Date
July 8, 2025, 11:09 p.m.
| Environment | |
|---|---|
| qemu-x86_64 |
[ 14.622078] ================================================================== [ 14.622401] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.622872] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.623118] [ 14.623356] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.623405] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.623417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.623438] Call Trace: [ 14.623458] <TASK> [ 14.623475] dump_stack_lvl+0x73/0xb0 [ 14.623507] print_report+0xd1/0x650 [ 14.623530] ? __virt_addr_valid+0x1db/0x2d0 [ 14.623552] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.623588] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.623626] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.623653] kasan_report+0x141/0x180 [ 14.623675] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.623707] kasan_check_range+0x10c/0x1c0 [ 14.623730] __kasan_check_write+0x18/0x20 [ 14.623750] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.623777] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.623805] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.623830] ? trace_hardirqs_on+0x37/0xe0 [ 14.623853] ? kasan_bitops_generic+0x92/0x1c0 [ 14.623881] kasan_bitops_generic+0x116/0x1c0 [ 14.623905] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.623929] ? trace_hardirqs_on+0x37/0xe0 [ 14.623951] ? __pfx_read_tsc+0x10/0x10 [ 14.623972] ? ktime_get_ts64+0x86/0x230 [ 14.623995] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.624024] kunit_try_run_case+0x1a5/0x480 [ 14.624049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.624074] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.624100] ? __kthread_parkme+0x82/0x180 [ 14.624120] ? preempt_count_sub+0x50/0x80 [ 14.624145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.624170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.624194] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.624219] kthread+0x337/0x6f0 [ 14.624238] ? trace_preempt_on+0x20/0xc0 [ 14.624260] ? __pfx_kthread+0x10/0x10 [ 14.624280] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.624302] ? calculate_sigpending+0x7b/0xa0 [ 14.624327] ? __pfx_kthread+0x10/0x10 [ 14.624348] ret_from_fork+0x116/0x1d0 [ 14.624366] ? __pfx_kthread+0x10/0x10 [ 14.624387] ret_from_fork_asm+0x1a/0x30 [ 14.624419] </TASK> [ 14.624428] [ 14.633612] Allocated by task 279: [ 14.633765] kasan_save_stack+0x45/0x70 [ 14.634037] kasan_save_track+0x18/0x40 [ 14.634333] kasan_save_alloc_info+0x3b/0x50 [ 14.634677] __kasan_kmalloc+0xb7/0xc0 [ 14.634863] __kmalloc_cache_noprof+0x189/0x420 [ 14.635020] kasan_bitops_generic+0x92/0x1c0 [ 14.635170] kunit_try_run_case+0x1a5/0x480 [ 14.635429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.635712] kthread+0x337/0x6f0 [ 14.635890] ret_from_fork+0x116/0x1d0 [ 14.636087] ret_from_fork_asm+0x1a/0x30 [ 14.636227] [ 14.636300] The buggy address belongs to the object at ffff8881026260e0 [ 14.636300] which belongs to the cache kmalloc-16 of size 16 [ 14.637086] The buggy address is located 8 bytes inside of [ 14.637086] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.638067] [ 14.638144] The buggy address belongs to the physical page: [ 14.638311] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.638762] flags: 0x200000000000000(node=0|zone=2) [ 14.639009] page_type: f5(slab) [ 14.639239] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.639568] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.639888] page dumped because: kasan: bad access detected [ 14.640215] [ 14.640317] Memory state around the buggy address: [ 14.640533] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.640884] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.641199] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.641483] ^ [ 14.641738] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.642121] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.642399] ================================================================== [ 14.578546] ================================================================== [ 14.578875] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.579410] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.579740] [ 14.579828] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.579869] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.579881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.579901] Call Trace: [ 14.579918] <TASK> [ 