Date
July 6, 2025, 11:09 a.m.
Environment | |
---|---|
qemu-x86_64 |
[ 13.816265] ================================================================== [ 13.816774] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.817112] Write of size 8 at addr ffff888100fbfb08 by task kunit_try_catch/278 [ 13.817471] [ 13.817584] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.817627] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.817640] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.817661] Call Trace: [ 13.817677] <TASK> [ 13.817692] dump_stack_lvl+0x73/0xb0 [ 13.817719] print_report+0xd1/0x650 [ 13.817742] ? __virt_addr_valid+0x1db/0x2d0 [ 13.817778] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.817808] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.817844] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.817874] kasan_report+0x141/0x180 [ 13.817897] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.817950] kasan_check_range+0x10c/0x1c0 [ 13.817975] __kasan_check_write+0x18/0x20 [ 13.817996] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.818037] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.818077] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.818103] ? trace_hardirqs_on+0x37/0xe0 [ 13.818126] ? kasan_bitops_generic+0x92/0x1c0 [ 13.818165] kasan_bitops_generic+0x121/0x1c0 [ 13.818189] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.818226] ? __pfx_read_tsc+0x10/0x10 [ 13.818249] ? ktime_get_ts64+0x86/0x230 [ 13.818273] kunit_try_run_case+0x1a5/0x480 [ 13.818299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.818332] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.818356] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.818392] ? __kthread_parkme+0x82/0x180 [ 13.818413] ? preempt_count_sub+0x50/0x80 [ 13.818438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.818464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.818500] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.818525] kthread+0x337/0x6f0 [ 13.818546] ? trace_preempt_on+0x20/0xc0 [ 13.818579] ? __pfx_kthread+0x10/0x10 [ 13.818601] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.818623] ? calculate_sigpending+0x7b/0xa0 [ 13.818647] ? __pfx_kthread+0x10/0x10 [ 13.818670] ret_from_fork+0x116/0x1d0 [ 13.818690] ? __pfx_kthread+0x10/0x10 [ 13.818720] ret_from_fork_asm+0x1a/0x30 [ 13.818751] </TASK> [ 13.818764] [ 13.831992] Allocated by task 278: [ 13.832345] kasan_save_stack+0x45/0x70 [ 13.832535] kasan_save_track+0x18/0x40 [ 13.832678] kasan_save_alloc_info+0x3b/0x50 [ 13.832830] __kasan_kmalloc+0xb7/0xc0 [ 13.833017] __kmalloc_cache_noprof+0x189/0x420 [ 13.833476] kasan_bitops_generic+0x92/0x1c0 [ 13.833875] kunit_try_run_case+0x1a5/0x480 [ 13.834306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.834795] kthread+0x337/0x6f0 [ 13.835157] ret_from_fork+0x116/0x1d0 [ 13.835512] ret_from_fork_asm+0x1a/0x30 [ 13.835890] [ 13.836146] The buggy address belongs to the object at ffff888100fbfb00 [ 13.836146] which belongs to the cache kmalloc-16 of size 16 [ 13.836800] The buggy address is located 8 bytes inside of [ 13.836800] allocated 9-byte region [ffff888100fbfb00, ffff888100fbfb09) [ 13.837449] [ 13.837634] The buggy address belongs to the physical page: [ 13.838170] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fbf [ 13.838856] flags: 0x200000000000000(node=0|zone=2) [ 13.839345] page_type: f5(slab) [ 13.839658] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.840211] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.840434] page dumped because: kasan: bad access detected [ 13.840603] [ 13.840674] Memory state around the buggy address: [ 13.840829] ffff888100fbfa00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 13.841560] ffff888100fbfa80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.842033] >ffff888100fbfb00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.842761] ^ [ 13.843147] ffff888100fbfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.843375] ffff888100fbfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.843593] ================================================================== [ 13.844176] ================================================================== [ 13.845099] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.846225] Write of size 8 at addr ffff888100fbfb08 by task kunit_try_catch/278 [ 13.846909] [ 13.847209] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.847260] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.847272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.847294] Call Trace: [ 13.847383] <TASK> [ 13.847402] dump_stack_lvl+0x73/0xb0 [ 13.847434] print_report+0xd1/0x650 [ 13.847457] ? __virt_addr_valid+0x1db/0x2d0 [ 13.847481] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.847512] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.847536] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.847566] kasan_report+0x141/0x180 [ 13.847588] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.847622] kasan_check_range+0x10c/0x1c0 [ 13.847647] __kasan_check_write+0x18/0x20 [ 13.847669] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.847697] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.847728] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.847754] ? trace_hardirqs_on+0x37/0xe0 [ 13.847778] ? kasan_bitops_generic+0x92/0x1c0 [ 13.847807] kasan_bitops_generic+0x121/0x1c0 [ 13.847832] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.847858] ? __pfx_read_tsc+0x10/0x10 [ 13.847880] ? ktime_get_ts64+0x86/0x230 [ 13.847906] kunit_try_run_case+0x1a5/0x480 [ 13.847931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.847972] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.847997] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.848022] ? __kthread_parkme+0x82/0x180 [ 13.848044] ? preempt_count_sub+0x50/0x80 [ 13.848080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.848107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.848133] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.848159] kthread+0x337/0x6f0 [ 13.848179] ? trace_preempt_on+0x20/0xc0 [ 13.848203] ? __pfx_kthread+0x10/0x10 [ 13.848225] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.848247] ? calculate_sigpending+0x7b/0xa0 [ 13.848272] ? __pfx_kthread+0x10/0x10 [ 13.848295] ret_from_fork+0x116/0x1d0 [ 13.848315] ? __pfx_kthread+0x10/0x10 [ 13.848336] ret_from_fork_asm+0x1a/0x30 [ 13.848370] </TASK> [ 13.848383] [ 13.858810] Allocated by task 278: [ 13.859007] kasan_save_stack+0x45/0x70 [ 13.859600] kasan_save_track+0x18/0x40 [ 13.859761] kasan_save_alloc_info+0x3b/0x50 [ 13.860123] __kasan_kmalloc+0xb7/0xc0 [ 13.860293] __kmalloc_cache_noprof+0x189/0x420 [ 13.860598] kasan_bitops_generic+0x92/0x1c0 [ 13.860883] kunit_try_run_case+0x1a5/0x480 [ 13.861109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.861483] kthread+0x337/0x6f0 [ 13.861631] ret_from_fork+0x116/0x1d0 [ 13.861918] ret_from_fork_asm+0x1a/0x30 [ 13.862106] [ 13.862419] The buggy address belongs to the object at ffff888100fbfb00 [ 13.862419] which belongs to the cache kmalloc-16 of size 16 [ 13.862900] The buggy address is located 8 bytes inside of [ 13.862900] allocated 9-byte region [ffff888100fbfb00, ffff888100fbfb09) [ 13.863654] [ 13.863759] The buggy address belongs to the physical page: [ 13.864164] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fbf [ 13.864550] flags: 0x200000000000000(node=0|zone=2) [ 13.864855] page_type: f5(slab) [ 13.865012] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.865522] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.865841] page dumped because: kasan: bad access detected [ 13.866093] [ 13.866311] Memory state around the buggy address: [ 13.866486] ffff888100fbfa00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 13.866846] ffff888100fbfa80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.867297] >ffff888100fbfb00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.867598] ^ [ 13.867744] ffff888100fbfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.868060] ffff888100fbfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.868484] ================================================================== [ 13.869116] ================================================================== [ 13.869834] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.870289] Write of size 8 at addr ffff888100fbfb08 by task kunit_try_catch/278 [ 13.870578] [ 13.870685] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.870727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.870739] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.870761] Call Trace: [ 13.870778] <TASK> [ 13.870794] dump_stack_lvl+0x73/0xb0 [ 13.870823] print_report+0xd1/0x650 [ 13.870848] ? __virt_addr_valid+0x1db/0x2d0 [ 13.870871] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.870901] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.870926] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.870968] kasan_report+0x141/0x180 [ 13.870991] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.871026] kasan_check_range+0x10c/0x1c0 [ 13.871051] __kasan_check_write+0x18/0x20 [ 