Date
July 4, 2025, 11:11 p.m.
| Environment | |
|---|---|
| qemu-x86_64 |
[ 14.186846] ================================================================== [ 14.188049] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.188627] Write of size 8 at addr ffff88810298e128 by task kunit_try_catch/278 [ 14.188996] [ 14.189087] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.189169] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.189183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.189229] Call Trace: [ 14.189249] <TASK> [ 14.189284] dump_stack_lvl+0x73/0xb0 [ 14.189328] print_report+0xd1/0x650 [ 14.189364] ? __virt_addr_valid+0x1db/0x2d0 [ 14.189415] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.189439] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.189461] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.189486] kasan_report+0x141/0x180 [ 14.189507] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.189537] kasan_check_range+0x10c/0x1c0 [ 14.189560] __kasan_check_write+0x18/0x20 [ 14.189579] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.189604] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.189629] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.189653] ? trace_hardirqs_on+0x37/0xe0 [ 14.189693] ? kasan_bitops_generic+0x92/0x1c0 [ 14.189722] kasan_bitops_generic+0x116/0x1c0 [ 14.189745] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.189769] ? __pfx_read_tsc+0x10/0x10 [ 14.189789] ? ktime_get_ts64+0x86/0x230 [ 14.189813] kunit_try_run_case+0x1a5/0x480 [ 14.189837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.189859] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.189881] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.189903] ? __kthread_parkme+0x82/0x180 [ 14.189923] ? preempt_count_sub+0x50/0x80 [ 14.189946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.189968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.189989] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.190012] kthread+0x337/0x6f0 [ 14.190030] ? trace_preempt_on+0x20/0xc0 [ 14.190051] ? __pfx_kthread+0x10/0x10 [ 14.190071] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.190090] ? calculate_sigpending+0x7b/0xa0 [ 14.190113] ? __pfx_kthread+0x10/0x10 [ 14.190134] ret_from_fork+0x116/0x1d0 [ 14.190169] ? __pfx_kthread+0x10/0x10 [ 14.190189] ret_from_fork_asm+0x1a/0x30 [ 14.190231] </TASK> [ 14.190242] [ 14.198936] Allocated by task 278: [ 14.199164] kasan_save_stack+0x45/0x70 [ 14.199591] kasan_save_track+0x18/0x40 [ 14.199787] kasan_save_alloc_info+0x3b/0x50 [ 14.199974] __kasan_kmalloc+0xb7/0xc0 [ 14.200135] __kmalloc_cache_noprof+0x189/0x420 [ 14.200359] kasan_bitops_generic+0x92/0x1c0 [ 14.200699] kunit_try_run_case+0x1a5/0x480 [ 14.200898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.201067] kthread+0x337/0x6f0 [ 14.201185] ret_from_fork+0x116/0x1d0 [ 14.201371] ret_from_fork_asm+0x1a/0x30 [ 14.201602] [ 14.201695] The buggy address belongs to the object at ffff88810298e120 [ 14.201695] which belongs to the cache kmalloc-16 of size 16 [ 14.202132] The buggy address is located 8 bytes inside of [ 14.202132] allocated 9-byte region [ffff88810298e120, ffff88810298e129) [ 14.202704] [ 14.202826] The buggy address belongs to the physical page: [ 14.203084] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298e [ 14.203475] flags: 0x200000000000000(node=0|zone=2) [ 14.203738] page_type: f5(slab) [ 14.203861] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.204164] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.204660] page dumped because: kasan: bad access detected [ 14.204931] [ 14.205040] Memory state around the buggy address: [ 14.205299] ffff88810298e000: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.205650] ffff88810298e080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.205960] >ffff88810298e100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.206273] ^ [ 14.206418] ffff88810298e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.206625] ffff88810298e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.206829] ================================================================== [ 14.039865] ================================================================== [ 14.040418] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.041524] Write of size 8 at addr ffff88810298e128 by task kunit_try_catch/278 [ 14.041883] [ 14.042002] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.042053] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.042067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.042090] Call Trace: [ 14.042104] <TASK> [ 14.042125] dump_stack_lvl+0x73/0xb0 [ 