14.579932] dump_stack_lvl+0x73/0xb0 [ 14.579962] print_report+0xd1/0x650 [ 14.579984] ? __virt_addr_valid+0x1db/0x2d0 [ 14.580008] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.580035] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.580059] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.580086] kasan_report+0x141/0x180 [ 14.580108] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.580140] kasan_check_range+0x10c/0x1c0 [ 14.580164] __kasan_check_write+0x18/0x20 [ 14.580238] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.580267] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.580296] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.580321] ? trace_hardirqs_on+0x37/0xe0 [ 14.580343] ? kasan_bitops_generic+0x92/0x1c0 [ 14.580373] kasan_bitops_generic+0x116/0x1c0 [ 14.580397] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.580422] ? trace_hardirqs_on+0x37/0xe0 [ 14.580444] ? __pfx_read_tsc+0x10/0x10 [ 14.580465] ? ktime_get_ts64+0x86/0x230 [ 14.580489] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.580516] kunit_try_run_case+0x1a5/0x480 [ 14.580542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.580568] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.580593] ? __kthread_parkme+0x82/0x180 [ 14.580624] ? preempt_count_sub+0x50/0x80 [ 14.580649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.580682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.580708] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.580733] kthread+0x337/0x6f0 [ 14.580752] ? trace_preempt_on+0x20/0xc0 [ 14.580775] ? __pfx_kthread+0x10/0x10 [ 14.580796] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.580817] ? calculate_sigpending+0x7b/0xa0 [ 14.580842] ? __pfx_kthread+0x10/0x10 [ 14.580863] ret_from_fork+0x116/0x1d0 [ 14.580882] ? __pfx_kthread+0x10/0x10 [ 14.580902] ret_from_fork_asm+0x1a/0x30 [ 14.580969] </TASK> [ 14.580979] [ 14.591682] Allocated by task 279: [ 14.591846] kasan_save_stack+0x45/0x70 [ 14.592056] kasan_save_track+0x18/0x40 [ 14.592769] kasan_save_alloc_info+0x3b/0x50 [ 14.592938] __kasan_kmalloc+0xb7/0xc0 [ 14.593270] __kmalloc_cache_noprof+0x189/0x420 [ 14.593502] kasan_bitops_generic+0x92/0x1c0 [ 14.594105] kunit_try_run_case+0x1a5/0x480 [ 14.594313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.594774] kthread+0x337/0x6f0 [ 14.594940] ret_from_fork+0x116/0x1d0 [ 14.595219] ret_from_fork_asm+0x1a/0x30 [ 14.595406] [ 14.595492] The buggy address belongs to the object at ffff8881026260e0 [ 14.595492] which belongs to the cache kmalloc-16 of size 16 [ 14.596270] The buggy address is located 8 bytes inside of [ 14.596270] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.597015] [ 14.597110] The buggy address belongs to the physical page: [ 14.597343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.597668] flags: 0x200000000000000(node=0|zone=2) [ 14.597969] page_type: f5(slab) [ 14.598138] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.598426] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.598746] page dumped because: kasan: bad access detected [ 14.599002] [ 14.599084] Memory state around the buggy address: [ 14.599271] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.599594] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.599835] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.600152] ^ [ 14.600367] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.600699] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.601014] ================================================================== [ 14.537362] ================================================================== [ 14.537918] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.538411] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.538775] [ 14.538896] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.538944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.538956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.538978] Call Trace: [ 14.538991] <TASK> [ 14.539008] dump_stack_lvl+0x73/0xb0 [ 14.539042] print_report+0xd1/0x650 [ 14.539065] ? __virt_addr_valid+0x1db/0x2d0 [ 14.539090] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.539117] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.539141] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.539168] kasan_report+0x141/0x180 [ 14.539189] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.539221] kasan_check_range+0x10c/0x1c0 [ 14.539246] __kasan_check_write+0x18/0x20 [ 