Date
July 12, 2025, 11:09 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 18.807047] ================================================================== [ 18.807101] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 18.807155] Read of size 8 at addr fff00000c45d1b08 by task kunit_try_catch/261 [ 18.807228] [ 18.807261] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.807344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.808438] Hardware name: linux,dummy-virt (DT) [ 18.808492] Call trace: [ 18.808665] show_stack+0x20/0x38 (C) [ 18.808723] dump_stack_lvl+0x8c/0xd0 [ 18.808848] print_report+0x118/0x5d0 [ 18.808898] kasan_report+0xdc/0x128 [ 18.808947] __asan_report_load8_noabort+0x20/0x30 [ 18.809075] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 18.809132] kasan_bitops_generic+0x110/0x1c8 [ 18.809682] kunit_try_run_case+0x170/0x3f0 [ 18.810393] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.810738] kthread+0x328/0x630 [ 18.811019] ret_from_fork+0x10/0x20 [ 18.811368] [ 18.811392] Allocated by task 261: [ 18.811645] kasan_save_stack+0x3c/0x68 [ 18.811719] kasan_save_track+0x20/0x40 [ 18.811918] kasan_save_alloc_info+0x40/0x58 [ 18.812180] __kasan_kmalloc+0xd4/0xd8 [ 18.812784] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.813055] kasan_bitops_generic+0xa0/0x1c8 [ 18.813101] kunit_try_run_case+0x170/0x3f0 [ 18.813338] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.813477] kthread+0x328/0x630 [ 18.813515] ret_from_fork+0x10/0x20 [ 18.813892] [ 18.814187] The buggy address belongs to the object at fff00000c45d1b00 [ 18.814187] which belongs to the cache kmalloc-16 of size 16 [ 18.814474] The buggy address is located 8 bytes inside of [ 18.814474] allocated 9-byte region [fff00000c45d1b00, fff00000c45d1b09) [ 18.814546] [ 18.814986] The buggy address belongs to the physical page: [ 18.815037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045d1 [ 18.815107] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.815392] page_type: f5(slab) [ 18.815444] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.815890] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.816167] page dumped because: kasan: bad access detected [ 18.816253] [ 18.816503] Memory state around the buggy address: [ 18.816542] fff00000c45d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.816865] fff00000c45d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.816999] >fff00000c45d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.817313] ^ [ 18.817580] fff00000c45d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.817762] fff00000c45d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.818039] ================================================================== [ 18.832761] ================================================================== [ 18.832825] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 18.832881] Read of size 8 at addr fff00000c45d1b08 by task kunit_try_catch/261 [ 18.833421] [ 18.833545] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.833639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.833668] Hardware name: linux,dummy-virt (DT) [ 18.833704] Call trace: [ 18.833727] show_stack+0x20/0x38 (C) [ 18.833780] dump_stack_lvl+0x8c/0xd0 [ 18.833828] print_report+0x118/0x5d0 [ 18.833877] kasan_report+0xdc/0x128 [ 18.833923] __asan_report_load8_noabort+0x20/0x30 [ 18.835337] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 18.835595] kasan_bitops_generic+0x110/0x1c8 [ 18.835784] kunit_try_run_case+0x170/0x3f0 [ 18.836390] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.836787] kthread+0x328/0x630 [ 18.836843] ret_from_fork+0x10/0x20 [ 18.836903] [ 18.836923] Allocated by task 261: [ 18.836955] kasan_save_stack+0x3c/0x68 [ 18.837534] kasan_save_track+0x20/0x40 [ 18.837596] kasan_save_alloc_info+0x40/0x58 [ 18.837971] __kasan_kmalloc+0xd4/0xd8 [ 18.838091] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.838416] kasan_bitops_generic+0xa0/0x1c8 [ 18.838572] kunit_try_run_case+0x170/0x3f0 [ 18.838860] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.839115] kthread+0x328/0x630 [ 18.839320] ret_from_fork+0x10/0x20 [ 18.839759] [ 18.839838] The buggy address belongs to the object at fff00000c45d1b00 [ 18.839838] which belongs to the cache kmalloc-16 of size 16 [ 18.839910] The buggy address is located 8 bytes inside of [ 18.839910] allocated 9-byte region [fff00000c45d1b00, fff00000c45d1b09) [ 18.839976] [ 18.840696] The buggy address belongs to the physical page: [ 18.840733] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045d1 [ 18.840797] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.840853] page_type: f5(slab) [ 18.840896] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.841109] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.841794] page dumped because: kasan: bad access detected [ 18.841974] [ 18.841995] Memory state around the buggy address: [ 18.842380] fff00000c45d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.842434] fff00000c45d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.843064] >fff00000c45d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.843259] ^ [ 18.843298] fff00000c45d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.843346] fff00000c45d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.843575] ================================================================== [ 18.845776] ================================================================== [ 18.845830] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 18.845884] Write of size 8 at addr fff00000c45d1b08 by task kunit_try_catch/261 [ 