13.871081] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.871117] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.871149] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.871174] ? trace_hardirqs_on+0x37/0xe0 [ 13.871196] ? kasan_bitops_generic+0x92/0x1c0 [ 13.871237] kasan_bitops_generic+0x121/0x1c0 [ 13.871262] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.871289] ? __pfx_read_tsc+0x10/0x10 [ 13.871311] ? ktime_get_ts64+0x86/0x230 [ 13.871335] kunit_try_run_case+0x1a5/0x480 [ 13.871361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.871384] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.871410] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.871435] ? __kthread_parkme+0x82/0x180 [ 13.871456] ? preempt_count_sub+0x50/0x80 [ 13.871481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.871505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.871530] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.871556] kthread+0x337/0x6f0 [ 13.871576] ? trace_preempt_on+0x20/0xc0 [ 13.871599] ? __pfx_kthread+0x10/0x10 [ 13.871620] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.871643] ? calculate_sigpending+0x7b/0xa0 [ 13.871667] ? __pfx_kthread+0x10/0x10 [ 13.871690] ret_from_fork+0x116/0x1d0 [ 13.871709] ? __pfx_kthread+0x10/0x10 [ 13.871730] ret_from_fork_asm+0x1a/0x30 [ 13.871762] </TASK> [ 13.871773] [ 13.879719] Allocated by task 278: [ 13.879865] kasan_save_stack+0x45/0x70 [ 13.880094] kasan_save_track+0x18/0x40 [ 13.880296] kasan_save_alloc_info+0x3b/0x50 [ 13.880517] __kasan_kmalloc+0xb7/0xc0 [ 13.880707] __kmalloc_cache_noprof+0x189/0x420 [ 13.880950] kasan_bitops_generic+0x92/0x1c0 [ 13.881191] kunit_try_run_case+0x1a5/0x480 [ 13.881377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.881615] kthread+0x337/0x6f0 [ 13.881774] ret_from_fork+0x116/0x1d0 [ 13.881974] ret_from_fork_asm+0x1a/0x30 [ 13.882196] [ 13.882270] The buggy address belongs to the object at ffff888100fbfb00 [ 13.882270] which belongs to the cache kmalloc-16 of size 16 [ 13.882620] The buggy address is located 8 bytes inside of [ 13.882620] allocated 9-byte region [ffff888100fbfb00, ffff888100fbfb09) [ 13.883066] [ 13.883228] The buggy address belongs to the physical page: [ 13.883479] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fbf [ 13.883831] flags: 0x200000000000000(node=0|zone=2) [ 13.884091] page_type: f5(slab) [ 13.884260] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.884491] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.884720] page dumped because: kasan: bad access detected [ 13.884968] [ 13.885059] Memory state around the buggy address: [ 13.885271] ffff888100fbfa00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 13.885568] ffff888100fbfa80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.885862] >ffff888100fbfb00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.887002] ^ [ 13.887363] ffff888100fbfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.887636] ffff888100fbfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.887931] ================================================================== [ 13.888686] ================================================================== [ 13.889008] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.889415] Write of size 8 at addr ffff888100fbfb08 by task kunit_try_catch/278 [ 13.890243] [ 13.890348] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.890393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.890406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.890427] Call Trace: [ 13.890444] <TASK> [ 13.890459] dump_stack_lvl+0x73/0xb0 [ 13.890488] print_report+0xd1/0x650 [ 13.890512] ? __virt_addr_valid+0x1db/0x2d0 [ 13.890537] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.890567] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.890590] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.890621] kasan_report+0x141/0x180 [ 13.890643] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.890679] kasan_check_range+0x10c/0x1c0 [ 13.890704] __kasan_check_write+0x18/0x20 [ 13.890725] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.890756] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.890788] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.890815] ? trace_hardirqs_on+0x37/0xe0 [ 13.890838] ? kasan_bitops_generic+0x92/0x1c0 [ 13.890867] kasan_bitops_generic+0x121/0x1c0 [ 13.890893] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.890920] ? __pfx_read_tsc+0x10/0x10 [ 13.890953] ? ktime_get_ts64+0x86/0x230 [ 13.890978] kunit_try_run_case+0x1a5/0x480 [ 