14.042159] print_report+0xd1/0x650 [ 14.042183] ? __virt_addr_valid+0x1db/0x2d0 [ 14.042206] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.042269] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.042292] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.042316] kasan_report+0x141/0x180 [ 14.042338] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.042366] kasan_check_range+0x10c/0x1c0 [ 14.042389] __kasan_check_write+0x18/0x20 [ 14.042409] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.042434] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.042460] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.042484] ? trace_hardirqs_on+0x37/0xe0 [ 14.042507] ? kasan_bitops_generic+0x92/0x1c0 [ 14.042533] kasan_bitops_generic+0x116/0x1c0 [ 14.042556] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.042580] ? __pfx_read_tsc+0x10/0x10 [ 14.042601] ? ktime_get_ts64+0x86/0x230 [ 14.042625] kunit_try_run_case+0x1a5/0x480 [ 14.042649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.042671] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.042695] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.042717] ? __kthread_parkme+0x82/0x180 [ 14.042737] ? preempt_count_sub+0x50/0x80 [ 14.042760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.042782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.042805] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.042827] kthread+0x337/0x6f0 [ 14.042845] ? trace_preempt_on+0x20/0xc0 [ 14.042866] ? __pfx_kthread+0x10/0x10 [ 14.042886] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.042907] ? calculate_sigpending+0x7b/0xa0 [ 14.042930] ? __pfx_kthread+0x10/0x10 [ 14.042949] ret_from_fork+0x116/0x1d0 [ 14.042967] ? __pfx_kthread+0x10/0x10 [ 14.042986] ret_from_fork_asm+0x1a/0x30 [ 14.043016] </TASK> [ 14.043026] [ 14.052291] Allocated by task 278: [ 14.052767] kasan_save_stack+0x45/0x70 [ 14.053000] kasan_save_track+0x18/0x40 [ 14.053148] kasan_save_alloc_info+0x3b/0x50 [ 14.053684] __kasan_kmalloc+0xb7/0xc0 [ 14.053864] __kmalloc_cache_noprof+0x189/0x420 [ 14.054156] kasan_bitops_generic+0x92/0x1c0 [ 14.054461] kunit_try_run_case+0x1a5/0x480 [ 14.054661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.055068] kthread+0x337/0x6f0 [ 14.055354] ret_from_fork+0x116/0x1d0 [ 14.055632] ret_from_fork_asm+0x1a/0x30 [ 14.055851] [ 14.055954] The buggy address belongs to the object at ffff88810298e120 [ 14.055954] which belongs to the cache kmalloc-16 of size 16 [ 14.056653] The buggy address is located 8 bytes inside of [ 14.056653] allocated 9-byte region [ffff88810298e120, ffff88810298e129) [ 14.057393] [ 14.057504] The buggy address belongs to the physical page: [ 14.057912] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298e [ 14.058266] flags: 0x200000000000000(node=0|zone=2) [ 14.058658] page_type: f5(slab) [ 14.058928] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.059399] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.059699] page dumped because: kasan: bad access detected [ 14.060037] [ 14.060147] Memory state around the buggy address: [ 14.060419] ffff88810298e000: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.060933] ffff88810298e080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.061378] >ffff88810298e100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.061745] ^ [ 14.061995] ffff88810298e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.062453] ffff88810298e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.062934] ================================================================== [ 14.141340] ================================================================== [ 14.142266] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.143338] Write of size 8 at addr ffff88810298e128 by task kunit_try_catch/278 [ 14.143685] [ 14.143788] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.143840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.143853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.143877] Call Trace: [ 14.143899] <TASK> [ 14.143921] dump_stack_lvl+0x73/0xb0 [ 14.143956] print_report+0xd1/0x650 [ 14.143981] ? __virt_addr_valid+0x1db/0x2d0 [ 14.144004] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.144029] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.144051] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.144075] kasan_report+0x141/0x180 [ 14.144096] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.144125] kasan_check_range+0x10c/0x1c0 [ 14.144148] __kasan_check_write+0x18/0x20 [ 14.144167] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.144192] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.144233] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.144268] ? trace_hardirqs_on+0x37/0xe0 [ 14.144290] ? kasan_bitops_generic+0x92/0x1c0 [ 14.144316] kasan_bitops_generic+0x116/0x1c0 [ 14.144362] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.144402] ? __pfx_read_tsc+0x10/0x10 [ 14.144561] ? ktime_get_ts64+0x86/0x230 [ 14.144586] kunit_try_run_case+0x1a5/0x480 [ 14.144612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.144633] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.144657] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.144680] ? __kthread_parkme+0x82/0x180 [ 14.144700] ? preempt_count_sub+0x50/0x80 [ 14.144724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.144747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.144769] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.144803] kthread+0x337/0x6f0 [ 14.144822] ? trace_preempt_on+0x20/0xc0 [ 14.144845] ? __pfx_kthread+0x10/0x10 [ 14.144865] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.144885] ? calculate_sigpending+0x7b/0xa0 [ 14.144907] ? __pfx_kthread+0x10/0x10 [ 14.144928] ret_from_fork+0x116/0x1d0 [ 14.144945] ? __pfx_kthread+0x10/0x10 [ 14.144965] ret_from_fork_asm+0x1a/0x30 [ 14.144994] </TASK> [ 14.145007] [ 14.157512] Allocated by task 278: [ 14.157751] kasan_save_stack+0x45/0x70 [ 14.157929] kasan_save_track+0x18/0x40 [ 14.158124] kasan_save_alloc_info+0x3b/0x50 [ 14.158384] __kasan_kmalloc+0xb7/0xc0 [ 14.158584] __kmalloc_cache_noprof+0x189/0x420 [ 14.158790] kasan_bitops_generic+0x92/0x1c0 [ 14.159019] kunit_try_run_case+0x1a5/0x480 [ 14.159274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.159530] kthread+0x337/0x6f0 [ 14.159696] ret_from_fork+0x116/0x1d0 [ 14.159879] ret_from_fork_asm+0x1a/0x30 [ 14.160045] [ 14.160115] The buggy address belongs to the object at ffff88810298e120 [ 14.160115] which belongs to the cache kmalloc-16 of size 16 [ 14.160717] The buggy address is located 8 bytes inside of [ 14.160717] allocated 9-byte region [ffff88810298e120, ffff88810298e129) [ 14.161313] [ 14.161433] The buggy address belongs to the physical page: [ 14.161704] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298e [ 14.161987] flags: 0x200000000000000(node=0|zone=2) [ 14.162193] page_type: f5(slab) [ 14.162504] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.162809] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.163129] page dumped because: kasan: bad access detected [ 14.163407] [ 14.163501] Memory state around the buggy address: [ 14.163711] ffff88810298e000: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.164032] ffff88810298e080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.164378] >ffff88810298e100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.164806] ^ [ 14.164996] ffff88810298e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.165332] ffff88810298e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.165651] ================================================================== [ 14.208246] ================================================================== [ 14.208611] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.209759] Write of size 8 at addr ffff88810298e128 by task kunit_try_catch/278 [ 14.210094] [ 14.210247] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.211513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.211559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.211626] Call Trace: [ 14.211650] <TASK> [ 14.211676] dump_stack_lvl+0x73/0xb0 [ 14.211720] print_report+0xd1/0x650 [ 14.211745] ? __virt_addr_valid+0x1db/0x2d0 [ 14.211768] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.211794] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.211817] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.211843] kasan_report+0x141/0x180 [ 14.211865] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.211895] kasan_check_range+0x10c/0x1c0 [ 14.211918] __kasan_check_write+0x18/0x20 [ 14.211943] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.211969] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.211997] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.212023] ? trace_hardirqs_on+0x37/0xe0 [ 14.212045] ? kasan_bitops_generic+0x92/0x1c0 [ 14.212073] kasan_bitops_generic+0x116/0x1c0 [ 14.212097] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.212123] ? __pfx_read_tsc+0x10/0x10 [ 14.212145] ? ktime_get_ts64+0x86/0x230 [ 14.212170] kunit_try_run_case+0x1a5/0x480 [ 14.212206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.212237] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.212261] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.212284] ? __kthread_parkme+0x82/0x180 [ 14.212304] ? preempt_count_sub+0x50/0x80 [ 14.212328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.212350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.212372] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.212394] kthread+0x337/0x6f0 [ 14.212412] ? trace_preempt_on+0x20/0xc0 [ 14.212433] ? __pfx_kthread+0x10/0x10 [ 14.212452] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.212471] ? calculate_sigpending+0x7b/0xa0 [ 14.212494] ? __pfx_kthread+0x10/0x10 [ 14.212514] ret_from_fork+0x116/0x1d0 [ 14.212531] ? __pfx_kthread+0x10/0x10 [ 14.212551] ret_from_fork_asm+0x1a/0x30 [ 14.212581] </TASK> [ 14.212593] [ 14.225271] Allocated by task 278: [ 14.225664] kasan_save_stack+0x45/0x70 [ 14.225980] kasan_save_track+0x18/0x40 [ 14.226355] kasan_save_alloc_info+0x3b/0x50 [ 14.226691] __kasan_kmalloc+0xb7/0xc0 [ 14.226956] __kmalloc_cache_noprof+0x189/0x420 [ 14.227276] kasan_bitops_generic+0x92/0x1c0 [ 14.227503] kunit_try_run_case+0x1a5/0x480 [ 14.227703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.227954] kthread+0x337/0x6f0 [ 14.228114] ret_from_fork+0x116/0x1d0 [ 14.228621] ret_from_fork_asm+0x1a/0x30 [ 14.228801] [ 14.229078] The buggy address belongs to the object at ffff88810298e120 [ 14.229078] which belongs to the cache kmalloc-16 of size 16 [ 14.229873] The buggy address is located 8 bytes inside of [ 14.229873] allocated 9-byte region [ffff88810298e120, ffff88810298e129) [ 14.230631] [ 14.230744] The buggy address belongs to the physical page: [ 14.230983] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298e [ 14.231298] flags: 0x200000000000000(node=0|zone=2) [ 14.231848] page_type: f5(slab) [ 14.232130] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.232598] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.233029] page dumped because: kasan: bad access detected [ 14.233452] [ 14.233661] Memory state around the buggy address: [ 14.233988] ffff88810298e000: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.234450] ffff88810298e080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.234772] >ffff88810298e100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.235069] ^ [ 14.235518] ffff88810298e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.235950] ffff88810298e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.236603] ================================================================== [ 14.108803] ================================================================== [ 14.109658] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.110170] Write of size 8 at addr ffff88810298e128 by task kunit_try_catch/278 [ 14.110536] [ 14.110632] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.110681] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.110694] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.110717] Call Trace: [ 14.110737] <TASK> [ 14.110772] dump_stack_lvl+0x73/0xb0 [ 14.110803] print_report+0xd1/0x650 [ 14.110838] ? __virt_addr_valid+0x1db/0x2d0 [ 14.110860] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.110886] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.110907] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.110933] kasan_report+0x141/0x180 [ 14.110954] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.110984] kasan_check_range+0x10c/0x1c0 [ 14.111007] __kasan_check_write+0x18/0x20 [ 14.111027] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.111052] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.111091] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.111115] ? trace_hardirqs_on+0x37/0xe0 [ 14.111150] ? kasan_bitops_generic+0x92/0x1c0 [ 14.111177] kasan_bitops_generic+0x116/0x1c0 [ 14.111200] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.111241] ? __pfx_read_tsc+0x10/0x10 [ 14.111263] ? ktime_get_ts64+0x86/0x230 [ 14.111286] kunit_try_run_case+0x1a5/0x480 [ 14.111337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.111362] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.111397] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.111420] ? __kthread_parkme+0x82/0x180 [ 14.111450] ? preempt_count_sub+0x50/0x80 [ 14.111475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.111497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.111529] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.111552] kthread+0x337/0x6f0 [ 14.111570] ? trace_preempt_on+0x20/0xc0 [ 14.111592] ? __pfx_kthread+0x10/0x10 [ 14.111613] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.111633] ? calculate_sigpending+0x7b/0xa0 [ 14.111657] ? __pfx_kthread+0x10/0x10 [ 14.111679] ret_from_fork+0x116/0x1d0 [ 14.111697] ? __pfx_kthread+0x10/0x10 [ 14.111716] ret_from_fork_asm+0x1a/0x30 [ 14.111747] </TASK> [ 