371815] ================================================================== [ 27.277859] ================================================================== [ 27.278367] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 27.278881] Write of size 8 at addr ffff888104919c88 by task kunit_try_catch/309 [ 27.279158] [ 27.279278] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.279337] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.279350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.279371] Call Trace: [ 27.279385] <TASK> [ 27.279399] dump_stack_lvl+0x73/0xb0 [ 27.279429] print_report+0xd1/0x640 [ 27.279452] ? __virt_addr_valid+0x1db/0x2d0 [ 27.279493] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 27.279520] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.279547] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 27.279577] kasan_report+0x141/0x180 [ 27.279600] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 27.279633] kasan_check_range+0x10c/0x1c0 [ 27.279658] __kasan_check_write+0x18/0x20 [ 27.279839] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 27.279879] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.279909] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.279933] ? trace_hardirqs_on+0x37/0xe0 [ 27.279956] ? kasan_bitops_generic+0x92/0x1c0 [ 27.279985] kasan_bitops_generic+0x121/0x1c0 [ 27.280010] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.280035] ? __pfx_read_tsc+0x10/0x10 [ 27.280057] ? ktime_get_ts64+0x86/0x230 [ 27.280082] kunit_try_run_case+0x1a5/0x480 [ 27.280108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.280131] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.280157] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.280183] ? __kthread_parkme+0x82/0x180 [ 27.280204] ? preempt_count_sub+0x50/0x80 [ 27.280228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.280253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.280278] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.280302] kthread+0x337/0x6f0 [ 27.280322] ? trace_preempt_on+0x20/0xc0 [ 27.280345] ? __pfx_kthread+0x10/0x10 [ 27.280367] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.280391] ? calculate_sigpending+0x7b/0xa0 [ 27.280415] ? __pfx_kthread+0x10/0x10 [ 27.280438] ret_from_fork+0x116/0x1d0 [ 27.280458] ? __pfx_kthread+0x10/0x10 [ 27.280479] ret_from_fork_asm+0x1a/0x30 [ 27.280510] </TASK> [ 27.280521] [ 27.289852] Allocated by task 309: [ 27.289984] kasan_save_stack+0x45/0x70 [ 27.290132] kasan_save_track+0x18/0x40 [ 27.290267] kasan_save_alloc_info+0x3b/0x50 [ 27.290415] __kasan_kmalloc+0xb7/0xc0 [ 27.290781] __kmalloc_cache_noprof+0x189/0x420 [ 27.291033] kasan_bitops_generic+0x92/0x1c0 [ 27.291356] kunit_try_run_case+0x1a5/0x480 [ 27.291761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.292082] kthread+0x337/0x6f0 [ 27.292317] ret_from_fork+0x116/0x1d0 [ 27.292546] ret_from_fork_asm+0x1a/0x30 [ 27.292691] [ 27.292760] The buggy address belongs to the object at ffff888104919c80 [ 27.292760] which belongs to the cache kmalloc-16 of size 16 [ 27.293442] The buggy address is located 8 bytes inside of [ 27.293442] allocated 9-byte region [ffff888104919c80, ffff888104919c89) [ 27.294026] [ 27.294132] The buggy address belongs to the physical page: [ 27.294388] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104919 [ 27.294907] flags: 0x200000000000000(node=0|zone=2) [ 27.295110] page_type: f5(slab) [ 27.295270] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.295695] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.296045] page dumped because: kasan: bad access detected [ 27.296296] [ 27.296413] Memory state around the buggy address: [ 27.296695] ffff888104919b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.297050] ffff888104919c00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.297576] >ffff888104919c80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.297902] ^ [ 27.298089] ffff888104919d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.298416] ffff888104919d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.299048] ================================================================== [ 27.326865] ================================================================== [ 27.327118] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 27.327630] Write of size 8 at addr ffff888104919c88 by task kunit_try_catch/309 [ 27.327967] [ 27.328089] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7-next-20250722 #1 PREEMPT(voluntary) [ 27.328137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.328150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.328170] Call Trace: [ 27.328187] <TASK> [ 27.328202] dump_stack_lvl+0x73/0xb0 [ 27.328231] print_report+0xd1/0x640 [ 27.328264] ? __virt_addr_valid+0x1db/0x2d0 [ 27.328288] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 27.328316] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.328354] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 27.328382] kasan_report+0x141/0x180 [ 27.328405] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 27.328438] kasan_check_range+0x10c/0x1c0 [ 27.328462] __kasan_check_write+0x18/0x20 [ 27.328488] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 27.328517] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 27.328556] ? __kmalloc_cache_noprof+0x189/0x420 [ 27.328580] ? trace_hardirqs_on+0x37/0xe0 [ 27.328603] ? kasan_bitops_generic+0x92/0x1c0 [ 27.328641] kasan_bitops_generic+0x121/0x1c0 [ 27.328666] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 27.328692] ? __pfx_read_tsc+0x10/0x10 [ 27.328713] ? ktime_get_ts64+0x86/0x230 [ 27.328739] kunit_try_run_case+0x1a5/0x480 [ 27.328781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.328803] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.328838] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.328870] ? __kthread_parkme+0x82/0x180 [ 27.328891] ? preempt_count_sub+0x50/0x80 [ 27.328915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.329142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.329187] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.329225] kthread+0x337/0x6f0 [ 27.329247] ? trace_preempt_on+0x20/0xc0 [ 27.329270] ? __pfx_kthread+0x10/0x10 [ 27.329292] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.329326] ? calculate_sigpending+0x7b/0xa0 [ 27.329350] ? __pfx_kthread+0x10/0x10 [ 27.329373] ret_from_fork+0x116/0x1d0 [ 27.329403] ? __pfx_kthread+0x10/0x10 [ 27.329425] ret_from_fork_asm+0x1a/0x30 [ 27.329457] </TASK> [ 27.329525] [ 27.338689] Allocated by task 309: [ 27.338948] kasan_save_stack+0x45/0x70 [ 27.339103] kasan_save_track+0x18/0x40 [ 27.339239] kasan_save_alloc_info+0x3b/0x50 [ 27.339511] __kasan_kmalloc+0xb7/0xc0 [ 27.339741] __kmalloc_cache_noprof+0x189/0x420 [ 27.340375] kasan_bitops_generic+0x92/0x1c0 [ 27.340630] kunit_try_run_case+0x1a5/0x480 [ 27.340840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.341111] kthread+0x337/0x6f0 [ 27.341517] ret_from_fork+0x116/0x1d0 [ 27.341798] ret_from_fork_asm+0x1a/0x30 [ 27.341960] [ 27.342087] The buggy address belongs to the object at ffff888104919c80 [ 27.342087] which belongs to the cache kmalloc-16 of size 16 [ 27.342899] The buggy address is located 8 bytes inside of [ 27.342899] allocated 9-byte region [ffff888104919c80, ffff888104919c89) [ 27.343484] [ 27.343600] The buggy address belongs to the physical page: [ 27.343950] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104919 [ 27.344435] flags: 0x200000000000000(node=0|zone=2) [ 27.344912] page_type: f5(slab) [ 27.345111] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 27.345554] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.346011] page dumped because: kasan: bad access detected [ 27.346274] [ 27.346381] Memory state around the buggy address: [ 27.346634] ffff888104919b80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.346976] ffff888104919c00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 27.347379] >ffff888104919c80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.347884] ^ [ 27.348016] ffff888104919d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.348680] ffff888104919d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.349018] ==================================================================