13.891002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.891026] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.891071] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.891095] ? __kthread_parkme+0x82/0x180 [ 13.891123] ? preempt_count_sub+0x50/0x80 [ 13.891149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.891174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.891199] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.891225] kthread+0x337/0x6f0 [ 13.891245] ? trace_preempt_on+0x20/0xc0 [ 13.891269] ? __pfx_kthread+0x10/0x10 [ 13.891291] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.891313] ? calculate_sigpending+0x7b/0xa0 [ 13.891337] ? __pfx_kthread+0x10/0x10 [ 13.891360] ret_from_fork+0x116/0x1d0 [ 13.891379] ? __pfx_kthread+0x10/0x10 [ 13.891400] ret_from_fork_asm+0x1a/0x30 [ 13.891432] </TASK> [ 13.891444] [ 13.899335] Allocated by task 278: [ 13.899506] kasan_save_stack+0x45/0x70 [ 13.899692] kasan_save_track+0x18/0x40 [ 13.899885] kasan_save_alloc_info+0x3b/0x50 [ 13.900127] __kasan_kmalloc+0xb7/0xc0 [ 13.900315] __kmalloc_cache_noprof+0x189/0x420 [ 13.900520] kasan_bitops_generic+0x92/0x1c0 [ 13.900732] kunit_try_run_case+0x1a5/0x480 [ 13.900892] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.901177] kthread+0x337/0x6f0 [ 13.901331] ret_from_fork+0x116/0x1d0 [ 13.901486] ret_from_fork_asm+0x1a/0x30 [ 13.901657] [ 13.901729] The buggy address belongs to the object at ffff888100fbfb00 [ 13.901729] which belongs to the cache kmalloc-16 of size 16 [ 13.902118] The buggy address is located 8 bytes inside of [ 13.902118] allocated 9-byte region [ffff888100fbfb00, ffff888100fbfb09) [ 13.902610] [ 13.902706] The buggy address belongs to the physical page: [ 13.902969] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fbf [ 13.903357] flags: 0x200000000000000(node=0|zone=2) [ 13.903546] page_type: f5(slab) [ 13.903710] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.903949] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.904199] page dumped because: kasan: bad access detected [ 13.904382] [ 13.904481] Memory state around the buggy address: [ 13.904706] ffff888100fbfa00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 13.905066] ffff888100fbfa80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.905395] >ffff888100fbfb00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.905717] ^ [ 13.905891] ffff888100fbfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.906239] ffff888100fbfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.906557] ================================================================== [ 13.928148] ================================================================== [ 13.928556] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.928989] Write of size 8 at addr ffff888100fbfb08 by task kunit_try_catch/278 [ 13.929524] [ 13.929640] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.929685] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.929698] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.929719] Call Trace: [ 13.929735] <TASK> [ 13.929748] dump_stack_lvl+0x73/0xb0 [ 13.929779] print_report+0xd1/0x650 [ 13.929803] ? __virt_addr_valid+0x1db/0x2d0 [ 13.929827] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.929857] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.929882] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.929912] kasan_report+0x141/0x180 [ 13.929948] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.929982] kasan_check_range+0x10c/0x1c0 [ 13.930007] __kasan_check_write+0x18/0x20 [ 13.930027] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.930077] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.930109] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.930134] ? trace_hardirqs_on+0x37/0xe0 [ 13.930158] ? kasan_bitops_generic+0x92/0x1c0 [ 13.930187] kasan_bitops_generic+0x121/0x1c0 [ 13.930212] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.930238] ? __pfx_read_tsc+0x10/0x10 [ 13.930260] ? ktime_get_ts64+0x86/0x230 [ 13.930285] kunit_try_run_case+0x1a5/0x480 [ 13.930311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.930335] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.930360] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.930384] ? __kthread_parkme+0x82/0x180 [ 13.930406] ? preempt_count_sub+0x50/0x80 [ 13.930430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.930455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.930480] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.930506] kthread+0x337/0x6f0 [ 13.930527] ? trace_preempt_on+0x20/0xc0 [ 13.930549] ? __pfx_kthread+0x10/0x10 [ 13.930571] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.930593] ? calculate_sigpending+0x7b/0xa0 [ 13.930618] ? __pfx_kthread+0x10/0x10 [ 13.930641] ret_from_fork+0x116/0x1d0 [ 13.930661] ? __pfx_kthread+0x10/0x10 [ 13.930682] ret_from_fork_asm+0x1a/0x30 [ 13.930714] </TASK> [ 13.930727] [ 13.938420] Allocated by task 278: [ 13.938601] kasan_save_stack+0x45/0x70 [ 13.938775] kasan_save_track+0x18/0x40 [ 13.938911] kasan_save_alloc_info+0x3b/0x50 [ 13.939137] __kasan_kmalloc+0xb7/0xc0 [ 13.939330] __kmalloc_cache_noprof+0x189/0x420 [ 13.939550] kasan_bitops_generic+0x92/0x1c0 [ 13.939763] kunit_try_run_case+0x1a5/0x480 [ 13.939949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.940218] kthread+0x337/0x6f0 [ 13.940367] ret_from_fork+0x116/0x1d0 [ 13.940538] ret_from_fork_asm+0x1a/0x30 [ 13.940706] [ 13.940803] The buggy address belongs to the object at ffff888100fbfb00 [ 13.940803] which belongs to the cache kmalloc-16 of size 16 [ 13.941306] The buggy address is located 8 bytes inside of [ 13.941306] allocated 9-byte region [ffff888100fbfb00, ffff888100fbfb09) [ 13.941766] [ 13.941865] The buggy address belongs to the physical page: [ 13.942117] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fbf [ 13.942434] flags: 0x200000000000000(node=0|zone=2) [ 13.942597] page_type: f5(slab) [ 13.942717] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.942958] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.943326] page dumped because: kasan: bad access detected [ 13.943581] [ 13.943676] Memory state around the buggy address: [ 13.943884] ffff888100fbfa00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 13.944135] ffff888100fbfa80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.944352] >ffff888100fbfb00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.944665] ^ [ 13.944844] ffff888100fbfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.945211] ffff888100fbfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.945539] ================================================================== [ 13.907363] ================================================================== [ 13.907750] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.908121] Write of size 8 at addr ffff888100fbfb08 by task kunit_try_catch/278 [ 13.908409] [ 13.908519] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.908561] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.908574] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.908595] Call Trace: [ 13.908610] <TASK> [ 13.908625] dump_stack_lvl+0x73/0xb0 [ 13.908653] print_report+0xd1/0x650 [ 13.908676] ? __virt_addr_valid+0x1db/0x2d0 [ 13.908699] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.908730] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.908754] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.908784] kasan_report+0x141/0x180 [ 13.908807] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.908841] kasan_check_range+0x10c/0x1c0 [ 13.908867] __kasan_check_write+0x18/0x20 [ 13.908889] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.908918] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.908961] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.908986] ? trace_hardirqs_on+0x37/0xe0 [ 13.909009] ? kasan_bitops_generic+0x92/0x1c0 [ 13.909039] kasan_bitops_generic+0x121/0x1c0 [ 13.909084] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.909110] ? __pfx_read_tsc+0x10/0x10 [ 13.909133] ? ktime_get_ts64+0x86/0x230 [ 13.909158] kunit_try_run_case+0x1a5/0x480 [ 13.909183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.909207] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.909231] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.909256] ? __kthread_parkme+0x82/0x180 [ 13.909277] ? preempt_count_sub+0x50/0x80 [ 13.909302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.909326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.909351] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.909377] kthread+0x337/0x6f0 [ 13.909397] ? trace_preempt_on+0x20/0xc0 [ 13.909420] ? __pfx_kthread+0x10/0x10 [ 13.909442] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.909465] ? calculate_sigpending+0x7b/0xa0 [ 13.909488] ? __pfx_kthread+0x10/0x10 [ 13.909511] ret_from_fork+0x116/0x1d0 [ 13.909530] ? __pfx_kthread+0x10/0x10 [ 13.909552] ret_from_fork_asm+0x1a/0x30 [ 13.909584] </TASK> [ 13.909595] [ 13.918766] Allocated by task 278: [ 13.918966] kasan_save_stack+0x45/0x70 [ 13.919459] kasan_save_track+0x18/0x40 [ 13.919746] kasan_save_alloc_info+0x3b/0x50 [ 