14.111759] [ 14.123588] Allocated by task 278: [ 14.123767] kasan_save_stack+0x45/0x70 [ 14.123935] kasan_save_track+0x18/0x40 [ 14.124073] kasan_save_alloc_info+0x3b/0x50 [ 14.125505] __kasan_kmalloc+0xb7/0xc0 [ 14.126171] __kmalloc_cache_noprof+0x189/0x420 [ 14.127102] kasan_bitops_generic+0x92/0x1c0 [ 14.127785] kunit_try_run_case+0x1a5/0x480 [ 14.128472] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.129193] kthread+0x337/0x6f0 [ 14.129765] ret_from_fork+0x116/0x1d0 [ 14.130362] ret_from_fork_asm+0x1a/0x30 [ 14.130919] [ 14.131260] The buggy address belongs to the object at ffff88810298e120 [ 14.131260] which belongs to the cache kmalloc-16 of size 16 [ 14.132406] The buggy address is located 8 bytes inside of [ 14.132406] allocated 9-byte region [ffff88810298e120, ffff88810298e129) [ 14.133430] [ 14.133619] The buggy address belongs to the physical page: [ 14.133973] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298e [ 14.134210] flags: 0x200000000000000(node=0|zone=2) [ 14.134763] page_type: f5(slab) [ 14.135081] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.135791] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.136257] page dumped because: kasan: bad access detected [ 14.136776] [ 14.136968] Memory state around the buggy address: [ 14.137184] ffff88810298e000: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.137903] ffff88810298e080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.138281] >ffff88810298e100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.138808] ^ [ 14.138957] ffff88810298e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.139167] ffff88810298e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.139558] ================================================================== [ 14.167095] ================================================================== [ 14.167689] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.168064] Write of size 8 at addr ffff88810298e128 by task kunit_try_catch/278 [ 14.168430] [ 14.168532] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.168580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.168592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.168615] Call Trace: [ 14.168630] <TASK> [ 14.168648] dump_stack_lvl+0x73/0xb0 [ 14.168680] print_report+0xd1/0x650 [ 14.168703] ? __virt_addr_valid+0x1db/0x2d0 [ 14.168726] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.168773] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.168802] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.168826] kasan_report+0x141/0x180 [ 14.168848] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.168877] kasan_check_range+0x10c/0x1c0 [ 14.168899] __kasan_check_write+0x18/0x20 [ 14.168937] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.168963] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.168989] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.169012] ? trace_hardirqs_on+0x37/0xe0 [ 14.169035] ? kasan_bitops_generic+0x92/0x1c0 [ 14.169062] kasan_bitops_generic+0x116/0x1c0 [ 14.169102] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.169127] ? __pfx_read_tsc+0x10/0x10 [ 14.169148] ? ktime_get_ts64+0x86/0x230 [ 14.169171] kunit_try_run_case+0x1a5/0x480 [ 14.169196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.169229] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.169253] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.169275] ? __kthread_parkme+0x82/0x180 [ 14.169295] ? preempt_count_sub+0x50/0x80 [ 14.169318] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.169340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.169362] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.169402] kthread+0x337/0x6f0 [ 14.169420] ? trace_preempt_on+0x20/0xc0 [ 14.169441] ? __pfx_kthread+0x10/0x10 [ 14.169461] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.169498] ? calculate_sigpending+0x7b/0xa0 [ 14.169522] ? __pfx_kthread+0x10/0x10 [ 14.169545] ret_from_fork+0x116/0x1d0 [ 14.169563] ? __pfx_kthread+0x10/0x10 [ 14.169584] ret_from_fork_asm+0x1a/0x30 [ 14.169615] </TASK> [ 14.169627] [ 14.177888] Allocated by task 278: [ 14.178115] kasan_save_stack+0x45/0x70 [ 14.178361] kasan_save_track+0x18/0x40 [ 14.178576] kasan_save_alloc_info+0x3b/0x50 [ 14.178789] __kasan_kmalloc+0xb7/0xc0 [ 14.178953] __kmalloc_cache_noprof+0x189/0x420 [ 14.179102] kasan_bitops_generic+0x92/0x1c0 [ 14.179264] kunit_try_run_case+0x1a5/0x480 [ 14.179602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.180034] kthread+0x337/0x6f0 [ 14.180252] ret_from_fork+0x116/0x1d0 [ 14.180474] ret_from_fork_asm+0x1a/0x30 [ 14.180711] [ 14.180816] The buggy address belongs to the