Date
July 6, 2025, 11:09 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 20.540722] ================================================================== [ 20.540818] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 20.540873] Read of size 8 at addr fff00000c1cea988 by task kunit_try_catch/261 [ 20.540970] [ 20.541005] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.541087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.541114] Hardware name: linux,dummy-virt (DT) [ 20.541259] Call trace: [ 20.541284] show_stack+0x20/0x38 (C) [ 20.541400] dump_stack_lvl+0x8c/0xd0 [ 20.541453] print_report+0x118/0x608 [ 20.541855] kasan_report+0xdc/0x128 [ 20.541994] __asan_report_load8_noabort+0x20/0x30 [ 20.542181] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 20.542549] kasan_bitops_generic+0x110/0x1c8 [ 20.542637] kunit_try_run_case+0x170/0x3f0 [ 20.542789] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.543025] kthread+0x328/0x630 [ 20.543361] ret_from_fork+0x10/0x20 [ 20.543790] [ 20.543822] Allocated by task 261: [ 20.543883] kasan_save_stack+0x3c/0x68 [ 20.544233] kasan_save_track+0x20/0x40 [ 20.544333] kasan_save_alloc_info+0x40/0x58 [ 20.544685] __kasan_kmalloc+0xd4/0xd8 [ 20.544875] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.545047] kasan_bitops_generic+0xa0/0x1c8 [ 20.545239] kunit_try_run_case+0x170/0x3f0 [ 20.545368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.545762] kthread+0x328/0x630 [ 20.545995] ret_from_fork+0x10/0x20 [ 20.546085] [ 20.546178] The buggy address belongs to the object at fff00000c1cea980 [ 20.546178] which belongs to the cache kmalloc-16 of size 16 [ 20.546535] The buggy address is located 8 bytes inside of [ 20.546535] allocated 9-byte region [fff00000c1cea980, fff00000c1cea989) [ 20.546630] [ 20.546674] The buggy address belongs to the physical page: [ 20.546708] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cea [ 20.546766] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.546826] page_type: f5(slab) [ 20.546867] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.546936] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.546979] page dumped because: kasan: bad access detected [ 20.547016] [ 20.547046] Memory state around the buggy address: [ 20.547092] fff00000c1cea880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.547139] fff00000c1cea900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.547220] >fff00000c1cea980: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.547263] ^ [ 20.547293] fff00000c1ceaa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.547338] fff00000c1ceaa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.547380] ================================================================== [ 20.548651] ================================================================== [ 20.548704] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 20.549080] Write of size 8 at addr fff00000c1cea988 by task kunit_try_catch/261 [ 20.549228] [ 20.549263] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.549544] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.549578] Hardware name: linux,dummy-virt (DT) [ 20.549760] Call trace: [ 20.549797] show_stack+0x20/0x38 (C) [ 20.550245] dump_stack_lvl+0x8c/0xd0 [ 20.550468] print_report+0x118/0x608 [ 20.550909] kasan_report+0xdc/0x128 [ 20.551061] kasan_check_range+0x100/0x1a8 [ 20.551251] __kasan_check_write+0x20/0x30 [ 20.551364] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 20.551709] kasan_bitops_generic+0x110/0x1c8 [ 20.552344] kunit_try_run_case+0x170/0x3f0 [ 20.552449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.552566] kthread+0x328/0x630 [ 20.552784] ret_from_fork+0x10/0x20 [ 20.553089] [ 20.553289] Allocated by task 261: [ 20.553354] kasan_save_stack+0x3c/0x68 [ 20.553592] kasan_save_track+0x20/0x40 [ 20.553735] kasan_save_alloc_info+0x40/0x58 [ 20.554039] __kasan_kmalloc+0xd4/0xd8 [ 20.554143] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.554365] kasan_bitops_generic+0xa0/0x1c8 [ 20.554560] kunit_try_run_case+0x170/0x3f0 [ 20.554750] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.554919] kthread+0x328/0x630 [ 20.554958] ret_from_fork+0x10/0x20 [ 20.555149] [ 20.555204] The buggy address belongs to the object at fff00000c1cea980 [ 20.555204] which belongs to the cache kmalloc-16 of size 16 [ 20.555386] The buggy address is located 8 bytes inside of [ 20.555386] allocated 9-byte region [fff00000c1cea980, fff00000c1cea989) [ 20.555538] [ 20.555692] The buggy address belongs to the physical page: [ 20.555772] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cea [ 20.555876] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.556171] page_type: f5(slab) [ 20.556247] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.556366] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.556465] page dumped because: kasan: bad access detected [ 20.556619] [ 20.556720] Memory state around the buggy address: [ 20.556793] fff00000c1cea880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.557005] fff00000c1cea900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.557156] >fff00000c1cea980: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.557334] ^ [ 20.557382] fff00000c1ceaa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.557435] fff00000c1ceaa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.557681] ================================================================== [ 20.528758] ================================================================== [ 20.528830] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 