14.539266] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.539293] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.539322] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.539347] ? trace_hardirqs_on+0x37/0xe0 [ 14.539380] ? kasan_bitops_generic+0x92/0x1c0 [ 14.539420] kasan_bitops_generic+0x116/0x1c0 [ 14.539445] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.539469] ? trace_hardirqs_on+0x37/0xe0 [ 14.539491] ? __pfx_read_tsc+0x10/0x10 [ 14.539522] ? ktime_get_ts64+0x86/0x230 [ 14.539545] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.539574] kunit_try_run_case+0x1a5/0x480 [ 14.539610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.539635] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.539661] ? __kthread_parkme+0x82/0x180 [ 14.539683] ? preempt_count_sub+0x50/0x80 [ 14.539708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.539733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.539758] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.539784] kthread+0x337/0x6f0 [ 14.539802] ? trace_preempt_on+0x20/0xc0 [ 14.539824] ? __pfx_kthread+0x10/0x10 [ 14.539844] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.539866] ? calculate_sigpending+0x7b/0xa0 [ 14.539890] ? __pfx_kthread+0x10/0x10 [ 14.539911] ret_from_fork+0x116/0x1d0 [ 14.539930] ? __pfx_kthread+0x10/0x10 [ 14.539952] ret_from_fork_asm+0x1a/0x30 [ 14.540035] </TASK> [ 14.540046] [ 14.548344] Allocated by task 279: [ 14.548503] kasan_save_stack+0x45/0x70 [ 14.548704] kasan_save_track+0x18/0x40 [ 14.548858] kasan_save_alloc_info+0x3b/0x50 [ 14.549047] __kasan_kmalloc+0xb7/0xc0 [ 14.549231] __kmalloc_cache_noprof+0x189/0x420 [ 14.549434] kasan_bitops_generic+0x92/0x1c0 [ 14.549837] kunit_try_run_case+0x1a5/0x480 [ 14.550037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.550363] kthread+0x337/0x6f0 [ 14.550557] ret_from_fork+0x116/0x1d0 [ 14.550704] ret_from_fork_asm+0x1a/0x30 [ 14.550844] [ 14.550916] The buggy address belongs to the object at ffff8881026260e0 [ 14.550916] which belongs to the cache kmalloc-16 of size 16 [ 14.551305] The buggy address is located 8 bytes inside of [ 14.551305] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.552223] [ 14.552328] The buggy address belongs to the physical page: [ 14.552502] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.552757] flags: 0x200000000000000(node=0|zone=2) [ 14.552926] page_type: f5(slab) [ 14.553047] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.553392] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.554246] page dumped because: kasan: bad access detected [ 14.554539] [ 14.554649] Memory state around the buggy address: [ 14.554880] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.555179] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.555471] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.556125] ^ [ 14.556326] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.556742] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.557071] ================================================================== [ 14.642880] ================================================================== [ 14.643241] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.643776] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.644086] [ 14.644174] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.644218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.644230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.644252] Call Trace: [ 14.644270] <TASK> [ 14.644289] dump_stack_lvl+0x73/0xb0 [ 14.644319] print_report+0xd1/0x650 [ 14.644342] ? __virt_addr_valid+0x1db/0x2d0 [ 14.644366] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.644620] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.644649] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.644678] kasan_report+0x141/0x180 [ 14.644701] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.644734] kasan_check_range+0x10c/0x1c0 [ 14.644758] __kasan_check_write+0x18/0x20 [ 14.644778] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.644805] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.644834] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.644859] ? trace_hardirqs_on+0x37/0xe0 [ 14.644883] ? kasan_bitops_generic+0x92/0x1c0 [ 14.644910] kasan_bitops_generic+0x116/0x1c0 [ 14.644981] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.645005] ? trace_hardirqs_on+0x37/0xe0 [ 14.645027] ? __pfx_read_tsc+0x10/0x10 [ 14.645049] ? ktime_get_ts64+0x86/0x230 [ 