18.845944] [ 18.845976] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.846063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.846092] Hardware name: linux,dummy-virt (DT) [ 18.847312] Call trace: [ 18.847357] show_stack+0x20/0x38 (C) [ 18.847418] dump_stack_lvl+0x8c/0xd0 [ 18.847475] print_report+0x118/0x5d0 [ 18.847524] kasan_report+0xdc/0x128 [ 18.847572] kasan_check_range+0x100/0x1a8 [ 18.848042] __kasan_check_write+0x20/0x30 [ 18.848130] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 18.848198] kasan_bitops_generic+0x110/0x1c8 [ 18.848248] kunit_try_run_case+0x170/0x3f0 [ 18.848728] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.848886] kthread+0x328/0x630 [ 18.849264] ret_from_fork+0x10/0x20 [ 18.849343] [ 18.849365] Allocated by task 261: [ 18.849401] kasan_save_stack+0x3c/0x68 [ 18.849448] kasan_save_track+0x20/0x40 [ 18.849490] kasan_save_alloc_info+0x40/0x58 [ 18.849532] __kasan_kmalloc+0xd4/0xd8 [ 18.850282] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.850355] kasan_bitops_generic+0xa0/0x1c8 [ 18.850619] kunit_try_run_case+0x170/0x3f0 [ 18.850664] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.850712] kthread+0x328/0x630 [ 18.851164] ret_from_fork+0x10/0x20 [ 18.851375] [ 18.851403] The buggy address belongs to the object at fff00000c45d1b00 [ 18.851403] which belongs to the cache kmalloc-16 of size 16 [ 18.851849] The buggy address is located 8 bytes inside of [ 18.851849] allocated 9-byte region [fff00000c45d1b00, fff00000c45d1b09) [ 18.851924] [ 18.852305] The buggy address belongs to the physical page: [ 18.852583] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045d1 [ 18.852848] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.853140] page_type: f5(slab) [ 18.853320] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.853597] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.853645] page dumped because: kasan: bad access detected [ 18.854437] fff00000c45d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.857296] Call trace: [ 18.859066] __kasan_check_write+0x20/0x30 [ 18.859578] kasan_save_alloc_info+0x40/0x58 [ 18.862725] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.863978] [ 18.865198] ^ [ 18.865918] ================================================================== [ 18.819376] ================================================================== [ 18.819438] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 18.819494] Write of size 8 at addr fff00000c45d1b08 by task kunit_try_catch/261 [ 18.819548] [ 18.819580] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.819666] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.819694] Hardware name: linux,dummy-virt (DT) [ 18.820744] Call trace: [ 18.820786] show_stack+0x20/0x38 (C) [ 18.822297] dump_stack_lvl+0x8c/0xd0 [ 18.822397] print_report+0x118/0x5d0 [ 18.822692] kasan_report+0xdc/0x128 [ 18.822827] kasan_check_range+0x100/0x1a8 [ 18.823091] __kasan_check_write+0x20/0x30 [ 18.823498] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 18.823566] kasan_bitops_generic+0x110/0x1c8 [ 18.823989] kunit_try_run_case+0x170/0x3f0 [ 18.824054] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.824521] kthread+0x328/0x630 [ 18.824602] ret_from_fork+0x10/0x20 [ 18.825023] [ 18.825057] Allocated by task 261: [ 18.825268] kasan_save_stack+0x3c/0x68 [ 18.825564] kasan_save_track+0x20/0x40 [ 18.825848] kasan_save_alloc_info+0x40/0x58 [ 18.825997] __kasan_kmalloc+0xd4/0xd8 [ 18.826041] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.826084] kasan_bitops_generic+0xa0/0x1c8 [ 18.826124] kunit_try_run_case+0x170/0x3f0 [ 18.826165] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.826222] kthread+0x328/0x630 [ 18.826967] ret_from_fork+0x10/0x20 [ 18.827335] [ 18.827360] The buggy address belongs to the object at fff00000c45d1b00 [ 18.827360] which belongs to the cache kmalloc-16 of size 16 [ 18.827675] The buggy address is located 8 bytes inside of [ 18.827675] allocated 9-byte region [fff00000c45d1b00, fff00000c45d1b09) [ 18.827819] [ 18.828045] The buggy address belongs to the physical page: [ 18.828085] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045d1 [ 18.828578] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.828721] page_type: f5(slab) [ 18.828764] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.829106] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.829415] page dumped because: kasan: bad access detected [ 18.829469] [ 18.829661] Memory state around the buggy address: [ 18.829700] fff00000c45d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.830116] fff00000c45d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.830180] >fff00000c45d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.830908] ^ [ 18.831208] fff00000c45d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.831285] fff00000c45d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.831327] ================================================================== [ 18.794315] ================================================================== [ 18.794380] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 18.794437] Write of size 8 at addr fff00000c45d1b08 by task kunit_try_catch/261 [ 18.794489] [ 18.794521] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.796318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.796369] Hardware name: linux,dummy-virt (DT) [ 18.796882] Call trace: [ 18.797116] show_stack+0x20/0x38 (C) [ 18.797256] dump_stack_lvl+0x8c/0xd0 [ 18.797550] print_report+0x118/0x5d0 [ 18.797602] kasan_report+0xdc/0x128 [ 18.798082] kasan_check_range+0x100/0x1a8 [ 