13.919908] __kasan_kmalloc+0xb7/0xc0 [ 13.920227] __kmalloc_cache_noprof+0x189/0x420 [ 13.920430] kasan_bitops_generic+0x92/0x1c0 [ 13.920641] kunit_try_run_case+0x1a5/0x480 [ 13.920834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.921115] kthread+0x337/0x6f0 [ 13.921277] ret_from_fork+0x116/0x1d0 [ 13.921446] ret_from_fork_asm+0x1a/0x30 [ 13.921650] [ 13.921726] The buggy address belongs to the object at ffff888100fbfb00 [ 13.921726] which belongs to the cache kmalloc-16 of size 16 [ 13.922245] The buggy address is located 8 bytes inside of [ 13.922245] allocated 9-byte region [ffff888100fbfb00, ffff888100fbfb09) [ 13.922713] [ 13.922800] The buggy address belongs to the physical page: [ 13.922983] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fbf [ 13.923365] flags: 0x200000000000000(node=0|zone=2) [ 13.923594] page_type: f5(slab) [ 13.923718] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.924033] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.924396] page dumped because: kasan: bad access detected [ 13.924631] [ 13.924727] Memory state around the buggy address: [ 13.924896] ffff888100fbfa00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 13.925208] ffff888100fbfa80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.925534] >ffff888100fbfb00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.925805] ^ [ 13.925928] ffff888100fbfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.926288] ffff888100fbfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.926583] ================================================================== [ 13.987557] ================================================================== [ 13.988573] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.989175] Read of size 8 at addr ffff888100fbfb08 by task kunit_try_catch/278 [ 13.989728] [ 13.989852] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.989898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.989910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.989932] Call Trace: [ 13.989960] <TASK> [ 13.989977] dump_stack_lvl+0x73/0xb0 [ 13.990009] print_report+0xd1/0x650 [ 13.990033] ? __virt_addr_valid+0x1db/0x2d0 [ 13.990058] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.990113] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.990138] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.990182] kasan_report+0x141/0x180 [ 13.990206] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.990251] __asan_report_load8_noabort+0x18/0x20 [ 13.990276] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.990306] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.990337] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.990362] ? trace_hardirqs_on+0x37/0xe0 [ 13.990386] ? kasan_bitops_generic+0x92/0x1c0 [ 13.990415] kasan_bitops_generic+0x121/0x1c0 [ 13.990440] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.990466] ? __pfx_read_tsc+0x10/0x10 [ 13.990488] ? ktime_get_ts64+0x86/0x230 [ 13.990513] kunit_try_run_case+0x1a5/0x480 [ 13.990538] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.990562] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.990587] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.990611] ? __kthread_parkme+0x82/0x180 [ 13.990635] ? preempt_count_sub+0x50/0x80 [ 13.990660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.990687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.990712] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.990737] kthread+0x337/0x6f0 [ 13.990758] ? trace_preempt_on+0x20/0xc0 [ 13.990782] ? __pfx_kthread+0x10/0x10 [ 13.990804] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.990826] ? calculate_sigpending+0x7b/0xa0 [ 13.990851] ? __pfx_kthread+0x10/0x10 [ 13.990874] ret_from_fork+0x116/0x1d0 [ 13.990894] ? __pfx_kthread+0x10/0x10 [ 13.990915] ret_from_fork_asm+0x1a/0x30 [ 13.990957] </TASK> [ 13.990970] [ 13.999847] Allocated by task 278: [ 13.999992] kasan_save_stack+0x45/0x70 [ 14.000135] kasan_save_track+0x18/0x40 [ 14.000302] kasan_save_alloc_info+0x3b/0x50 [ 14.000515] __kasan_kmalloc+0xb7/0xc0 [ 14.000731] __kmalloc_cache_noprof+0x189/0x420 [ 14.000966] kasan_bitops_generic+0x92/0x1c0 [ 14.001119] kunit_try_run_case+0x1a5/0x480 [ 14.001264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.001726] kthread+0x337/0x6f0 [ 14.001896] ret_from_fork+0x116/0x1d0 [ 14.002110] ret_from_fork_asm+0x1a/0x30 [ 14.002304] [ 14.002404] The buggy address belongs to the object at ffff888100fbfb00 [ 14.002404] which belongs to the cache kmalloc-16 of size 16 [ 14.002786] The buggy address is located 8 bytes inside of [ 