14.645072] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.645099] kunit_try_run_case+0x1a5/0x480 [ 14.645124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.645149] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.645175] ? __kthread_parkme+0x82/0x180 [ 14.645196] ? preempt_count_sub+0x50/0x80 [ 14.645220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.645245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.645269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.645295] kthread+0x337/0x6f0 [ 14.645314] ? trace_preempt_on+0x20/0xc0 [ 14.645336] ? __pfx_kthread+0x10/0x10 [ 14.645356] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.645378] ? calculate_sigpending+0x7b/0xa0 [ 14.645402] ? __pfx_kthread+0x10/0x10 [ 14.645423] ret_from_fork+0x116/0x1d0 [ 14.645441] ? __pfx_kthread+0x10/0x10 [ 14.645462] ret_from_fork_asm+0x1a/0x30 [ 14.645494] </TASK> [ 14.645504] [ 14.657761] Allocated by task 279: [ 14.657971] kasan_save_stack+0x45/0x70 [ 14.658408] kasan_save_track+0x18/0x40 [ 14.658642] kasan_save_alloc_info+0x3b/0x50 [ 14.658836] __kasan_kmalloc+0xb7/0xc0 [ 14.659260] __kmalloc_cache_noprof+0x189/0x420 [ 14.659479] kasan_bitops_generic+0x92/0x1c0 [ 14.659856] kunit_try_run_case+0x1a5/0x480 [ 14.660396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.660676] kthread+0x337/0x6f0 [ 14.660849] ret_from_fork+0x116/0x1d0 [ 14.661139] ret_from_fork_asm+0x1a/0x30 [ 14.661330] [ 14.661430] The buggy address belongs to the object at ffff8881026260e0 [ 14.661430] which belongs to the cache kmalloc-16 of size 16 [ 14.661902] The buggy address is located 8 bytes inside of [ 14.661902] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.662357] [ 14.662450] The buggy address belongs to the physical page: [ 14.662792] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.663134] flags: 0x200000000000000(node=0|zone=2) [ 14.663377] page_type: f5(slab) [ 14.663549] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.663900] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.664285] page dumped because: kasan: bad access detected [ 14.664496] [ 14.664614] Memory state around the buggy address: [ 14.664796] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.665394] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.665748] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.666054] ^ [ 14.666459] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.666780] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.667234] ================================================================== [ 14.601501] ================================================================== [ 14.601842] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.602110] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.602767] [ 14.602863] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.602907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.602918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.602939] Call Trace: [ 14.602956] <TASK> [ 14.602971] dump_stack_lvl+0x73/0xb0 [ 14.603002] print_report+0xd1/0x650 [ 14.603026] ? __virt_addr_valid+0x1db/0x2d0 [ 14.603106] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.603133] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.603157] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.603184] kasan_report+0x141/0x180 [ 14.603206] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.603238] kasan_check_range+0x10c/0x1c0 [ 14.603262] __kasan_check_write+0x18/0x20 [ 14.603281] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.603308] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.603337] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.603362] ? trace_hardirqs_on+0x37/0xe0 [ 14.603384] ? kasan_bitops_generic+0x92/0x1c0 [ 14.603413] kasan_bitops_generic+0x116/0x1c0 [ 14.603438] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.603462] ? trace_hardirqs_on+0x37/0xe0 [ 14.603485] ? __pfx_read_tsc+0x10/0x10 [ 14.603517] ? ktime_get_ts64+0x86/0x230 [ 14.603539] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.603567] kunit_try_run_case+0x1a5/0x480 [ 14.603591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.603628] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.603655] ? __kthread_parkme+0x82/0x180 [ 14.603675] ? preempt_count_sub+0x50/0x80 [ 14.603700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.603725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.603750] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.603776] kthread+0x337/0x6f0 [ 14.603794] ? trace_preempt_on+0x20/0xc0 [ 14.603817] ? __pfx_kthread+0x10/0x10 [ 14.603838] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.603860] ? calculate_sigpending+0x7b/0xa0 [ 14.603885] ? __pfx_kthread+0x10/0x10 [ 14.603906] ret_from_fork+0x116/0x1d0 [ 14.603924] ? __pfx_kthread+0x10/0x10 [ 14.603988] ret_from_fork_asm+0x1a/0x30 [ 14.604021] </TASK> [ 14.604030] [ 14.612870] Allocated by task 279: [ 14.613027] kasan_save_stack+0x45/0x70 [ 14.613520] kasan_save_track+0x18/0x40 [ 14.613784] kasan_save_alloc_info+0x3b/0x50 [ 14.613974] __kasan_kmalloc+0xb7/0xc0 [ 14.614107] __kmalloc_cache_noprof+0x189/0x420 [ 14.614294] kasan_bitops_generic+0x92/0x1c0 [ 14.614552] kunit_try_run_case+0x1a5/0x480 [ 14.614743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.614919] kthread+0x337/0x6f0 [ 14.615294] ret_from_fork+0x116/0x1d0 [ 14.615493] ret_from_fork_asm+0x1a/0x30 [ 14.615703] [ 14.615791] The buggy address belongs to the object at ffff8881026260e0 [ 14.615791] which belongs to the cache kmalloc-16 of size 16 [ 14.616341] The buggy address is located 8 bytes inside of [ 14.616341] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.616877] [ 14.616950] The buggy address belongs to the physical page: [ 14.617174] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.617637] flags: 0x200000000000000(node=0|zone=2) [ 14.617928] page_type: f5(slab) [ 14.618130] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.618361] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.618583] page dumped because: kasan: bad access detected [ 14.618845] [ 14.618938] Memory state around the buggy address: [ 14.619161] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.619465] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.619975] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.620301] ^ [ 14.620502] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.620891] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.621457] ================================================================== [ 14.557622] ================================================================== [ 14.557990] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.558269] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.558706] [ 14.558816] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.558857] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.558868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.558888] Call Trace: [ 14.558904] <TASK> [ 14.558919] dump_stack_lvl+0x73/0xb0 [ 14.558947] print_report+0xd1/0x650 [ 14.558969] ? __virt_addr_valid+0x1db/0x2d0 [ 14.558992] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.559019] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.559043] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.559070] kasan_report+0x141/0x180 [ 14.559092] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.559124] kasan_check_range+0x10c/0x1c0 [ 14.559148] __kasan_check_write+0x18/0x20 [ 14.559167] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.559194] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.559223] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.559246] ? trace_hardirqs_on+0x37/0xe0 [ 14.559268] ? kasan_bitops_generic+0x92/0x1c0 [ 14.559297] kasan_bitops_generic+0x116/0x1c0 [ 14.559321] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.559345] ? trace_hardirqs_on+0x37/0xe0 [ 14.559367] ? __pfx_read_tsc+0x10/0x10 [ 14.559387] ? ktime_get_ts64+0x86/0x230 [ 14.559409] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.559438] kunit_try_run_case+0x1a5/0x480 [ 14.559461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.559487] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.559564] ? __kthread_parkme+0x82/0x180 [ 14.559587] ? preempt_count_sub+0x50/0x80 [ 14.559624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.559649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.559674] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.559701] kthread+0x337/0x6f0 [ 14.559720] ? trace_preempt_on+0x20/0xc0 [ 14.559742] ? __pfx_kthread+0x10/0x10 [ 14.559763] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.559785] ? calculate_sigpending+0x7b/0xa0 [ 14.559810] ? __pfx_kthread+0x10/0x10 [ 14.559832] ret_from_fork+0x116/0x1d0 [ 14.559850] ? __pfx_kthread+0x10/0x10 [ 14.559870] ret_from_fork_asm+0x1a/0x30 [ 14.559901] </TASK> [ 14.559911] [ 14.569651] Allocated by task 279: [ 14.569862] kasan_save_stack+0x45/0x70 [ 14.570285] kasan_save_track+0x18/0x40 [ 14.570488] kasan_save_alloc_info+0x3b/0x50 [ 