18.798142] __kasan_check_write+0x20/0x30 [ 18.798910] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 18.799205] kasan_bitops_generic+0x110/0x1c8 [ 18.799314] kunit_try_run_case+0x170/0x3f0 [ 18.799366] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.799524] kthread+0x328/0x630 [ 18.799577] ret_from_fork+0x10/0x20 [ 18.799771] [ 18.799797] Allocated by task 261: [ 18.799977] kasan_save_stack+0x3c/0x68 [ 18.800159] kasan_save_track+0x20/0x40 [ 18.800236] kasan_save_alloc_info+0x40/0x58 [ 18.800996] __kasan_kmalloc+0xd4/0xd8 [ 18.801241] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.801355] kasan_bitops_generic+0xa0/0x1c8 [ 18.801403] kunit_try_run_case+0x170/0x3f0 [ 18.801883] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.801953] kthread+0x328/0x630 [ 18.801989] ret_from_fork+0x10/0x20 [ 18.802496] [ 18.802694] The buggy address belongs to the object at fff00000c45d1b00 [ 18.802694] which belongs to the cache kmalloc-16 of size 16 [ 18.802928] The buggy address is located 8 bytes inside of [ 18.802928] allocated 9-byte region [fff00000c45d1b00, fff00000c45d1b09) [ 18.803089] [ 18.803114] The buggy address belongs to the physical page: [ 18.803469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1045d1 [ 18.803536] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.803731] page_type: f5(slab) [ 18.804044] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.804232] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.804278] page dumped because: kasan: bad access detected [ 18.804316] [ 18.804409] Memory state around the buggy address: [ 18.804447] fff00000c45d1a00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.804874] fff00000c45d1a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.805195] >fff00000c45d1b00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.805402] ^ [ 18.805474] fff00000c45d1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.805540] fff00000c45d1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.805584] ==================================================================
[ 15.060506] ================================================================== [ 15.060825] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.061131] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.061601] [ 15.061722] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.061766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.061778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.061800] Call Trace: [ 15.061818] <TASK> [ 15.061833] dump_stack_lvl+0x73/0xb0 [ 15.061863] print_report+0xd1/0x610 [ 15.061886] ? __virt_addr_valid+0x1db/0x2d0 [ 15.061910] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.061937] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.061961] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.061988] kasan_report+0x141/0x180 [ 15.062010] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.062042] kasan_check_range+0x10c/0x1c0 [ 15.062128] __kasan_check_write+0x18/0x20 [ 15.062153] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.062181] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.062210] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.062236] ? trace_hardirqs_on+0x37/0xe0 [ 15.062259] ? kasan_bitops_generic+0x92/0x1c0 [ 15.062299] kasan_bitops_generic+0x116/0x1c0 [ 15.062323] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.062350] ? __pfx_read_tsc+0x10/0x10 [ 15.062372] ? ktime_get_ts64+0x86/0x230 [ 15.062397] kunit_try_run_case+0x1a5/0x480 [ 15.062422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.062445] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.062471] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.062496] ? __kthread_parkme+0x82/0x180 [ 15.062518] ? preempt_count_sub+0x50/0x80 [ 15.062542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.062567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.062593] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.062619] kthread+0x337/0x6f0 [ 15.062639] ? trace_preempt_on+0x20/0xc0 [ 15.062661] ? __pfx_kthread+0x10/0x10 [ 15.062682] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.062708] ? calculate_sigpending+0x7b/0xa0 [ 15.062734] ? __pfx_kthread+0x10/0x10 [ 15.062755] ret_from_fork+0x116/0x1d0 [ 15.062774] ? __pfx_kthread+0x10/0x10 [ 15.062794] ret_from_fork_asm+0x1a/0x30 [ 15.062826] </TASK> [ 15.062836] [ 15.070805] Allocated by task 278: [ 15.070951] kasan_save_stack+0x45/0x70 [ 15.071149] kasan_save_track+0x18/0x40 [ 15.071351] kasan_save_alloc_info+0x3b/0x50 [ 15.071558] __kasan_kmalloc+0xb7/0xc0 [ 15.071745] __kmalloc_cache_noprof+0x189/0x420 [ 15.071962] kasan_bitops_generic+0x92/0x1c0 [ 15.072165] kunit_try_run_case+0x1a5/0x480 [ 15.072398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.072739] kthread+0x337/0x6f0 [ 15.072859] ret_from_fork+0x116/0x1d0 [ 15.073051] ret_from_fork_asm+0x1a/0x30 [ 15.073422] [ 15.073551] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.073551] which belongs to the cache kmalloc-16 of size 16 [ 15.074242] The buggy address is located 8 bytes inside of [ 15.074242] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.074687] [ 15.074791] The buggy address belongs to the physical page: [ 15.075058] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.075511] flags: 0x200000000000000(node=0|zone=2) [ 15.075725] page_type: f5(slab) [ 15.075893] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.076294] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.076560] page dumped because: kasan: bad access detected [ 15.076731] [ 15.076801] Memory state around the buggy address: [ 