20.528905] Write of size 8 at addr fff00000c1cea988 by task kunit_try_catch/261 [ 20.528957] [ 20.528990] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.529082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.529111] Hardware name: linux,dummy-virt (DT) [ 20.529143] Call trace: [ 20.529167] show_stack+0x20/0x38 (C) [ 20.529573] dump_stack_lvl+0x8c/0xd0 [ 20.530317] print_report+0x118/0x608 [ 20.530395] kasan_report+0xdc/0x128 [ 20.530568] kasan_check_range+0x100/0x1a8 [ 20.530770] __kasan_check_write+0x20/0x30 [ 20.530833] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 20.531217] kasan_bitops_generic+0x110/0x1c8 [ 20.531416] kunit_try_run_case+0x170/0x3f0 [ 20.531610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.531759] kthread+0x328/0x630 [ 20.532087] ret_from_fork+0x10/0x20 [ 20.532579] [ 20.532679] Allocated by task 261: [ 20.532718] kasan_save_stack+0x3c/0x68 [ 20.533092] kasan_save_track+0x20/0x40 [ 20.533313] kasan_save_alloc_info+0x40/0x58 [ 20.533505] __kasan_kmalloc+0xd4/0xd8 [ 20.533769] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.533903] kasan_bitops_generic+0xa0/0x1c8 [ 20.534057] kunit_try_run_case+0x170/0x3f0 [ 20.534203] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.534469] kthread+0x328/0x630 [ 20.534679] ret_from_fork+0x10/0x20 [ 20.534813] [ 20.534944] The buggy address belongs to the object at fff00000c1cea980 [ 20.534944] which belongs to the cache kmalloc-16 of size 16 [ 20.535163] The buggy address is located 8 bytes inside of [ 20.535163] allocated 9-byte region [fff00000c1cea980, fff00000c1cea989) [ 20.535367] [ 20.535393] The buggy address belongs to the physical page: [ 20.535448] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cea [ 20.535839] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.536080] page_type: f5(slab) [ 20.536239] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.536332] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.536394] page dumped because: kasan: bad access detected [ 20.536719] [ 20.537531] Memory state around the buggy address: [ 20.537640] fff00000c1cea880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.537698] fff00000c1cea900: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.537773] >fff00000c1cea980: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.537875] ^ [ 20.537908] fff00000c1ceaa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.538422] fff00000c1ceaa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.538615] ================================================================== [ 20.558989] ================================================================== [ 20.559043] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 20.559184] Read of size 8 at addr fff00000c1cea988 by task kunit_try_catch/261 [ 20.559314] [ 20.559687] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.559795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.559827] Hardware name: linux,dummy-virt (DT) [ 20.559859] Call trace: [ 20.559892] show_stack+0x20/0x38 (C) [ 20.559947] dump_stack_lvl+0x8c/0xd0 [ 20.559996] print_report+0x118/0x608 [ 20.560055] kasan_report+0xdc/0x128 [ 20.560104] __asan_report_load8_noabort+0x20/0x30 [ 20.560162] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 20.560402] kasan_bitops_generic+0x110/0x1c8 [ 20.560636] kunit_try_run_case+0x170/0x3f0 [ 20.560700] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.560756] kthread+0x328/0x630 [ 20.560800] ret_from_fork+0x10/0x20 [ 20.560879] [ 20.560919] Allocated by task 261: [ 20.560976] kasan_save_stack+0x3c/0x68 [ 20.561359] kasan_save_track+0x20/0x40 [ 20.561418] kasan_save_alloc_info+0x40/0x58 [ 20.561461] __kasan_kmalloc+0xd4/0xd8 [ 20.561854] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.561960] kasan_bitops_generic+0xa0/0x1c8 [ 20.562079] kunit_try_run_case+0x170/0x3f0 [ 20.562255] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.562376] kthread+0x328/0x630 [ 20.562434] ret_from_fork+0x10/0x20 [ 20.562475] [ 20.562791] The buggy address belongs to the object at fff00000c1cea980 [ 20.562791] which belongs to the cache kmalloc-16 of size 16 [ 20.562891] The buggy address is located 8 bytes inside of [ 20.562891] allocated 9-byte region [fff00000c1cea980, fff00000c1cea989) [ 20.564329] page dumped because: kasan: bad access detected [ 20.566022] fff00000c1ceaa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.567726] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 20.567996] Hardware name: linux,dummy-virt (DT) [ 20.568416] kasan_bitops_generic+0x110/0x1c8 [ 20.568760] kasan_save_track+0x20/0x40 [ 20.569004] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.570239] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cea [ 20.571155] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.571315] page dumped because: kasan: bad access detected [ 20.572357] >fff00000c1cea980: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.573701] Write of size 8 at addr fff00000c1cea988 by task kunit_try_catch/261 [ 20.575673] __kasan_check_write+0x20/0x30 [ 20.576544] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.578869] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.580265] [ 20.580358] The buggy address belongs to the physical page: [ 20.581403] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.581759] [ 20.582429] >fff00000c1cea980: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.584128] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 20.584728] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.585964] __asan_report_load8_noabort+0x20/0x30 [ 