14.002786] allocated 9-byte region [ffff888100fbfb00, ffff888100fbfb09) [ 14.003472] [ 14.003572] The buggy address belongs to the physical page: [ 14.003827] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fbf [ 14.004155] flags: 0x200000000000000(node=0|zone=2) [ 14.004388] page_type: f5(slab) [ 14.004546] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.004871] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.005261] page dumped because: kasan: bad access detected [ 14.005464] [ 14.005577] Memory state around the buggy address: [ 14.005754] ffff888100fbfa00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.005975] ffff888100fbfa80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.006347] >ffff888100fbfb00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.006625] ^ [ 14.006743] ffff888100fbfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.006989] ffff888100fbfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.007636] ================================================================== [ 13.946773] ================================================================== [ 13.947125] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.947444] Write of size 8 at addr ffff888100fbfb08 by task kunit_try_catch/278 [ 13.947800] [ 13.947913] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.947966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.947978] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.947999] Call Trace: [ 13.948014] <TASK> [ 13.948030] dump_stack_lvl+0x73/0xb0 [ 13.948079] print_report+0xd1/0x650 [ 13.948103] ? __virt_addr_valid+0x1db/0x2d0 [ 13.948126] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.948156] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.948180] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.948211] kasan_report+0x141/0x180 [ 13.948234] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.948269] kasan_check_range+0x10c/0x1c0 [ 13.948294] __kasan_check_write+0x18/0x20 [ 13.948316] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.948348] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.948380] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.948406] ? trace_hardirqs_on+0x37/0xe0 [ 13.948429] ? kasan_bitops_generic+0x92/0x1c0 [ 13.948459] kasan_bitops_generic+0x121/0x1c0 [ 13.948484] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.948511] ? __pfx_read_tsc+0x10/0x10 [ 13.948533] ? ktime_get_ts64+0x86/0x230 [ 13.948558] kunit_try_run_case+0x1a5/0x480 [ 13.948583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.948607] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.948631] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.948656] ? __kthread_parkme+0x82/0x180 [ 13.948678] ? preempt_count_sub+0x50/0x80 [ 13.948702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.948728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.948753] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.948779] kthread+0x337/0x6f0 [ 13.948799] ? trace_preempt_on+0x20/0xc0 [ 13.948823] ? __pfx_kthread+0x10/0x10 [ 13.948844] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.948867] ? calculate_sigpending+0x7b/0xa0 [ 13.948892] ? __pfx_kthread+0x10/0x10 [ 13.948915] ret_from_fork+0x116/0x1d0 [ 13.948934] ? __pfx_kthread+0x10/0x10 [ 13.948964] ret_from_fork_asm+0x1a/0x30 [ 13.948996] </TASK> [ 13.949008] [ 13.956680] Allocated by task 278: [ 13.956814] kasan_save_stack+0x45/0x70 [ 13.957029] kasan_save_track+0x18/0x40 [ 13.957251] kasan_save_alloc_info+0x3b/0x50 [ 13.957464] __kasan_kmalloc+0xb7/0xc0 [ 13.957655] __kmalloc_cache_noprof+0x189/0x420 [ 13.957879] kasan_bitops_generic+0x92/0x1c0 [ 13.958130] kunit_try_run_case+0x1a5/0x480 [ 13.958343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.958599] kthread+0x337/0x6f0 [ 13.958753] ret_from_fork+0x116/0x1d0 [ 13.958924] ret_from_fork_asm+0x1a/0x30 [ 13.959151] [ 13.959252] The buggy address belongs to the object at ffff888100fbfb00 [ 13.959252] which belongs to the cache kmalloc-16 of size 16 [ 13.959617] The buggy address is located 8 bytes inside of [ 13.959617] allocated 9-byte region [ffff888100fbfb00, ffff888100fbfb09) [ 13.959977] [ 13.960082] The buggy address belongs to the physical page: [ 13.960333] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fbf [ 13.960686] flags: 0x200000000000000(node=0|zone=2) [ 13.960921] page_type: f5(slab) [ 13.961123] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.961467] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.961794] page dumped because: kasan: bad access detected [ 13.962032] [ 13.962126] Memory