15.077041] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.077368] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.077679] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.077972] ^ [ 15.078199] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.078429] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.078670] ================================================================== [ 15.140898] ================================================================== [ 15.141180] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.141576] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.141900] [ 15.142006] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.142047] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.142060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.142081] Call Trace: [ 15.142093] <TASK> [ 15.142106] dump_stack_lvl+0x73/0xb0 [ 15.142133] print_report+0xd1/0x610 [ 15.142155] ? __virt_addr_valid+0x1db/0x2d0 [ 15.142177] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.142205] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.142228] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.142256] kasan_report+0x141/0x180 [ 15.142289] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.142321] kasan_check_range+0x10c/0x1c0 [ 15.142345] __kasan_check_write+0x18/0x20 [ 15.142364] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.142391] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.142420] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.142444] ? trace_hardirqs_on+0x37/0xe0 [ 15.142467] ? kasan_bitops_generic+0x92/0x1c0 [ 15.142494] kasan_bitops_generic+0x116/0x1c0 [ 15.142518] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.142544] ? __pfx_read_tsc+0x10/0x10 [ 15.142563] ? ktime_get_ts64+0x86/0x230 [ 15.142586] kunit_try_run_case+0x1a5/0x480 [ 15.142610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.142633] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.142657] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.142682] ? __kthread_parkme+0x82/0x180 [ 15.142701] ? preempt_count_sub+0x50/0x80 [ 15.142729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.142754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.142779] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.142805] kthread+0x337/0x6f0 [ 15.142823] ? trace_preempt_on+0x20/0xc0 [ 15.142845] ? __pfx_kthread+0x10/0x10 [ 15.142865] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.142887] ? calculate_sigpending+0x7b/0xa0 [ 15.142910] ? __pfx_kthread+0x10/0x10 [ 15.142931] ret_from_fork+0x116/0x1d0 [ 15.142950] ? __pfx_kthread+0x10/0x10 [ 15.142970] ret_from_fork_asm+0x1a/0x30 [ 15.143000] </TASK> [ 15.143010] [ 15.151406] Allocated by task 278: [ 15.151576] kasan_save_stack+0x45/0x70 [ 15.151774] kasan_save_track+0x18/0x40 [ 15.151932] kasan_save_alloc_info+0x3b/0x50 [ 15.152228] __kasan_kmalloc+0xb7/0xc0 [ 15.152396] __kmalloc_cache_noprof+0x189/0x420 [ 15.152553] kasan_bitops_generic+0x92/0x1c0 [ 15.152704] kunit_try_run_case+0x1a5/0x480 [ 15.152851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.153104] kthread+0x337/0x6f0 [ 15.153295] ret_from_fork+0x116/0x1d0 [ 15.153481] ret_from_fork_asm+0x1a/0x30 [ 15.153838] [ 15.154166] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.154166] which belongs to the cache kmalloc-16 of size 16 [ 15.154658] The buggy address is located 8 bytes inside of [ 15.154658] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.155079] [ 15.155179] The buggy address belongs to the physical page: [ 15.155446] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.155803] flags: 0x200000000000000(node=0|zone=2) [ 15.156114] page_type: f5(slab) [ 15.156246] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.156509] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.156823] page dumped because: kasan: bad access detected [ 15.157084] [ 15.157181] Memory state around the buggy address: [ 15.157394] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.157625] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.157946] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.158238] ^ [ 15.158526] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.158831] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.159158] ================================================================== [ 15.041683] ================================================================== [ 15.042006] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.042530] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.042801] [ 15.042916] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.042960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.042971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.042993] Call Trace: [ 15.043007] <TASK> [ 15.043023] dump_stack_lvl+0x73/0xb0 [ 15.043110] print_report+0xd1/0x610 [ 15.043134] ? __virt_addr_valid+0x1db/0x2d0 [ 15.043158] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.043186] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.043210] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.043238] kasan_report+0x141/0x180 [ 15.043259] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.043303] kasan_check_range+0x10c/0x1c0 [ 15.043327] __kasan_check_write+0x18/0x20 [ 15.043347] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.043374] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.043403] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.043428] ? trace_hardirqs_on+0x37/0xe0 [ 15.043452] ? kasan_bitops_generic+0x92/0x1c0 [ 15.043480] kasan_bitops_generic+0x116/0x1c0 [ 