object at ffff88810298e120 [ 14.180816] which belongs to the cache kmalloc-16 of size 16 [ 14.181484] The buggy address is located 8 bytes inside of [ 14.181484] allocated 9-byte region [ffff88810298e120, ffff88810298e129) [ 14.181990] [ 14.182061] The buggy address belongs to the physical page: [ 14.182241] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298e [ 14.182600] flags: 0x200000000000000(node=0|zone=2) [ 14.182861] page_type: f5(slab) [ 14.183046] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.183448] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.183666] page dumped because: kasan: bad access detected [ 14.183854] [ 14.183944] Memory state around the buggy address: [ 14.184166] ffff88810298e000: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.184548] ffff88810298e080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.184756] >ffff88810298e100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.185031] ^ [ 14.185269] ffff88810298e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.185605] ffff88810298e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.185966] ================================================================== [ 14.064593] ================================================================== [ 14.065344] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.065904] Write of size 8 at addr ffff88810298e128 by task kunit_try_catch/278 [ 14.066200] [ 14.066342] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.066427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.066439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.066463] Call Trace: [ 14.066497] <TASK> [ 14.066518] dump_stack_lvl+0x73/0xb0 [ 14.066552] print_report+0xd1/0x650 [ 14.066574] ? __virt_addr_valid+0x1db/0x2d0 [ 14.066597] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.066622] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.066676] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.066712] kasan_report+0x141/0x180 [ 14.066745] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.066803] kasan_check_range+0x10c/0x1c0 [ 14.066826] __kasan_check_write+0x18/0x20 [ 14.066855] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.066880] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.066905] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.066929] ? trace_hardirqs_on+0x37/0xe0 [ 14.066952] ? kasan_bitops_generic+0x92/0x1c0 [ 14.066978] kasan_bitops_generic+0x116/0x1c0 [ 14.067001] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.067026] ? __pfx_read_tsc+0x10/0x10 [ 14.067046] ? ktime_get_ts64+0x86/0x230 [ 14.067070] kunit_try_run_case+0x1a5/0x480 [ 14.067094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.067116] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.067140] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.067162] ? __kthread_parkme+0x82/0x180 [ 14.067182] ? preempt_count_sub+0x50/0x80 [ 14.067206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.067239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.067270] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.067293] kthread+0x337/0x6f0 [ 14.067311] ? trace_preempt_on+0x20/0xc0 [ 14.067332] ? __pfx_kthread+0x10/0x10 [ 14.067352] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.067372] ? calculate_sigpending+0x7b/0xa0 [ 14.067395] ? __pfx_kthread+0x10/0x10 [ 14.067416] ret_from_fork+0x116/0x1d0 [ 14.067433] ? __pfx_kthread+0x10/0x10 [ 14.067453] ret_from_fork_asm+0x1a/0x30 [ 14.067483] </TASK> [ 14.067495] [ 14.078011] Allocated by task 278: [ 14.078430] kasan_save_stack+0x45/0x70 [ 14.078762] kasan_save_track+0x18/0x40 [ 14.079049] kasan_save_alloc_info+0x3b/0x50 [ 14.079417] __kasan_kmalloc+0xb7/0xc0 [ 14.079713] __kmalloc_cache_noprof+0x189/0x420 [ 14.080021] kasan_bitops_generic+0x92/0x1c0 [ 14.080363] kunit_try_run_case+0x1a5/0x480 [ 14.080691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.081060] kthread+0x337/0x6f0 [ 14.081354] ret_from_fork+0x116/0x1d0 [ 14.081566] ret_from_fork_asm+0x1a/0x30 [ 14.081913] [ 14.082017] The buggy address belongs to the object at ffff88810298e120 [ 14.082017] which belongs to the cache kmalloc-16 of size 16 [ 14.082877] The buggy address is located 8 bytes inside of [ 14.082877] allocated 9-byte region [ffff88810298e120, ffff88810298e129) [ 14.083690] [ 14.083773] The buggy address belongs to the physical page: [ 14.084176] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298e [ 14.084642] flags: 0x200000000000000(node=0|zone=2) [ 14.084889] page_type: f5(slab) [ 14.085050] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.085336] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.085701] page dumped