20.587134] kasan_save_stack+0x3c/0x68 [ 20.587370] kasan_bitops_generic+0xa0/0x1c8 [ 20.587702] The buggy address is located 8 bytes inside of [ 20.587702] allocated 9-byte region [fff00000c1cea980, fff00000c1cea989) [ 20.588042] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.588086] page dumped because: kasan: bad access detected [ 20.588119] [ 20.588172] fff00000c1cea880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.589577] fff00000c1ceaa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.591355] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.592183] kasan_check_range+0x100/0x1a8 [ 20.593312] ret_from_fork+0x10/0x20 [ 20.593779] kasan_save_alloc_info+0x40/0x58 [ 20.594992] [ 20.595463] [ 20.595959] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.596519] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.597291] fff00000c1cea880: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.599839] ==================================================================
[ 13.685868] ================================================================== [ 13.686642] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.687047] Write of size 8 at addr ffff888100fbfb08 by task kunit_try_catch/278 [ 13.687397] [ 13.687505] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.687546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.687557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.687578] Call Trace: [ 13.687592] <TASK> [ 13.687608] dump_stack_lvl+0x73/0xb0 [ 13.687634] print_report+0xd1/0x650 [ 13.687657] ? __virt_addr_valid+0x1db/0x2d0 [ 13.687680] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.687708] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.687732] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.687760] kasan_report+0x141/0x180 [ 13.687784] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.687816] kasan_check_range+0x10c/0x1c0 [ 13.687841] __kasan_check_write+0x18/0x20 [ 13.687862] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.687889] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.687919] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.687956] ? trace_hardirqs_on+0x37/0xe0 [ 13.687980] ? kasan_bitops_generic+0x92/0x1c0 [ 13.688009] kasan_bitops_generic+0x116/0x1c0 [ 13.688034] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.688061] ? __pfx_read_tsc+0x10/0x10 [ 13.688096] ? ktime_get_ts64+0x86/0x230 [ 13.688121] kunit_try_run_case+0x1a5/0x480 [ 13.688147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.688171] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.688195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.688220] ? __kthread_parkme+0x82/0x180 [ 13.688241] ? preempt_count_sub+0x50/0x80 [ 13.688265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.688291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.688316] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.688342] kthread+0x337/0x6f0 [ 13.688363] ? trace_preempt_on+0x20/0xc0 [ 13.688385] ? __pfx_kthread+0x10/0x10 [ 13.688407] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.688430] ? calculate_sigpending+0x7b/0xa0 [ 13.688455] ? __pfx_kthread+0x10/0x10 [ 13.688477] ret_from_fork+0x116/0x1d0 [ 13.688497] ? __pfx_kthread+0x10/0x10 [ 13.688520] ret_from_fork_asm+0x1a/0x30 [ 13.688552] </TASK> [ 13.688564] [ 13.696336] Allocated by task 278: [ 13.696507] kasan_save_stack+0x45/0x70 [ 13.696677] kasan_save_track+0x18/0x40 [ 13.696867] kasan_save_alloc_info+0x3b/0x50 [ 13.697053] __kasan_kmalloc+0xb7/0xc0 [ 13.697231] __kmalloc_cache_noprof+0x189/0x420 [ 13.697440] kasan_bitops_generic+0x92/0x1c0 [ 13.697591] kunit_try_run_case+0x1a5/0x480 [ 13.697739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.697914] kthread+0x337/0x6f0 [ 13.698046] ret_from_fork+0x116/0x1d0 [ 13.698178] ret_from_fork_asm+0x1a/0x30 [ 13.698319] [ 13.698390] The buggy address belongs to the object at ffff888100fbfb00 [ 13.698390] which belongs to the cache kmalloc-16 of size 16 [ 13.699046] The buggy address is located 8 bytes inside of [ 13.699046] allocated 9-byte region [ffff888100fbfb00, ffff888100fbfb09) [ 13.699576] [ 13.699672] The buggy address belongs to the physical page: [ 13.699951] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fbf [ 13.700357] flags: 0x200000000000000(node=0|zone=2) [ 13.700520] page_type: f5(slab) [ 13.700641] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.700870] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.701195] page dumped because: kasan: bad access detected [ 13.701454] [ 13.701552] Memory state around the buggy address: [ 13.701779] ffff888100fbfa00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 13.702178] ffff888100fbfa80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.702506] >ffff888100fbfb00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.702833] ^ [ 13.703025] ffff888100fbfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.703379] ffff888100fbfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.703675] ================================================================== [ 13.795910] ================================================================== [ 13.796803] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.797227] Write of size 8 at addr ffff888100fbfb08 by task kunit_try_catch/278 [ 13.797524] [ 13.797639] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.797686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.797699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.797721] Call Trace: [ 13.797738] <TASK> [ 13.797753] dump_stack_lvl+0x73/0xb0 [ 13.797783] print_report+0xd1/0x650 [ 