15.043504] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.043529] ? __pfx_read_tsc+0x10/0x10 [ 15.043551] ? ktime_get_ts64+0x86/0x230 [ 15.043577] kunit_try_run_case+0x1a5/0x480 [ 15.043603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.043626] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.043652] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.043676] ? __kthread_parkme+0x82/0x180 [ 15.043699] ? preempt_count_sub+0x50/0x80 [ 15.043724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.043749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.043774] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.043800] kthread+0x337/0x6f0 [ 15.043819] ? trace_preempt_on+0x20/0xc0 [ 15.043841] ? __pfx_kthread+0x10/0x10 [ 15.043862] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.043883] ? calculate_sigpending+0x7b/0xa0 [ 15.043910] ? __pfx_kthread+0x10/0x10 [ 15.043932] ret_from_fork+0x116/0x1d0 [ 15.043951] ? __pfx_kthread+0x10/0x10 [ 15.043972] ret_from_fork_asm+0x1a/0x30 [ 15.044052] </TASK> [ 15.044061] [ 15.052517] Allocated by task 278: [ 15.052677] kasan_save_stack+0x45/0x70 [ 15.052825] kasan_save_track+0x18/0x40 [ 15.052959] kasan_save_alloc_info+0x3b/0x50 [ 15.053180] __kasan_kmalloc+0xb7/0xc0 [ 15.053383] __kmalloc_cache_noprof+0x189/0x420 [ 15.053603] kasan_bitops_generic+0x92/0x1c0 [ 15.053821] kunit_try_run_case+0x1a5/0x480 [ 15.053987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.054227] kthread+0x337/0x6f0 [ 15.054360] ret_from_fork+0x116/0x1d0 [ 15.054508] ret_from_fork_asm+0x1a/0x30 [ 15.054717] [ 15.054812] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.054812] which belongs to the cache kmalloc-16 of size 16 [ 15.055250] The buggy address is located 8 bytes inside of [ 15.055250] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.055894] [ 15.055970] The buggy address belongs to the physical page: [ 15.056303] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.056657] flags: 0x200000000000000(node=0|zone=2) [ 15.056822] page_type: f5(slab) [ 15.056945] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.057469] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.057720] page dumped because: kasan: bad access detected [ 15.057892] [ 15.058025] Memory state around the buggy address: [ 15.058256] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.058584] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.058917] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.059234] ^ [ 15.059449] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.059735] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.059998] ================================================================== [ 15.103442] ================================================================== [ 15.103718] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.104014] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.104473] [ 15.104589] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.104630] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.104644] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.104665] Call Trace: [ 15.104679] <TASK> [ 15.104694] dump_stack_lvl+0x73/0xb0 [ 15.104722] print_report+0xd1/0x610 [ 15.104744] ? __virt_addr_valid+0x1db/0x2d0 [ 15.104767] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.104794] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.104818] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.104845] kasan_report+0x141/0x180 [ 15.104867] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.104899] kasan_check_range+0x10c/0x1c0 [ 15.104923] __kasan_check_write+0x18/0x20 [ 15.104943] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.104970] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.105012] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.105036] ? trace_hardirqs_on+0x37/0xe0 [ 15.105058] ? kasan_bitops_generic+0x92/0x1c0 [ 15.105086] kasan_bitops_generic+0x116/0x1c0 [ 15.105110] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.105137] ? __pfx_read_tsc+0x10/0x10 [ 15.105158] ? ktime_get_ts64+0x86/0x230 [ 15.105182] kunit_try_run_case+0x1a5/0x480 [ 15.105206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.105230] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.105254] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.105290] ? __kthread_parkme+0x82/0x180 [ 15.105311] ? preempt_count_sub+0x50/0x80 [ 15.105334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.105359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.105385] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.105412] kthread+0x337/0x6f0 [ 15.105430] ? trace_preempt_on+0x20/0xc0 [ 15.105452] ? __pfx_kthread+0x10/0x10 [ 15.105473] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.105494] ? calculate_sigpending+0x7b/0xa0 [ 15.105518] ? __pfx_kthread+0x10/0x10 [ 15.105540] ret_from_fork+0x116/0x1d0 [ 15.105558] ? __pfx_kthread+0x10/0x10 [ 15.105579] ret_from_fork_asm+0x1a/0x30 [ 15.105609] </TASK> [ 15.105619] [ 15.113553] Allocated by task 278: [ 15.113732] kasan_save_stack+0x45/0x70 [ 15.113917] kasan_save_track+0x18/0x40 [ 15.114345] kasan_save_alloc_info+0x3b/0x50 [ 15.114557] __kasan_kmalloc+0xb7/0xc0 [ 15.114733] __kmalloc_cache_noprof+0x189/0x420 [ 15.114924] kasan_bitops_generic+0x92/0x1c0 [ 15.115184] kunit_try_run_case+0x1a5/0x480 [ 15.115416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.115611] kthread+0x337/0x6f0 [ 15.115783] ret_from_fork+0x116/0x1d0 [ 15.116038] ret_from_fork_asm+0x1a/0x30 [ 15.116218] [ 15.116329] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.116329] which belongs to the cache kmalloc-16 of size 16 [ 15.116798] The buggy address