because: kasan: bad access detected [ 14.085956] [ 14.086024] Memory state around the buggy address: [ 14.086290] ffff88810298e000: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.086635] ffff88810298e080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.086893] >ffff88810298e100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.087117] ^ [ 14.087425] ffff88810298e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.087720] ffff88810298e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.088059] ================================================================== [ 14.088749] ================================================================== [ 14.089661] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.090094] Write of size 8 at addr ffff88810298e128 by task kunit_try_catch/278 [ 14.090456] [ 14.090577] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 14.090636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.090649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.090672] Call Trace: [ 14.090704] <TASK> [ 14.090726] dump_stack_lvl+0x73/0xb0 [ 14.090757] print_report+0xd1/0x650 [ 14.090780] ? __virt_addr_valid+0x1db/0x2d0 [ 14.090804] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.090828] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.090859] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.090883] kasan_report+0x141/0x180 [ 14.090904] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.090944] kasan_check_range+0x10c/0x1c0 [ 14.090967] __kasan_check_write+0x18/0x20 [ 14.090986] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.091010] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.091035] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.091060] ? trace_hardirqs_on+0x37/0xe0 [ 14.091082] ? kasan_bitops_generic+0x92/0x1c0 [ 14.091118] kasan_bitops_generic+0x116/0x1c0 [ 14.091140] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.091164] ? __pfx_read_tsc+0x10/0x10 [ 14.091196] ? ktime_get_ts64+0x86/0x230 [ 14.091229] kunit_try_run_case+0x1a5/0x480 [ 14.091254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.091285] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.091318] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.091339] ? __kthread_parkme+0x82/0x180 [ 14.091360] ? preempt_count_sub+0x50/0x80 [ 14.091394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.091417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.091439] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.091462] kthread+0x337/0x6f0 [ 14.091480] ? trace_preempt_on+0x20/0xc0 [ 14.091501] ? __pfx_kthread+0x10/0x10 [ 14.091521] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.091542] ? calculate_sigpending+0x7b/0xa0 [ 14.091566] ? __pfx_kthread+0x10/0x10 [ 14.091586] ret_from_fork+0x116/0x1d0 [ 14.091604] ? __pfx_kthread+0x10/0x10 [ 14.091624] ret_from_fork_asm+0x1a/0x30 [ 14.091658] </TASK> [ 14.091670] [ 14.099936] Allocated by task 278: [ 14.100138] kasan_save_stack+0x45/0x70 [ 14.100409] kasan_save_track+0x18/0x40 [ 14.100577] kasan_save_alloc_info+0x3b/0x50 [ 14.100762] __kasan_kmalloc+0xb7/0xc0 [ 14.100920] __kmalloc_cache_noprof+0x189/0x420 [ 14.101096] kasan_bitops_generic+0x92/0x1c0 [ 14.101317] kunit_try_run_case+0x1a5/0x480 [ 14.101523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.101731] kthread+0x337/0x6f0 [ 14.101915] ret_from_fork+0x116/0x1d0 [ 14.102103] ret_from_fork_asm+0x1a/0x30 [ 14.102336] [ 14.102407] The buggy address belongs to the object at ffff88810298e120 [ 14.102407] which belongs to the cache kmalloc-16 of size 16 [ 14.102763] The buggy address is located 8 bytes inside of [ 14.102763] allocated 9-byte region [ffff88810298e120, ffff88810298e129) [ 14.103238] [ 14.103336] The buggy address belongs to the physical page: [ 14.103668] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298e [ 14.103908] flags: 0x200000000000000(node=0|zone=2) [ 14.104073] page_type: f5(slab) [ 14.104197] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.104500] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.104853] page dumped because: kasan: bad access detected [ 14.105135] [ 14.105240] Memory state around the buggy address: [ 14.105583] ffff88810298e000: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.105923] ffff88810298e080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.106277] >ffff88810298e100: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 14.106636] ^ [ 14.106835] ffff88810298e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.107057] ffff88810298e200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.107422] ==================================================================