13.797807] ? __virt_addr_valid+0x1db/0x2d0 [ 13.797830] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.797858] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.797883] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.797911] kasan_report+0x141/0x180 [ 13.797946] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.797978] kasan_check_range+0x10c/0x1c0 [ 13.798003] __kasan_check_write+0x18/0x20 [ 13.798024] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.798052] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.798092] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.798119] ? trace_hardirqs_on+0x37/0xe0 [ 13.798154] ? kasan_bitops_generic+0x92/0x1c0 [ 13.798184] kasan_bitops_generic+0x116/0x1c0 [ 13.798209] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.798236] ? __pfx_read_tsc+0x10/0x10 [ 13.798258] ? ktime_get_ts64+0x86/0x230 [ 13.798283] kunit_try_run_case+0x1a5/0x480 [ 13.798308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.798332] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.798357] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.798381] ? __kthread_parkme+0x82/0x180 [ 13.798402] ? preempt_count_sub+0x50/0x80 [ 13.798427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.798452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.798477] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.798503] kthread+0x337/0x6f0 [ 13.798523] ? trace_preempt_on+0x20/0xc0 [ 13.798547] ? __pfx_kthread+0x10/0x10 [ 13.798569] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.798591] ? calculate_sigpending+0x7b/0xa0 [ 13.798616] ? __pfx_kthread+0x10/0x10 [ 13.798638] ret_from_fork+0x116/0x1d0 [ 13.798657] ? __pfx_kthread+0x10/0x10 [ 13.798679] ret_from_fork_asm+0x1a/0x30 [ 13.798710] </TASK> [ 13.798721] [ 13.807101] Allocated by task 278: [ 13.807249] kasan_save_stack+0x45/0x70 [ 13.807443] kasan_save_track+0x18/0x40 [ 13.807581] kasan_save_alloc_info+0x3b/0x50 [ 13.807802] __kasan_kmalloc+0xb7/0xc0 [ 13.808002] __kmalloc_cache_noprof+0x189/0x420 [ 13.808180] kasan_bitops_generic+0x92/0x1c0 [ 13.808333] kunit_try_run_case+0x1a5/0x480 [ 13.808642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.808912] kthread+0x337/0x6f0 [ 13.809098] ret_from_fork+0x116/0x1d0 [ 13.809235] ret_from_fork_asm+0x1a/0x30 [ 13.809377] [ 13.809448] The buggy address belongs to the object at ffff888100fbfb00 [ 13.809448] which belongs to the cache kmalloc-16 of size 16 [ 13.810205] The buggy address is located 8 bytes inside of [ 13.810205] allocated 9-byte region [ffff888100fbfb00, ffff888100fbfb09) [ 13.810697] [ 13.810770] The buggy address belongs to the physical page: [ 13.810954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fbf [ 13.811544] flags: 0x200000000000000(node=0|zone=2) [ 13.811798] page_type: f5(slab) [ 13.812008] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.812347] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.812582] page dumped because: kasan: bad access detected [ 13.812863] [ 13.812978] Memory state around the buggy address: [ 13.813403] ffff888100fbfa00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 13.813717] ffff888100fbfa80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.814018] >ffff888100fbfb00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.814390] ^ [ 13.814560] ffff888100fbfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.814866] ffff888100fbfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.815193] ================================================================== [ 13.732137] ================================================================== [ 13.732472] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.732999] Write of size 8 at addr ffff888100fbfb08 by task kunit_try_catch/278 [ 13.733664] [ 13.733861] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.733904] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.733917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.733947] Call Trace: [ 13.733965] <TASK> [ 13.733981] dump_stack_lvl+0x73/0xb0 [ 13.734010] print_report+0xd1/0x650 [ 13.734033] ? __virt_addr_valid+0x1db/0x2d0 [ 13.734077] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.734105] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.734130] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.734158] kasan_report+0x141/0x180 [ 13.734181] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.734213] kasan_check_range+0x10c/0x1c0 [ 13.734248] __kasan_check_write+0x18/0x20 [ 13.734269] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.734296] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.734336] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.734362] ? trace_hardirqs_on+0x37/0xe0 [ 13.734385] ? kasan_bitops_generic+0x92/0x1c0 [ 13.734413] kasan_bitops_generic+0x116/0x1c0 [ 13.734438] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.734466] ? __pfx_read_tsc+0x10/0x10 [ 13.734488] ? ktime_get_ts64+0x86/0x230 [ 13.734512] kunit_try_run_case+0x1a5/0x480 [ 13.734538] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.734562] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.734588] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.734613] ? __kthread_parkme+0x82/0x180 [ 13.734634] ? preempt_count_sub+0x50/0x80 [ 13.734659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.734685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.734710] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.734735] kthread+0x337/0x6f0 [ 13.734756] ? trace_preempt_on+0x20/0xc0 [ 13.734778] ? __pfx_kthread+0x10/0x10 [ 