14.570716] __kasan_kmalloc+0xb7/0xc0 [ 14.570911] __kmalloc_cache_noprof+0x189/0x420 [ 14.571116] kasan_bitops_generic+0x92/0x1c0 [ 14.571292] kunit_try_run_case+0x1a5/0x480 [ 14.571450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.571941] kthread+0x337/0x6f0 [ 14.572179] ret_from_fork+0x116/0x1d0 [ 14.572350] ret_from_fork_asm+0x1a/0x30 [ 14.572517] [ 14.572629] The buggy address belongs to the object at ffff8881026260e0 [ 14.572629] which belongs to the cache kmalloc-16 of size 16 [ 14.573163] The buggy address is located 8 bytes inside of [ 14.573163] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.573680] [ 14.573778] The buggy address belongs to the physical page: [ 14.574055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.574378] flags: 0x200000000000000(node=0|zone=2) [ 14.574614] page_type: f5(slab) [ 14.574735] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.574982] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.575375] page dumped because: kasan: bad access detected [ 14.575655] [ 14.575751] Memory state around the buggy address: [ 14.575930] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.576143] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.576462] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.576985] ^ [ 14.577259] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.577524] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.577809] ================================================================== [ 14.667826] ================================================================== [ 14.668196] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.668581] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.668891] [ 14.669015] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.669062] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.669074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.669096] Call Trace: [ 14.669169] <TASK> [ 14.669187] dump_stack_lvl+0x73/0xb0 [ 14.669219] print_report+0xd1/0x650 [ 14.669241] ? __virt_addr_valid+0x1db/0x2d0 [ 14.669265] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.669290] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.669314] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.669341] kasan_report+0x141/0x180 [ 14.669363] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.669395] kasan_check_range+0x10c/0x1c0 [ 14.669418] __kasan_check_write+0x18/0x20 [ 14.669437] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.669464] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.669492] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.669517] ? trace_hardirqs_on+0x37/0xe0 [ 14.669548] ? kasan_bitops_generic+0x92/0x1c0 [ 14.669576] kasan_bitops_generic+0x116/0x1c0 [ 14.669612] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.669636] ? trace_hardirqs_on+0x37/0xe0 [ 14.669659] ? __pfx_read_tsc+0x10/0x10 [ 14.669680] ? ktime_get_ts64+0x86/0x230 [ 14.669728] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.669758] kunit_try_run_case+0x1a5/0x480 [ 14.669782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.669807] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.669834] ? __kthread_parkme+0x82/0x180 [ 14.669855] ? preempt_count_sub+0x50/0x80 [ 14.669880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.669905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.669967] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.669996] kthread+0x337/0x6f0 [ 14.670014] ? trace_preempt_on+0x20/0xc0 [ 14.670037] ? __pfx_kthread+0x10/0x10 [ 14.670057] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.670079] ? calculate_sigpending+0x7b/0xa0 [ 14.670103] ? __pfx_kthread+0x10/0x10 [ 14.670125] ret_from_fork+0x116/0x1d0 [ 14.670143] ? __pfx_kthread+0x10/0x10 [ 14.670163] ret_from_fork_asm+0x1a/0x30 [ 14.670195] </TASK> [ 14.670205] [ 14.678848] Allocated by task 279: [ 14.679029] kasan_save_stack+0x45/0x70 [ 14.679179] kasan_save_track+0x18/0x40 [ 14.679314] kasan_save_alloc_info+0x3b/0x50 [ 14.679529] __kasan_kmalloc+0xb7/0xc0 [ 14.679803] __kmalloc_cache_noprof+0x189/0x420 [ 14.680104] kasan_bitops_generic+0x92/0x1c0 [ 14.680328] kunit_try_run_case+0x1a5/0x480 [ 14.680571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.680796] kthread+0x337/0x6f0 [ 14.681141] ret_from_fork+0x116/0x1d0 [ 14.681345] ret_from_fork_asm+0x1a/0x30 [ 14.681571] [ 14.681679] The buggy address belongs to the object at ffff8881026260e0 [ 14.681679] which belongs to the cache kmalloc-16 of size 16 [ 14.682289] The buggy address is located 