Date
July 11, 2025, 11:09 p.m.
| Environment | |
|---|---|
| qemu-x86_64 |
[ 14.579127] ================================================================== [ 14.579569] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.579903] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.580348] [ 14.580482] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.580522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.580534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.580553] Call Trace: [ 14.580567] <TASK> [ 14.580582] dump_stack_lvl+0x73/0xb0 [ 14.580610] print_report+0xd1/0x650 [ 14.580632] ? __virt_addr_valid+0x1db/0x2d0 [ 14.580656] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.580681] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.580705] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.580756] kasan_report+0x141/0x180 [ 14.580779] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.580813] kasan_check_range+0x10c/0x1c0 [ 14.580838] __kasan_check_write+0x18/0x20 [ 14.580859] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.580888] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.580917] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.580974] ? trace_hardirqs_on+0x37/0xe0 [ 14.580997] ? kasan_bitops_generic+0x92/0x1c0 [ 14.581026] kasan_bitops_generic+0x116/0x1c0 [ 14.581050] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.581076] ? __pfx_read_tsc+0x10/0x10 [ 14.581114] ? ktime_get_ts64+0x86/0x230 [ 14.581139] kunit_try_run_case+0x1a5/0x480 [ 14.581164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.581187] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.581211] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.581235] ? __kthread_parkme+0x82/0x180 [ 14.581255] ? preempt_count_sub+0x50/0x80 [ 14.581280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.581304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.581330] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.581357] kthread+0x337/0x6f0 [ 14.581377] ? trace_preempt_on+0x20/0xc0 [ 14.581399] ? __pfx_kthread+0x10/0x10 [ 14.581419] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.581440] ? calculate_sigpending+0x7b/0xa0 [ 14.581465] ? __pfx_kthread+0x10/0x10 [ 14.581487] ret_from_fork+0x116/0x1d0 [ 14.581505] ? __pfx_kthread+0x10/0x10 [ 14.581526] ret_from_fork_asm+0x1a/0x30 [ 14.581557] </TASK> [ 14.581567] [ 14.589210] Allocated by task 278: [ 14.589391] kasan_save_stack+0x45/0x70 [ 14.589593] kasan_save_track+0x18/0x40 [ 14.589812] kasan_save_alloc_info+0x3b/0x50 [ 14.590035] __kasan_kmalloc+0xb7/0xc0 [ 14.590213] __kmalloc_cache_noprof+0x189/0x420 [ 14.590370] kasan_bitops_generic+0x92/0x1c0 [ 14.590587] kunit_try_run_case+0x1a5/0x480 [ 14.590828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.591042] kthread+0x337/0x6f0 [ 14.591162] ret_from_fork+0x116/0x1d0 [ 14.591295] ret_from_fork_asm+0x1a/0x30 [ 14.591492] [ 14.591579] The buggy address belongs to the object at ffff888102321e80 [ 14.591579] which belongs to the cache kmalloc-16 of size 16 [ 14.594426] The buggy address is located 8 bytes inside of [ 14.594426] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.594829] [ 14.594957] The buggy address belongs to the physical page: [ 14.595190] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.595502] flags: 0x200000000000000(node=0|zone=2) [ 14.595721] page_type: f5(slab) [ 14.596339] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.596571] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.596831] page dumped because: kasan: bad access detected [ 14.598082] [ 14.598213] Memory state around the buggy address: [ 14.598375] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.599856] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.600266] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.600483] ^ [ 14.600607] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.600833] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.601057] ================================================================== [ 14.499501] ================================================================== [ 14.500252] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.500629] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.500962] [ 14.501109] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.501152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.501164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.501185] Call Trace: [ 14.501234] <TASK> [ 14.501249] dump_stack_lvl+0x73/0xb0 [ 14.501277] print_report+0xd1/0x650 [ 