13.734800] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.734822] ? calculate_sigpending+0x7b/0xa0 [ 13.734848] ? __pfx_kthread+0x10/0x10 [ 13.734871] ret_from_fork+0x116/0x1d0 [ 13.734890] ? __pfx_kthread+0x10/0x10 [ 13.734912] ret_from_fork_asm+0x1a/0x30 [ 13.734954] </TASK> [ 13.734966] [ 13.748087] Allocated by task 278: [ 13.748433] kasan_save_stack+0x45/0x70 [ 13.748820] kasan_save_track+0x18/0x40 [ 13.749213] kasan_save_alloc_info+0x3b/0x50 [ 13.749620] __kasan_kmalloc+0xb7/0xc0 [ 13.749991] __kmalloc_cache_noprof+0x189/0x420 [ 13.750429] kasan_bitops_generic+0x92/0x1c0 [ 13.750828] kunit_try_run_case+0x1a5/0x480 [ 13.751095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.751418] kthread+0x337/0x6f0 [ 13.751543] ret_from_fork+0x116/0x1d0 [ 13.751675] ret_from_fork_asm+0x1a/0x30 [ 13.751815] [ 13.751886] The buggy address belongs to the object at ffff888100fbfb00 [ 13.751886] which belongs to the cache kmalloc-16 of size 16 [ 13.752396] The buggy address is located 8 bytes inside of [ 13.752396] allocated 9-byte region [ffff888100fbfb00, ffff888100fbfb09) [ 13.753316] [ 13.753394] The buggy address belongs to the physical page: [ 13.753575] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fbf [ 13.753817] flags: 0x200000000000000(node=0|zone=2) [ 13.754003] page_type: f5(slab) [ 13.754203] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.754540] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.754770] page dumped because: kasan: bad access detected [ 13.755054] [ 13.755176] Memory state around the buggy address: [ 13.755401] ffff888100fbfa00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 13.755697] ffff888100fbfa80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.755984] >ffff888100fbfb00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.756376] ^ [ 13.756549] ffff888100fbfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.756814] ffff888100fbfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.757179] ================================================================== [ 13.705230] ================================================================== [ 13.705998] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.706492] Write of size 8 at addr ffff888100fbfb08 by task kunit_try_catch/278 [ 13.706756] [ 13.706879] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.706924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.706948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.706970] Call Trace: [ 13.706985] <TASK> [ 13.707000] dump_stack_lvl+0x73/0xb0 [ 13.707029] print_report+0xd1/0x650 [ 13.707054] ? __virt_addr_valid+0x1db/0x2d0 [ 13.707077] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.707105] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.707137] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.707165] kasan_report+0x141/0x180 [ 13.707188] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.707220] kasan_check_range+0x10c/0x1c0 [ 13.707246] __kasan_check_write+0x18/0x20 [ 13.707267] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.707295] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.707324] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.707351] ? trace_hardirqs_on+0x37/0xe0 [ 13.707374] ? kasan_bitops_generic+0x92/0x1c0 [ 13.707404] kasan_bitops_generic+0x116/0x1c0 [ 13.707429] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.707457] ? __pfx_read_tsc+0x10/0x10 [ 13.707478] ? ktime_get_ts64+0x86/0x230 [ 13.707504] kunit_try_run_case+0x1a5/0x480 [ 13.707531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.707556] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.707581] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.707606] ? __kthread_parkme+0x82/0x180 [ 13.707628] ? preempt_count_sub+0x50/0x80 [ 13.707652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.707678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.707706] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.707733] kthread+0x337/0x6f0 [ 13.707753] ? trace_preempt_on+0x20/0xc0 [ 13.707776] ? __pfx_kthread+0x10/0x10 [ 13.707799] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.707822] ? calculate_sigpending+0x7b/0xa0 [ 13.707848] ? __pfx_kthread+0x10/0x10 [ 13.707871] ret_from_fork+0x116/0x1d0 [ 13.707890] ? __pfx_kthread+0x10/0x10 [ 13.707912] ret_from_fork_asm+0x1a/0x30 [ 13.707954] </TASK> [ 13.707965] [ 13.718879] Allocated by task 278: [ 13.719036] kasan_save_stack+0x45/0x70 [ 13.719843] kasan_save_track+0x18/0x40 [ 13.720469] kasan_save_alloc_info+0x3b/0x50 [ 13.721084] __kasan_kmalloc+0xb7/0xc0 [ 13.721585] __kmalloc_cache_noprof+0x189/0x420 [ 13.722212] kasan_bitops_generic+0x92/0x1c0 [ 13.722432] kunit_try_run_case+0x1a5/0x480 [ 13.722582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.722760] kthread+0x337/0x6f0 [ 13.722880] ret_from_fork+0x116/0x1d0 [ 13.723220] ret_from_fork_asm+0x1a/0x30 [ 13.723593] [ 13.723751] The buggy address belongs to the object at ffff888100fbfb00 [ 13.723751] which belongs to the cache kmalloc-16 of size 16 [ 13.724840] The buggy address is located 8 bytes inside of [ 13.724840] allocated 9-byte region [ffff888100fbfb00, ffff888100fbfb09) [ 13.725891] [ 13.726083] The buggy address belongs to the physical page: [ 13.726386] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fbf [ 13.726893] flags: 0x200000000000000(node=0|zone=2) [ 13.727116] page_type: f5(slab) [ 13.727444] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.728184] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.728817] page dumped because: kasan: bad access detected [ 13.729002] [ 13.729122] Memory state around the buggy