is located 8 bytes inside of [ 15.116798] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.117345] [ 15.117427] The buggy address belongs to the physical page: [ 15.117598] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.117836] flags: 0x200000000000000(node=0|zone=2) [ 15.117997] page_type: f5(slab) [ 15.118137] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.118483] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.118831] page dumped because: kasan: bad access detected [ 15.119069] [ 15.119138] Memory state around the buggy address: [ 15.119353] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.119574] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.119789] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.120223] ^ [ 15.120453] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.120785] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.121102] ================================================================== [ 15.020860] ================================================================== [ 15.022073] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.022466] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.022759] [ 15.022875] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.022920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.022933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.022955] Call Trace: [ 15.022967] <TASK> [ 15.022983] dump_stack_lvl+0x73/0xb0 [ 15.023012] print_report+0xd1/0x610 [ 15.023035] ? __virt_addr_valid+0x1db/0x2d0 [ 15.023059] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.023087] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.023110] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.023138] kasan_report+0x141/0x180 [ 15.023160] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.023191] kasan_check_range+0x10c/0x1c0 [ 15.023214] __kasan_check_write+0x18/0x20 [ 15.023235] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.023272] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.023300] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.023326] ? trace_hardirqs_on+0x37/0xe0 [ 15.023348] ? kasan_bitops_generic+0x92/0x1c0 [ 15.023376] kasan_bitops_generic+0x116/0x1c0 [ 15.023400] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.023427] ? __pfx_read_tsc+0x10/0x10 [ 15.023448] ? ktime_get_ts64+0x86/0x230 [ 15.023473] kunit_try_run_case+0x1a5/0x480 [ 15.023511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.023550] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.023582] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.023606] ? __kthread_parkme+0x82/0x180 [ 15.023628] ? preempt_count_sub+0x50/0x80 [ 15.023653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.023678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.023703] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.023730] kthread+0x337/0x6f0 [ 15.023749] ? trace_preempt_on+0x20/0xc0 [ 15.023771] ? __pfx_kthread+0x10/0x10 [ 15.023792] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.023813] ? calculate_sigpending+0x7b/0xa0 [ 15.023838] ? __pfx_kthread+0x10/0x10 [ 15.023859] ret_from_fork+0x116/0x1d0 [ 15.023878] ? __pfx_kthread+0x10/0x10 [ 15.023898] ret_from_fork_asm+0x1a/0x30 [ 15.023929] </TASK> [ 15.023940] [ 15.032429] Allocated by task 278: [ 15.033036] kasan_save_stack+0x45/0x70 [ 15.033239] kasan_save_track+0x18/0x40 [ 15.033433] kasan_save_alloc_info+0x3b/0x50 [ 15.033602] __kasan_kmalloc+0xb7/0xc0 [ 15.033791] __kmalloc_cache_noprof+0x189/0x420 [ 15.034076] kasan_bitops_generic+0x92/0x1c0 [ 15.034232] kunit_try_run_case+0x1a5/0x480 [ 15.034392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.034602] kthread+0x337/0x6f0 [ 15.034779] ret_from_fork+0x116/0x1d0 [ 15.034967] ret_from_fork_asm+0x1a/0x30 [ 15.035162] [ 15.035257] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.035257] which belongs to the cache kmalloc-16 of size 16 [ 15.035649] The buggy address is located 8 bytes inside of [ 15.035649] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.036555] [ 15.036656] The buggy address belongs to the physical page: [ 15.036867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.037109] flags: 0x200000000000000(node=0|zone=2) [ 15.037434] page_type: f5(slab) [ 15.037726] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.038465] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.038788] page dumped because: kasan: bad access detected [ 15.038998] [ 15.039089] Memory state around the buggy address: [ 15.039285] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.039553] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.039865] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.040077] ^ [ 15.040239] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.040567] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.040889] ================================================================== [ 15.079306] ================================================================== [ 15.079652] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.080055] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.080363] [ 15.080471] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.080512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.080525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.080545] Call Trace: [ 15.080560] <TASK> [ 15.080574] dump_stack_lvl+0x73/0xb0 [ 15.080602] print_report+0xd1/0x610 [ 15.080625] ? __virt_addr_valid+0x1db/0x2d0 [ 15.080648] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.080675] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.080699] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.080726] kasan_report+0x141/0x180 [ 15.080748] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.080780] kasan_check_range+0x10c/0x1c0 [ 15.080804] __kasan_check_write+0x18/0x20 [ 15.080824] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.080851] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.080879] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.080903] ? trace_hardirqs_on+0x37/0xe0 [ 15.080926] ? kasan_bitops_generic+0x92/0x1c0 [ 15.080954] kasan_bitops_generic+0x116/0x1c0 [ 15.080978] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.081004] ? __pfx_read_tsc+0x10/0x10 [ 15.081025] ? ktime_get_ts64+0x86/0x230 [ 15.081049] kunit_try_run_case+0x1a5/0x480 [ 15.081073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.081097] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.081121] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.081146] ? __kthread_parkme+0x82/0x180 [ 15.081166] ? preempt_count_sub+0x50/0x80 [ 15.081191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.081215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.081240] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.081275] kthread+0x337/0x6f0 [ 15.081295] ? trace_preempt_on+0x20/0xc0 [ 15.081317] ? __pfx_kthread+0x10/0x10 [ 15.081338] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.081360] ? calculate_sigpending+0x7b/0xa0 [ 15.081385] ? __pfx_kthread+0x10/0x10 [ 15.081406] ret_from_fork+0x116/0x1d0 [ 15.081425] ? __pfx_kthread+0x10/0x10 [ 15.081445] ret_from_fork_asm+0x1a/0x30 [ 15.081476] </TASK> [ 15.081486] [ 15.092566] Allocated by task 278: [ 15.092824] kasan_save_stack+0x45/0x70 [ 15.093146] kasan_save_track+0x18/0x40 [ 15.093426] kasan_save_alloc_info+0x3b/0x50 [ 15.093710] __kasan_kmalloc+0xb7/0xc0 [ 15.093858] __kmalloc_cache_noprof+0x189/0x420 [ 15.094082] kasan_bitops_generic+0x92/0x1c0 [ 15.094579] kunit_try_run_case+0x1a5/0x480 [ 15.094798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.095033] kthread+0x337/0x6f0 [ 15.095194] ret_from_fork+0x116/0x1d0 [ 15.095378] ret_from_fork_asm+0x1a/0x30 [ 15.095560] [ 15.095648] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.095648] which belongs to the cache kmalloc-16 of size 16 [ 15.096131] The buggy address is located 8 bytes inside of [ 15.096131] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.097039] [ 15.097302] The buggy address belongs to the physical page: [ 15.097790] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.098132] flags: 0x200000000000000(node=0|zone=2) [ 15.098486] page_type: f5(slab) [ 15.098622] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.098942] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.099564] page dumped because: kasan: bad access detected [ 15.099895] [ 15.100108] Memory state around the buggy address: [ 15.100341] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.100753] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.101165] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.101567] ^ [ 15.101735] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.102414] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.102697] ================================================================== [ 15.121926] ================================================================== [ 15.122278] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.122610] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.122945] [ 15.123154] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.123195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.123208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.123228] Call Trace: [ 15.123242] <TASK> [ 15.123255] dump_stack_lvl+0x73/0xb0 [ 15.123298] print_report+0xd1/0x610 [ 15.123320] ? __virt_addr_valid+0x1db/0x2d0 [ 15.123343] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.123370] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.123393] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.123421] kasan_report+0x141/0x180 [ 15.123443] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.123474] kasan_check_range+0x10c/0x1c0 [ 15.123498] __kasan_check_write+0x18/0x20 [ 15.123518] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.123545] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.123575] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.123600] ? trace_hardirqs_on+0x37/0xe0 [ 15.123623] ? kasan_bitops_generic+0x92/0x1c0 [ 15.123651] kasan_bitops_generic+0x116/0x1c0 [ 15.123674] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.123701] ? __pfx_read_tsc+0x10/0x10 [ 15.123722] ? ktime_get_ts64+0x86/0x230 [ 15.123745] kunit_try_run_case+0x1a5/0x480 [ 15.123769] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.123793] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.123816] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.123840] ? __kthread_parkme+0x82/0x180 [ 15.123861] ? preempt_count_sub+0x50/0x80 [ 15.123885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.123909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.123934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.123960] kthread+0x337/0x6f0 [ 15.123979] ? trace_preempt_on+0x20/0xc0 [ 15.124054] ? __pfx_kthread+0x10/0x10 [ 15.124075] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.124097] ? calculate_sigpending+0x7b/0xa0 [ 15.124120] ? __pfx_kthread+0x10/0x10 [ 15.124142] ret_from_fork+0x116/0x1d0 [ 15.124160] ? __pfx_kthread+0x10/0x10 [ 15.124181] ret_from_fork_asm+0x1a/0x30 [ 15.124211] </TASK> [ 15.124222] [ 15.132535] Allocated by task 278: [ 15.132721] kasan_save_stack+0x45/0x70 [ 15.132921] kasan_save_track+0x18/0x40 [ 15.133117] kasan_save_alloc_info+0x3b/0x50 [ 15.133519] __kasan_kmalloc+0xb7/0xc0 [ 15.133730] __kmalloc_cache_noprof+0x189/0x420 [ 15.133955] kasan_bitops_generic+0x92/0x1c0 [ 15.134229] kunit_try_run_case+0x1a5/0x480 [ 15.134440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.134660] kthread+0x337/0x6f0 [ 15.134812] ret_from_fork+0x116/0x1d0 [ 15.134952] ret_from_fork_asm+0x1a/0x30 [ 15.135091] [ 15.135160] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.135160] which belongs to the cache kmalloc-16 of size 16 [ 15.135780] The buggy address is located 8 bytes inside of [ 15.135780] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.136364] [ 15.136464] The buggy address belongs to the physical page: [ 15.136716] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.137071] flags: 0x200000000000000(node=0|zone=2) [ 15.137313] page_type: f5(slab) [ 15.137460] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.137763] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.138061] page dumped because: kasan: bad access detected [ 15.138232] [ 15.138309] Memory state around the buggy address: [ 15.138533] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.138851] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.139099] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.139405] ^ [ 15.139620] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.139933] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.140520] ================================================================== [ 15.159604] ================================================================== [ 15.159908] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.160305] Write of size 8 at addr ffff888101c9b4a8 by task kunit_try_catch/278 [ 15.160795] [ 15.160890] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.160931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.160944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.160964] Call Trace: [ 15.160979] <TASK> [ 15.160993] dump_stack_lvl+0x73/0xb0 [ 15.161020] print_report+0xd1/0x610 [ 15.161042] ? __virt_addr_valid+0x1db/0x2d0 [ 15.161064] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.161091] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.161114] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.161141] kasan_report+0x141/0x180 [ 15.161163] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.161194] kasan_check_range+0x10c/0x1c0 [ 15.161218] __kasan_check_write+0x18/0x20 [ 15.161237] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.161340] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.161368] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.161406] ? trace_hardirqs_on+0x37/0xe0 [ 15.161428] ? kasan_bitops_generic+0x92/0x1c0 [ 15.161456] kasan_bitops_generic+0x116/0x1c0 [ 15.161481] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.161506] ? __pfx_read_tsc+0x10/0x10 [ 15.161527] ? ktime_get_ts64+0x86/0x230 [ 15.161550] kunit_try_run_case+0x1a5/0x480 [ 15.161574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.161597] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.161621] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.161645] ? __kthread_parkme+0x82/0x180 [ 15.161665] ? preempt_count_sub+0x50/0x80 [ 15.161688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.161713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.161738] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.161763] kthread+0x337/0x6f0 [ 15.161782] ? trace_preempt_on+0x20/0xc0 [ 15.161804] ? __pfx_kthread+0x10/0x10 [ 15.161824] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.161846] ? calculate_sigpending+0x7b/0xa0 [ 15.161870] ? __pfx_kthread+0x10/0x10 [ 15.161891] ret_from_fork+0x116/0x1d0 [ 15.161909] ? __pfx_kthread+0x10/0x10 [ 15.161930] ret_from_fork_asm+0x1a/0x30 [ 15.161961] </TASK> [ 15.161970] [ 15.169894] Allocated by task 278: [ 15.170166] kasan_save_stack+0x45/0x70 [ 15.170423] kasan_save_track+0x18/0x40 [ 15.170618] kasan_save_alloc_info+0x3b/0x50 [ 15.170834] __kasan_kmalloc+0xb7/0xc0 [ 15.170974] __kmalloc_cache_noprof+0x189/0x420 [ 15.171254] kasan_bitops_generic+0x92/0x1c0 [ 15.171447] kunit_try_run_case+0x1a5/0x480 [ 15.171642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.171862] kthread+0x337/0x6f0 [ 15.172093] ret_from_fork+0x116/0x1d0 [ 15.172273] ret_from_fork_asm+0x1a/0x30 [ 15.172458] [ 15.172529] The buggy address belongs to the object at ffff888101c9b4a0 [ 15.172529] which belongs to the cache kmalloc-16 of size 16 [ 15.173022] The buggy address is located 8 bytes inside of [ 15.173022] allocated 9-byte region [ffff888101c9b4a0, ffff888101c9b4a9) [ 15.173561] [ 15.173633] The buggy address belongs to the physical page: [ 15.173806] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c9b [ 15.174235] flags: 0x200000000000000(node=0|zone=2) [ 15.174497] page_type: f5(slab) [ 15.174663] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.174947] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.175172] page dumped because: kasan: bad access detected [ 15.175433] [ 15.175524] Memory state around the buggy address: [ 15.175752] ffff888101c9b380: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 15.176068] ffff888101c9b400: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 15.176456] >ffff888101c9b480: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.176703] ^ [ 15.176921] ffff888101c9b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.177254] ffff888101c9b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.177542] ==================================================================