14.501298] ? __virt_addr_valid+0x1db/0x2d0 [ 14.501320] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.501346] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.501401] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.501428] kasan_report+0x141/0x180 [ 14.501450] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.501481] kasan_check_range+0x10c/0x1c0 [ 14.501533] __kasan_check_write+0x18/0x20 [ 14.501552] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.501580] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.501608] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.501633] ? trace_hardirqs_on+0x37/0xe0 [ 14.501656] ? kasan_bitops_generic+0x92/0x1c0 [ 14.501684] kasan_bitops_generic+0x116/0x1c0 [ 14.501709] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.501805] ? __pfx_read_tsc+0x10/0x10 [ 14.501828] ? ktime_get_ts64+0x86/0x230 [ 14.501852] kunit_try_run_case+0x1a5/0x480 [ 14.501877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.501899] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.501932] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.501957] ? __kthread_parkme+0x82/0x180 [ 14.501977] ? preempt_count_sub+0x50/0x80 [ 14.502001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.502026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.502050] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.502075] kthread+0x337/0x6f0 [ 14.502094] ? trace_preempt_on+0x20/0xc0 [ 14.502116] ? __pfx_kthread+0x10/0x10 [ 14.502136] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.502158] ? calculate_sigpending+0x7b/0xa0 [ 14.502182] ? __pfx_kthread+0x10/0x10 [ 14.502203] ret_from_fork+0x116/0x1d0 [ 14.502221] ? __pfx_kthread+0x10/0x10 [ 14.502241] ret_from_fork_asm+0x1a/0x30 [ 14.502274] </TASK> [ 14.502283] [ 14.510709] Allocated by task 278: [ 14.510945] kasan_save_stack+0x45/0x70 [ 14.511161] kasan_save_track+0x18/0x40 [ 14.511366] kasan_save_alloc_info+0x3b/0x50 [ 14.511517] __kasan_kmalloc+0xb7/0xc0 [ 14.511649] __kmalloc_cache_noprof+0x189/0x420 [ 14.511897] kasan_bitops_generic+0x92/0x1c0 [ 14.512119] kunit_try_run_case+0x1a5/0x480 [ 14.512327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.512613] kthread+0x337/0x6f0 [ 14.512834] ret_from_fork+0x116/0x1d0 [ 14.512991] ret_from_fork_asm+0x1a/0x30 [ 14.513134] [ 14.513204] The buggy address belongs to the object at ffff888102321e80 [ 14.513204] which belongs to the cache kmalloc-16 of size 16 [ 14.513800] The buggy address is located 8 bytes inside of [ 14.513800] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.514338] [ 14.514433] The buggy address belongs to the physical page: [ 14.514622] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.515000] flags: 0x200000000000000(node=0|zone=2) [ 14.515163] page_type: f5(slab) [ 14.515324] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.515699] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.516104] page dumped because: kasan: bad access detected [ 14.516349] [ 14.516467] Memory state around the buggy address: [ 14.516645] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.517032] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.517357] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.517677] ^ [ 14.517904] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.518243] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.518590] ================================================================== [ 14.479661] ================================================================== [ 14.480101] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.480480] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.480839] [ 14.480996] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.481082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.481093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.481112] Call Trace: [ 14.481124] <TASK> [ 14.481137] dump_stack_lvl+0x73/0xb0 [ 14.481165] print_report+0xd1/0x650 [ 14.481187] ? __virt_addr_valid+0x1db/0x2d0 [ 14.481210] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.481236] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.481260] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.481286] kasan_report+0x141/0x180 [ 14.481308] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.481340] kasan_check_range+0x10c/0x1c0 [ 14.481393] __kasan_check_write+0x18/0x20 [ 14.481413] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.481439] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.481467] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.481491] ? trace_hardirqs_on+0x37/0xe0 [ 14.481513] ? kasan_bitops_generic+0x92/0x1c0 [ 14.481542] kasan_bitops_generic+0x116/0x1c0 [ 14.481566] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.481591] ? __pfx_read_tsc+0x10/0x10 [ 14.481613] ? ktime_get_ts64+0x86/0x230 [ 14.481636] kunit_try_run_case+0x1a5/0x480 [ 14.481685] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.481709] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.481790] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.481816] ? __kthread_parkme+0x82/0x180 [ 14.481883] ? preempt_count_sub+0x50/0x80 [ 14.481907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.481941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.481966] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.481992] kthread+0x337/0x6f0 [ 14.482010] ? trace_preempt_on+0x20/0xc0 [ 14.482032] ? __pfx_kthread+0x10/0x10 [ 14.482052] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.482074] ? calculate_sigpending+0x7b/0xa0 [ 14.482097] ? __pfx_kthread+0x10/0x10 [ 14.482120] ret_from_fork+0x116/0x1d0 [ 14.482138] ? __pfx_kthread+0x10/0x10 [ 14.482157] ret_from_fork_asm+0x1a/0x30 [ 14.482190] </TASK> [ 14.482199] [ 14.490521] Allocated by task 278: [ 14.490724] kasan_save_stack+0x45/0x70 [ 14.490995] kasan_save_track+0x18/0x40 [ 14.491195] kasan_save_alloc_info+0x3b/0x50 [ 14.491384] __kasan_kmalloc+0xb7/0xc0 [ 14.491604] __kmalloc_cache_noprof+0x189/0x420 [ 14.491867] kasan_bitops_generic+0x92/0x1c0 [ 14.492097] kunit_try_run_case+0x1a5/0x480 [ 14.492322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.492578] kthread+0x337/0x6f0 [ 14.492859] ret_from_fork+0x116/0x1d0 [ 14.493070] ret_from_fork_asm+0x1a/0x30 [ 14.493264] [ 14.493334] The buggy address belongs to the object at ffff888102321e80 [ 14.493334] which belongs to the cache kmalloc-16 of size 16 [ 14.493714] The buggy address is located 8 bytes inside of [ 14.493714] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.494195] [ 14.494280] The buggy address belongs to the physical page: [ 14.494538] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.494934] flags: 0x200000000000000(node=0|zone=2) [ 14.495098] page_type: f5(slab) [ 14.495218] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.495496] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.495956] page dumped because: kasan: bad access detected [ 14.496260] [ 14.496352] Memory state around the buggy address: [ 14.496603] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.496999] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.497236] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.497558] ^ [ 14.497751] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.498114] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.498456] ================================================================== [ 14.439494] ================================================================== [ 14.440077] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.440473] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.440873] [ 14.441007] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.441083] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.441119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.441163] Call Trace: [ 14.441175] <TASK> [ 14.441191] dump_stack_lvl+0x73/0xb0 [ 14.441224] print_report+0xd1/0x650 [ 14.441246] ? __virt_addr_valid+0x1db/0x2d0 [ 14.441270] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.441297] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.441321] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.441347] kasan_report+0x141/0x180 [ 14.441369] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.441400] kasan_check_range+0x10c/0x1c0 [ 14.441424] __kasan_check_write+0x18/0x20 [ 14.441443] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.441470] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.441498] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.441522] ? trace_hardirqs_on+0x37/0xe0 [ 14.441544] ? kasan_bitops_generic+0x92/0x1c0 [ 14.441572] kasan_bitops_generic+0x116/0x1c0 [ 14.441596] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.441620] ? __pfx_read_tsc+0x10/0x10 [ 14.441642] ? ktime_get_ts64+0x86/0x230 [ 14.441666] kunit_try_run_case+0x1a5/0x480 [ 14.441691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.441714] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.441761] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.441785] ? __kthread_parkme+0x82/0x180 [ 14.441806] ? preempt_count_sub+0x50/0x80 [ 14.441831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.441855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.441880] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.441906] kthread+0x337/0x6f0 [ 14.441936] ? trace_preempt_on+0x20/0xc0 [ 14.441960] ? __pfx_kthread+0x10/0x10 [ 14.441982] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.442002] ? calculate_sigpending+0x7b/0xa0 [ 14.442026] ? __pfx_kthread+0x10/0x10 [ 14.442048] ret_from_fork+0x116/0x1d0 [ 14.442066] ? __pfx_kthread+0x10/0x10 [ 14.442086] ret_from_fork_asm+0x1a/0x30 [ 14.442118] </TASK> [ 14.442128] [ 14.450372] Allocated by task 278: [ 14.450543] kasan_save_stack+0x45/0x70 [ 14.450692] kasan_save_track+0x18/0x40 [ 14.450857] kasan_save_alloc_info+0x3b/0x50 [ 14.451148] __kasan_kmalloc+0xb7/0xc0 [ 14.451344] __kmalloc_cache_noprof+0x189/0x420 [ 14.451558] kasan_bitops_generic+0x92/0x1c0 [ 14.451818] kunit_try_run_case+0x1a5/0x480 [ 14.452041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.452299] kthread+0x337/0x6f0 [ 14.452453] ret_from_fork+0x116/0x1d0 [ 14.452687] ret_from_fork_asm+0x1a/0x30 [ 14.452886] [ 14.452965] The buggy address belongs to the object at ffff888102321e80 [ 14.452965] which belongs to the cache kmalloc-16 of size 16 [ 14.453304] The buggy address is located 8 bytes inside of [ 14.453304] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.453644] [ 14.453762] The buggy address belongs to the physical page: [ 14.454097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.454587] flags: 0x200000000000000(node=0|zone=2) [ 14.454964] page_type: f5(slab) [ 14.455161] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.455493] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.455845] page dumped because: kasan: bad access detected [ 14.456062] [ 14.456130] Memory state around the buggy address: [ 14.456277] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.456593] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.456980] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.457295] ^ [ 14.457501] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.457829] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.458148] ================================================================== [ 14.538874] ================================================================== [ 14.539406] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.539854] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.540194] [ 14.540321] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.540363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.540374] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.540393] Call Trace: [ 14.540407] <TASK> [ 14.540422] dump_stack_lvl+0x73/0xb0 [ 14.540449] print_report+0xd1/0x650 [ 14.540471] ? __virt_addr_valid+0x1db/0x2d0 [ 14.540528] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.540554] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.540578] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.540605] kasan_report+0x141/0x180 [ 14.540626] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.540688] kasan_check_range+0x10c/0x1c0 [ 14.540712] __kasan_check_write+0x18/0x20 [ 14.540730] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.540809] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.540837] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.540862] ? trace_hardirqs_on+0x37/0xe0 [ 14.540883] ? kasan_bitops_generic+0x92/0x1c0 [ 14.541002] kasan_bitops_generic+0x116/0x1c0 [ 14.541030] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.541056] ? __pfx_read_tsc+0x10/0x10 [ 14.541077] ? ktime_get_ts64+0x86/0x230 [ 14.541100] kunit_try_run_case+0x1a5/0x480 [ 14.541125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.541177] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.541225] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.541250] ? __kthread_parkme+0x82/0x180 [ 14.541270] ? preempt_count_sub+0x50/0x80 [ 14.541293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.541318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.541342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.541368] kthread+0x337/0x6f0 [ 14.541387] ? trace_preempt_on+0x20/0xc0 [ 14.541409] ? __pfx_kthread+0x10/0x10 [ 14.541429] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.541451] ? calculate_sigpending+0x7b/0xa0 [ 14.541475] ? __pfx_kthread+0x10/0x10 [ 14.541497] ret_from_fork+0x116/0x1d0 [ 14.541514] ? __pfx_kthread+0x10/0x10 [ 14.541535] ret_from_fork_asm+0x1a/0x30 [ 14.541567] </TASK> [ 14.541576] [ 