address: [ 13.729564] ffff888100fbfa00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 13.730211] ffff888100fbfa80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.730792] >ffff888100fbfb00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.731018] ^ [ 13.731151] ffff888100fbfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.731369] ffff888100fbfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.731582] ================================================================== [ 13.776702] ================================================================== [ 13.777365] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.777777] Write of size 8 at addr ffff888100fbfb08 by task kunit_try_catch/278 [ 13.778054] [ 13.778164] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.778204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.778218] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.778239] Call Trace: [ 13.778255] <TASK> [ 13.778270] dump_stack_lvl+0x73/0xb0 [ 13.778301] print_report+0xd1/0x650 [ 13.778325] ? __virt_addr_valid+0x1db/0x2d0 [ 13.778349] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.778376] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.778401] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.778428] kasan_report+0x141/0x180 [ 13.778466] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.778509] kasan_check_range+0x10c/0x1c0 [ 13.778534] __kasan_check_write+0x18/0x20 [ 13.778567] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.778595] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.778625] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.778651] ? trace_hardirqs_on+0x37/0xe0 [ 13.778674] ? kasan_bitops_generic+0x92/0x1c0 [ 13.778704] kasan_bitops_generic+0x116/0x1c0 [ 13.778729] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.778757] ? __pfx_read_tsc+0x10/0x10 [ 13.778779] ? ktime_get_ts64+0x86/0x230 [ 13.778803] kunit_try_run_case+0x1a5/0x480 [ 13.778827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.778851] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.778876] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.778901] ? __kthread_parkme+0x82/0x180 [ 13.778922] ? preempt_count_sub+0x50/0x80 [ 13.778956] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.778981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.779006] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.779031] kthread+0x337/0x6f0 [ 13.779052] ? trace_preempt_on+0x20/0xc0 [ 13.779074] ? __pfx_kthread+0x10/0x10 [ 13.779096] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.779124] ? calculate_sigpending+0x7b/0xa0 [ 13.779149] ? __pfx_kthread+0x10/0x10 [ 13.779170] ret_from_fork+0x116/0x1d0 [ 13.779190] ? __pfx_kthread+0x10/0x10 [ 13.779211] ret_from_fork_asm+0x1a/0x30 [ 13.779253] </TASK> [ 13.779264] [ 13.787668] Allocated by task 278: [ 13.787826] kasan_save_stack+0x45/0x70 [ 13.788080] kasan_save_track+0x18/0x40 [ 13.788273] kasan_save_alloc_info+0x3b/0x50 [ 13.788484] __kasan_kmalloc+0xb7/0xc0 [ 13.788688] __kmalloc_cache_noprof+0x189/0x420 [ 13.788907] kasan_bitops_generic+0x92/0x1c0 [ 13.789069] kunit_try_run_case+0x1a5/0x480 [ 13.789282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.789571] kthread+0x337/0x6f0 [ 13.789716] ret_from_fork+0x116/0x1d0 [ 13.789902] ret_from_fork_asm+0x1a/0x30 [ 13.790096] [ 13.790204] The buggy address belongs to the object at ffff888100fbfb00 [ 13.790204] which belongs to the cache kmalloc-16 of size 16 [ 13.790627] The buggy address is located 8 bytes inside of [ 13.790627] allocated 9-byte region [ffff888100fbfb00, ffff888100fbfb09) [ 13.791209] [ 13.791316] The buggy address belongs to the physical page: [ 13.791530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fbf [ 13.791775] flags: 0x200000000000000(node=0|zone=2) [ 13.791950] page_type: f5(slab) [ 13.792073] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.792348] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.792689] page dumped because: kasan: bad access detected [ 13.792983] [ 13.793080] Memory state around the buggy address: [ 13.793304] ffff888100fbfa00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 13.793623] ffff888100fbfa80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.793949] >ffff888100fbfb00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.794406] ^ [ 13.794533] ffff888100fbfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.794748] ffff888100fbfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.794985] ================================================================== [ 13.667322] ================================================================== [ 13.667952] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.668366] Write of size 8 at addr ffff888100fbfb08 by task kunit_try_catch/278 [ 13.668687] [ 13.668773] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.668814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.668826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.668847] Call Trace: [ 13.668862] <TASK> [ 13.668875] dump_stack_lvl+0x73/0xb0 [ 13.668903] print_report+0xd1/0x650 [ 13.668927] ? __virt_addr_valid+0x1db/0x2d0 [ 13.668962] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.668990] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.669015] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.669043] kasan_report+0x141/0x180 [ 13.669065] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.669098] kasan_check_range+0x10c/0x1c0 [ 13.669123] __kasan_check_write+0x18/0x20 [ 