state around the buggy address: [ 13.962283] ffff888100fbfa00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 13.962500] ffff888100fbfa80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.962813] >ffff888100fbfb00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.963178] ^ [ 13.963357] ffff888100fbfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.963684] ffff888100fbfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.963976] ================================================================== [ 13.964881] ================================================================== [ 13.965244] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.965565] Read of size 8 at addr ffff888100fbfb08 by task kunit_try_catch/278 [ 13.965895] [ 13.966041] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.966103] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.966116] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.966137] Call Trace: [ 13.966154] <TASK> [ 13.966169] dump_stack_lvl+0x73/0xb0 [ 13.966197] print_report+0xd1/0x650 [ 13.966222] ? __virt_addr_valid+0x1db/0x2d0 [ 13.966245] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.966274] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.966299] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.966329] kasan_report+0x141/0x180 [ 13.966352] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.966386] kasan_check_range+0x10c/0x1c0 [ 13.966411] __kasan_check_read+0x15/0x20 [ 13.966432] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.966463] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.966493] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.966518] ? trace_hardirqs_on+0x37/0xe0 [ 13.966541] ? kasan_bitops_generic+0x92/0x1c0 [ 13.966570] kasan_bitops_generic+0x121/0x1c0 [ 13.966595] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.966622] ? __pfx_read_tsc+0x10/0x10 [ 13.966644] ? ktime_get_ts64+0x86/0x230 [ 13.966669] kunit_try_run_case+0x1a5/0x480 [ 13.966694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.966718] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.966743] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.966768] ? __kthread_parkme+0x82/0x180 [ 13.966788] ? preempt_count_sub+0x50/0x80 [ 13.966813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.966838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.966862] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.966889] kthread+0x337/0x6f0 [ 13.966909] ? trace_preempt_on+0x20/0xc0 [ 13.966932] ? __pfx_kthread+0x10/0x10 [ 13.966963] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.966986] ? calculate_sigpending+0x7b/0xa0 [ 13.967010] ? __pfx_kthread+0x10/0x10 [ 13.967034] ret_from_fork+0x116/0x1d0 [ 13.967071] ? __pfx_kthread+0x10/0x10 [ 13.967093] ret_from_fork_asm+0x1a/0x30 [ 13.967131] </TASK> [ 13.967142] [ 13.974789] Allocated by task 278: [ 13.974951] kasan_save_stack+0x45/0x70 [ 13.975180] kasan_save_track+0x18/0x40 [ 13.975377] kasan_save_alloc_info+0x3b/0x50 [ 13.975591] __kasan_kmalloc+0xb7/0xc0 [ 13.975761] __kmalloc_cache_noprof+0x189/0x420 [ 13.975996] kasan_bitops_generic+0x92/0x1c0 [ 13.976202] kunit_try_run_case+0x1a5/0x480 [ 13.976408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.976645] kthread+0x337/0x6f0 [ 13.976799] ret_from_fork+0x116/0x1d0 [ 13.977002] ret_from_fork_asm+0x1a/0x30 [ 13.977211] [ 13.977284] The buggy address belongs to the object at ffff888100fbfb00 [ 13.977284] which belongs to the cache kmalloc-16 of size 16 [ 13.977715] The buggy address is located 8 bytes inside of [ 13.977715] allocated 9-byte region [ffff888100fbfb00, ffff888100fbfb09) [ 13.979323] [ 13.979573] The buggy address belongs to the physical page: [ 13.980462] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fbf [ 13.981226] flags: 0x200000000000000(node=0|zone=2) [ 13.981837] page_type: f5(slab) [ 13.982004] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.982831] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.983898] page dumped because: kasan: bad access detected [ 13.984601] [ 13.984680] Memory state around the buggy address: [ 13.984837] ffff888100fbfa00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 13.985062] ffff888100fbfa80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.985415] >ffff888100fbfb00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.985701] ^ [ 13.985877] ffff888100fbfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.986384] ffff888100fbfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.986611] ==================================================================