14.549810] Allocated by task 278: [ 14.549946] kasan_save_stack+0x45/0x70 [ 14.550130] kasan_save_track+0x18/0x40 [ 14.550397] kasan_save_alloc_info+0x3b/0x50 [ 14.550643] __kasan_kmalloc+0xb7/0xc0 [ 14.550860] __kmalloc_cache_noprof+0x189/0x420 [ 14.551090] kasan_bitops_generic+0x92/0x1c0 [ 14.551335] kunit_try_run_case+0x1a5/0x480 [ 14.551548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.551863] kthread+0x337/0x6f0 [ 14.552020] ret_from_fork+0x116/0x1d0 [ 14.552231] ret_from_fork_asm+0x1a/0x30 [ 14.552429] [ 14.552555] The buggy address belongs to the object at ffff888102321e80 [ 14.552555] which belongs to the cache kmalloc-16 of size 16 [ 14.553103] The buggy address is located 8 bytes inside of [ 14.553103] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.553644] [ 14.553772] The buggy address belongs to the physical page: [ 14.554037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.554405] flags: 0x200000000000000(node=0|zone=2) [ 14.554661] page_type: f5(slab) [ 14.554874] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.555233] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.555600] page dumped because: kasan: bad access detected [ 14.555897] [ 14.556025] Memory state around the buggy address: [ 14.556324] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.556676] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.557053] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.557362] ^ [ 14.557533] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.557797] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.558070] ================================================================== [ 14.459519] ================================================================== [ 14.459930] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.460353] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.460675] [ 14.460810] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.460852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.460898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.460929] Call Trace: [ 14.460940] <TASK> [ 14.460953] dump_stack_lvl+0x73/0xb0 [ 14.460981] print_report+0xd1/0x650 [ 14.461002] ? __virt_addr_valid+0x1db/0x2d0 [ 14.461024] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.461050] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.461107] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.461134] kasan_report+0x141/0x180 [ 14.461156] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.461187] kasan_check_range+0x10c/0x1c0 [ 14.461239] __kasan_check_write+0x18/0x20 [ 14.461258] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.461285] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.461313] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.461338] ? trace_hardirqs_on+0x37/0xe0 [ 14.461359] ? kasan_bitops_generic+0x92/0x1c0 [ 14.461388] kasan_bitops_generic+0x116/0x1c0 [ 14.461411] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.461436] ? __pfx_read_tsc+0x10/0x10 [ 14.461485] ? ktime_get_ts64+0x86/0x230 [ 14.461532] kunit_try_run_case+0x1a5/0x480 [ 14.461556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.461579] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.461602] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.461626] ? __kthread_parkme+0x82/0x180 [ 14.461647] ? preempt_count_sub+0x50/0x80 [ 14.461670] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.461694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.461719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.461765] kthread+0x337/0x6f0 [ 14.461783] ? trace_preempt_on+0x20/0xc0 [ 14.461805] ? __pfx_kthread+0x10/0x10 [ 14.461826] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.461848] ? calculate_sigpending+0x7b/0xa0 [ 14.461872] ? __pfx_kthread+0x10/0x10 [ 14.461894] ret_from_fork+0x116/0x1d0 [ 14.461913] ? __pfx_kthread+0x10/0x10 [ 14.461943] ret_from_fork_asm+0x1a/0x30 [ 14.461974] </TASK> [ 14.461984] [ 14.470896] Allocated by task 278: [ 14.471028] kasan_save_stack+0x45/0x70 [ 14.471211] kasan_save_track+0x18/0x40 [ 14.471442] kasan_save_alloc_info+0x3b/0x50 [ 14.471656] __kasan_kmalloc+0xb7/0xc0 [ 14.471896] __kmalloc_cache_noprof+0x189/0x420 [ 14.472148] kasan_bitops_generic+0x92/0x1c0 [ 14.472367] kunit_try_run_case+0x1a5/0x480 [ 14.472568] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.472878] kthread+0x337/0x6f0 [ 14.473058] ret_from_fork+0x116/0x1d0 [ 14.473242] ret_from_fork_asm+0x1a/0x30 [ 14.473442] [ 14.473558] The buggy address belongs to the object at ffff888102321e80 [ 14.473558] which belongs to the cache kmalloc-16 of size 16 [ 14.474127] The buggy address is located 8 bytes inside of [ 14.474127] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.474680] [ 14.474777] The buggy address belongs to the physical page: [ 14.475071] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.475412] flags: 0x200000000000000(node=0|zone=2) [ 14.475567] page_type: f5(slab) [ 14.475687] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.476087] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.476410] page dumped because: kasan: bad access detected [ 14.476658] [ 14.476767] Memory state around the buggy address: [ 14.477066] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.477393] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.477672] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.477937] ^ [ 14.478150] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.478564] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.478943] ================================================================== [ 14.519651] ================================================================== [ 14.520107] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.520483] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.520815] [ 14.520970] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.521013] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.521025] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.521043] Call Trace: [ 14.521056] <TASK> [ 14.521070] dump_stack_lvl+0x73/0xb0 [ 14.521131] print_report+0xd1/0x650 [ 14.521154] ? __virt_addr_valid+0x1db/0x2d0 [ 14.521177] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.521203] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.521226] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.521284] kasan_report+0x141/0x180 [ 14.521305] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.521337] kasan_check_range+0x10c/0x1c0 [ 14.521361] __kasan_check_write+0x18/0x20 [ 14.521407] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.521434] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.521462] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.521486] ? trace_hardirqs_on+0x37/0xe0 [ 14.521509] ? kasan_bitops_generic+0x92/0x1c0 [ 14.521537] kasan_bitops_generic+0x116/0x1c0 [ 14.521560] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.521587] ? __pfx_read_tsc+0x10/0x10 [ 14.521607] ? ktime_get_ts64+0x86/0x230 [ 14.521631] kunit_try_run_case+0x1a5/0x480 [ 14.521655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.521677] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.521701] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.521727] ? __kthread_parkme+0x82/0x180 [ 14.521803] ? preempt_count_sub+0x50/0x80 [ 14.521830] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.521856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.521881] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.521906] kthread+0x337/0x6f0 [ 14.521937] ? trace_preempt_on+0x20/0xc0 [ 14.521958] ? __pfx_kthread+0x10/0x10 [ 14.521979] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.522001] ? calculate_sigpending+0x7b/0xa0 [ 14.522024] ? __pfx_kthread+0x10/0x10 [ 14.522045] ret_from_fork+0x116/0x1d0 [ 14.522064] ? __pfx_kthread+0x10/0x10 [ 14.522083] ret_from_fork_asm+0x1a/0x30 [ 14.522115] </TASK> [ 14.522125] [ 14.530424] Allocated by task 278: [ 14.530607] kasan_save_stack+0x45/0x70 [ 14.530823] kasan_save_track+0x18/0x40 [ 14.531025] kasan_save_alloc_info+0x3b/0x50 [ 14.531187] __kasan_kmalloc+0xb7/0xc0 [ 14.531359] __kmalloc_cache_noprof+0x189/0x420 [ 14.531589] kasan_bitops_generic+0x92/0x1c0 [ 14.531792] kunit_try_run_case+0x1a5/0x480 [ 14.532083] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.532317] kthread+0x337/0x6f0 [ 14.532483] ret_from_fork+0x116/0x1d0 [ 14.532651] ret_from_fork_asm+0x1a/0x30 [ 14.532814] [ 14.532884] The buggy address belongs to the object at ffff888102321e80 [ 14.532884] which belongs to the cache kmalloc-16 of size 16 [ 14.533228] The buggy address is located 8 bytes inside of [ 14.533228] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.533581] [ 14.533717] The buggy address belongs to the physical page: [ 14.534078] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.534541] flags: 0x200000000000000(node=0|zone=2) [ 14.534898] page_type: f5(slab) [ 14.535074] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.535408] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.535755] page dumped because: kasan: bad access detected [ 14.535931] [ 14.536000] Memory state around the buggy address: [ 14.536150] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.536500] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.536879] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.537206] ^ [ 14.537409] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.537755] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.538085] ================================================================== [ 14.558954] ================================================================== [ 14.559386] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.559681] Write of size 8 at addr ffff888102321e88 by task kunit_try_catch/278 [ 14.559984] [ 14.560072] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.560112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.560123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.560142] Call Trace: [ 14.560153] <TASK> [ 14.560166] dump_stack_lvl+0x73/0xb0 [ 14.560228] print_report+0xd1/0x650 [ 14.560250] ? __virt_addr_valid+0x1db/0x2d0 [ 14.560273] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.560299] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.560322] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.560349] kasan_report+0x141/0x180 [ 14.560370] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.560402] kasan_check_range+0x10c/0x1c0 [ 14.560426] __kasan_check_write+0x18/0x20 [ 14.560445] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.560472] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.560500] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.560524] ? trace_hardirqs_on+0x37/0xe0 [ 14.560545] ? kasan_bitops_generic+0x92/0x1c0 [ 14.560573] kasan_bitops_generic+0x116/0x1c0 [ 14.560597] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.560622] ? __pfx_read_tsc+0x10/0x10 [ 14.560644] ? ktime_get_ts64+0x86/0x230 [ 14.560667] kunit_try_run_case+0x1a5/0x480 [ 14.560691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.560715] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.560787] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.560813] ? __kthread_parkme+0x82/0x180 [ 14.560832] ? preempt_count_sub+0x50/0x80 [ 14.560857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.560882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.560907] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.560942] kthread+0x337/0x6f0 [ 14.560961] ? trace_preempt_on+0x20/0xc0 [ 14.560982] ? __pfx_kthread+0x10/0x10 [ 14.561003] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.561025] ? calculate_sigpending+0x7b/0xa0 [ 14.561049] ? __pfx_kthread+0x10/0x10 [ 14.561071] ret_from_fork+0x116/0x1d0 [ 14.561088] ? __pfx_kthread+0x10/0x10 [ 14.561109] ret_from_fork_asm+0x1a/0x30 [ 14.561141] </TASK> [ 14.561151] [ 14.569561] Allocated by task 278: [ 14.569786] kasan_save_stack+0x45/0x70 [ 14.570025] kasan_save_track+0x18/0x40 [ 14.570215] kasan_save_alloc_info+0x3b/0x50 [ 14.570385] __kasan_kmalloc+0xb7/0xc0 [ 14.570540] __kmalloc_cache_noprof+0x189/0x420 [ 14.570817] kasan_bitops_generic+0x92/0x1c0 [ 14.571045] kunit_try_run_case+0x1a5/0x480 [ 14.571273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.571538] kthread+0x337/0x6f0 [ 14.571664] ret_from_fork+0x116/0x1d0 [ 14.571853] ret_from_fork_asm+0x1a/0x30 [ 14.572156] [ 14.572270] The buggy address belongs to the object at ffff888102321e80 [ 14.572270] which belongs to the cache kmalloc-16 of size 16 [ 14.572646] The buggy address is located 8 bytes inside of [ 14.572646] allocated 9-byte region [ffff888102321e80, ffff888102321e89) [ 14.573201] [ 14.573297] The buggy address belongs to the physical page: [ 14.573522] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102321 [ 14.573787] flags: 0x200000000000000(node=0|zone=2) [ 14.573982] page_type: f5(slab) [ 14.574155] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.574625] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.575028] page dumped because: kasan: bad access detected [ 14.575311] [ 14.575425] Memory state around the buggy address: [ 14.575613] ffff888102321d80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 14.575905] ffff888102321e00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.576267] >ffff888102321e80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.576581] ^ [ 14.576794] ffff888102321f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.577119] ffff888102321f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.577441] ==================================================================