13.669144] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.669172] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.669203] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.669229] ? trace_hardirqs_on+0x37/0xe0 [ 13.669254] ? kasan_bitops_generic+0x92/0x1c0 [ 13.669283] kasan_bitops_generic+0x116/0x1c0 [ 13.669308] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.669335] ? __pfx_read_tsc+0x10/0x10 [ 13.669357] ? ktime_get_ts64+0x86/0x230 [ 13.669382] kunit_try_run_case+0x1a5/0x480 [ 13.669408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.669431] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.669456] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.669481] ? __kthread_parkme+0x82/0x180 [ 13.669506] ? preempt_count_sub+0x50/0x80 [ 13.669534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.669561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.669586] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.669613] kthread+0x337/0x6f0 [ 13.669633] ? trace_preempt_on+0x20/0xc0 [ 13.669656] ? __pfx_kthread+0x10/0x10 [ 13.669678] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.669701] ? calculate_sigpending+0x7b/0xa0 [ 13.669726] ? __pfx_kthread+0x10/0x10 [ 13.669749] ret_from_fork+0x116/0x1d0 [ 13.669769] ? __pfx_kthread+0x10/0x10 [ 13.669791] ret_from_fork_asm+0x1a/0x30 [ 13.669822] </TASK> [ 13.669833] [ 13.677796] Allocated by task 278: [ 13.677996] kasan_save_stack+0x45/0x70 [ 13.678221] kasan_save_track+0x18/0x40 [ 13.678396] kasan_save_alloc_info+0x3b/0x50 [ 13.678552] __kasan_kmalloc+0xb7/0xc0 [ 13.678729] __kmalloc_cache_noprof+0x189/0x420 [ 13.678966] kasan_bitops_generic+0x92/0x1c0 [ 13.679266] kunit_try_run_case+0x1a5/0x480 [ 13.679458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.679689] kthread+0x337/0x6f0 [ 13.679835] ret_from_fork+0x116/0x1d0 [ 13.680014] ret_from_fork_asm+0x1a/0x30 [ 13.680219] [ 13.680317] The buggy address belongs to the object at ffff888100fbfb00 [ 13.680317] which belongs to the cache kmalloc-16 of size 16 [ 13.680779] The buggy address is located 8 bytes inside of [ 13.680779] allocated 9-byte region [ffff888100fbfb00, ffff888100fbfb09) [ 13.681297] [ 13.681399] The buggy address belongs to the physical page: [ 13.681586] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fbf [ 13.681877] flags: 0x200000000000000(node=0|zone=2) [ 13.682052] page_type: f5(slab) [ 13.682172] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.682404] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.682630] page dumped because: kasan: bad access detected [ 13.682883] [ 13.682996] Memory state around the buggy address: [ 13.683327] ffff888100fbfa00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 13.683640] ffff888100fbfa80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.683920] >ffff888100fbfb00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.684142] ^ [ 13.684266] ffff888100fbfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.684479] ffff888100fbfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.684689] ================================================================== [ 13.649065] ================================================================== [ 13.649530] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.649884] Write of size 8 at addr ffff888100fbfb08 by task kunit_try_catch/278 [ 13.650237] [ 13.650356] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.650401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.650413] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.650435] Call Trace: [ 13.650448] <TASK> [ 13.650466] dump_stack_lvl+0x73/0xb0 [ 13.650494] print_report+0xd1/0x650 [ 13.650519] ? __virt_addr_valid+0x1db/0x2d0 [ 13.650545] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.650573] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.650597] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.650626] kasan_report+0x141/0x180 [ 13.650649] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.650682] kasan_check_range+0x10c/0x1c0 [ 13.650709] __kasan_check_write+0x18/0x20 [ 13.650730] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.650758] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.650788] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.650814] ? trace_hardirqs_on+0x37/0xe0 [ 13.650838] ? kasan_bitops_generic+0x92/0x1c0 [ 13.650867] kasan_bitops_generic+0x116/0x1c0 [ 13.650892] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.650919] ? __pfx_read_tsc+0x10/0x10 [ 13.650951] ? ktime_get_ts64+0x86/0x230 [ 13.650978] kunit_try_run_case+0x1a5/0x480 [ 13.651003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.651027] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.651052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.651077] ? __kthread_parkme+0x82/0x180 [ 13.651100] ? preempt_count_sub+0x50/0x80 [ 13.651130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.651156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.651182] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.651208] kthread+0x337/0x6f0 [ 13.651228] ? trace_preempt_on+0x20/0xc0 [ 13.651253] ? __pfx_kthread+0x10/0x10 [ 13.651275] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.651297] ? calculate_sigpending+0x7b/0xa0 [ 13.651323] ? __pfx_kthread+0x10/0x10 [ 13.651345] ret_from_fork+0x116/0x1d0 [ 13.651366] ? __pfx_kthread+0x10/0x10 [ 13.651388] ret_from_fork_asm+0x1a/0x30 [ 13.651421] </TASK> [ 13.651434] [ 13.659168] Allocated by task 278: [ 13.659355] kasan_save_stack+0x45/0x70 [ 13.659518] kasan_save_track+0x18/0x40 [ 13.659655] kasan_save_alloc_info+0x3b/0x50 [ 13.659807] __kasan_kmalloc+0xb7/0xc0 [ 13.660011] __kmalloc_cache_noprof+0x189/0x420 [ 13.660458] kasan_bitops_generic+0x92/0x1c0 [ 13.660657] kunit_try_run_case+0x1a5/0x480 [ 13.660830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.661016] kthread+0x337/0x6f0 [ 13.661139] ret_from_fork+0x116/0x1d0 [ 13.661298] ret_from_fork_asm+0x1a/0x30 [ 13.661493] [ 13.661588] The buggy address belongs to the object at ffff888100fbfb00 [ 13.661588] which belongs to the cache kmalloc-16 of size 16 [ 13.662178] The buggy address is located 8 bytes inside of [ 13.662178] allocated 9-byte region [ffff888100fbfb00, ffff888100fbfb09) [ 13.662618] [ 13.662715] The buggy address belongs to the physical page: [ 13.662928] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fbf [ 13.663294] flags: 0x200000000000000(node=0|zone=2) [ 13.663461] page_type: f5(slab) [ 13.663585] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.663875] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.664224] page dumped because: kasan: bad access detected [ 13.664648] [ 13.664744] Memory state around the buggy address: [ 13.664983] ffff888100fbfa00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 13.665228] ffff888100fbfa80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.665443] >ffff888100fbfb00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.665931] ^ [ 13.666120] ffff888100fbfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.666435] ffff888100fbfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.666707] ================================================================== [ 13.757840] ================================================================== [ 13.758519] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.758885] Write of size 8 at addr ffff888100fbfb08 by task kunit_try_catch/278 [ 13.759238] [ 13.759353] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.759408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.759420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.759441] Call Trace: [ 13.759469] <TASK> [ 13.759484] dump_stack_lvl+0x73/0xb0 [ 13.759514] print_report+0xd1/0x650 [ 13.759539] ? __virt_addr_valid+0x1db/0x2d0 [ 13.759563] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.759592] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.759616] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.759644] kasan_report+0x141/0x180 [ 13.759668] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.759712] kasan_check_range+0x10c/0x1c0 [ 13.759737] __kasan_check_write+0x18/0x20 [ 13.759758] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.759796] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.759825] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.759852] ? trace_hardirqs_on+0x37/0xe0 [ 13.759875] ? kasan_bitops_generic+0x92/0x1c0 [ 13.759904] kasan_bitops_generic+0x116/0x1c0 [ 13.759929] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.759966] ? __pfx_read_tsc+0x10/0x10 [ 13.759987] ? ktime_get_ts64+0x86/0x230 [ 13.760012] kunit_try_run_case+0x1a5/0x480 [ 13.760038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.760074] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.760100] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.760125] ? __kthread_parkme+0x82/0x180 [ 13.760156] ? preempt_count_sub+0x50/0x80 [ 13.760181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.760206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.760232] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.760266] kthread+0x337/0x6f0 [ 13.760288] ? trace_preempt_on+0x20/0xc0 [ 13.760310] ? __pfx_kthread+0x10/0x10 [ 13.760342] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.760364] ? calculate_sigpending+0x7b/0xa0 [ 13.760390] ? __pfx_kthread+0x10/0x10 [ 13.760412] ret_from_fork+0x116/0x1d0 [ 13.760432] ? __pfx_kthread+0x10/0x10 [ 13.760453] ret_from_fork_asm+0x1a/0x30 [ 13.760485] </TASK> [ 13.760496] [ 13.768317] Allocated by task 278: [ 13.768474] kasan_save_stack+0x45/0x70 [ 13.768702] kasan_save_track+0x18/0x40 [ 13.768907] kasan_save_alloc_info+0x3b/0x50 [ 13.769188] __kasan_kmalloc+0xb7/0xc0 [ 13.769382] __kmalloc_cache_noprof+0x189/0x420 [ 13.769623] kasan_bitops_generic+0x92/0x1c0 [ 13.769778] kunit_try_run_case+0x1a5/0x480 [ 13.769931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.770306] kthread+0x337/0x6f0 [ 13.770453] ret_from_fork+0x116/0x1d0 [ 13.770649] ret_from_fork_asm+0x1a/0x30 [ 13.770841] [ 13.770946] The buggy address belongs to the object at ffff888100fbfb00 [ 13.770946] which belongs to the cache kmalloc-16 of size 16 [ 13.771492] The buggy address is located 8 bytes inside of [ 13.771492] allocated 9-byte region [ffff888100fbfb00, ffff888100fbfb09) [ 13.772001] [ 13.772096] The buggy address belongs to the physical page: [ 13.772346] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fbf [ 13.772681] flags: 0x200000000000000(node=0|zone=2) [ 13.772917] page_type: f5(slab) [ 13.773081] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.773333] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.773722] page dumped because: kasan: bad access detected [ 13.773963] [ 13.774055] Memory state around the buggy address: [ 13.774240] ffff888100fbfa00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 13.774455] ffff888100fbfa80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.774671] >ffff888100fbfb00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.774881] ^ [ 13.775015] ffff888100fbfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.775617] ffff888100fbfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.775933] ==================================================================