8 bytes inside of [ 14.682289] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.682707] [ 14.682805] The buggy address belongs to the physical page: [ 14.683133] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.683490] flags: 0x200000000000000(node=0|zone=2) [ 14.683752] page_type: f5(slab) [ 14.683981] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.684298] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.684621] page dumped because: kasan: bad access detected [ 14.684855] [ 14.684996] Memory state around the buggy address: [ 14.685201] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.685445] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.685745] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.686268] ^ [ 14.686498] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.686833] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.687217] ================================================================== [ 14.689202] ================================================================== [ 14.689926] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.691204] Write of size 8 at addr ffff8881026260e8 by task kunit_try_catch/279 [ 14.691654] [ 14.691886] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.691954] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.691966] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.691988] Call Trace: [ 14.692004] <TASK> [ 14.692020] dump_stack_lvl+0x73/0xb0 [ 14.692055] print_report+0xd1/0x650 [ 14.692077] ? __virt_addr_valid+0x1db/0x2d0 [ 14.692101] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.692127] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.692150] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.692178] kasan_report+0x141/0x180 [ 14.692201] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.692232] kasan_check_range+0x10c/0x1c0 [ 14.692255] __kasan_check_write+0x18/0x20 [ 14.692275] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.692301] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.692329] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.692354] ? trace_hardirqs_on+0x37/0xe0 [ 14.692377] ? kasan_bitops_generic+0x92/0x1c0 [ 14.692405] kasan_bitops_generic+0x116/0x1c0 [ 14.692429] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.692452] ? trace_hardirqs_on+0x37/0xe0 [ 14.692473] ? __pfx_read_tsc+0x10/0x10 [ 14.692496] ? ktime_get_ts64+0x86/0x230 [ 14.692597] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.692639] kunit_try_run_case+0x1a5/0x480 [ 14.692663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.692689] ? queued_spin_lock_slowpath+0x116/0xb40 [ 14.692714] ? __kthread_parkme+0x82/0x180 [ 14.692735] ? preempt_count_sub+0x50/0x80 [ 14.692759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.692783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.692808] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.692833] kthread+0x337/0x6f0 [ 14.692853] ? trace_preempt_on+0x20/0xc0 [ 14.692875] ? __pfx_kthread+0x10/0x10 [ 14.692895] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.692916] ? calculate_sigpending+0x7b/0xa0 [ 14.692941] ? __pfx_kthread+0x10/0x10 [ 14.692962] ret_from_fork+0x116/0x1d0 [ 14.692981] ? __pfx_kthread+0x10/0x10 [ 14.693002] ret_from_fork_asm+0x1a/0x30 [ 14.693033] </TASK> [ 14.693043] [ 14.703246] Allocated by task 279: [ 14.703379] kasan_save_stack+0x45/0x70 [ 14.703696] kasan_save_track+0x18/0x40 [ 14.703909] kasan_save_alloc_info+0x3b/0x50 [ 14.704122] __kasan_kmalloc+0xb7/0xc0 [ 14.704319] __kmalloc_cache_noprof+0x189/0x420 [ 14.704566] kasan_bitops_generic+0x92/0x1c0 [ 14.704796] kunit_try_run_case+0x1a5/0x480 [ 14.705004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.705431] kthread+0x337/0x6f0 [ 14.705548] ret_from_fork+0x116/0x1d0 [ 14.705684] ret_from_fork_asm+0x1a/0x30 [ 14.705821] [ 14.705958] The buggy address belongs to the object at ffff8881026260e0 [ 14.705958] which belongs to the cache kmalloc-16 of size 16 [ 14.706511] The buggy address is located 8 bytes inside of [ 14.706511] allocated 9-byte region [ffff8881026260e0, ffff8881026260e9) [ 14.706986] [ 14.707056] The buggy address belongs to the physical page: [ 14.707341] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 14.707936] flags: 0x200000000000000(node=0|zone=2) [ 14.708175] page_type: f5(slab) [ 14.708316] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.708538] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.708773] page dumped because: kasan: bad access detected [ 14.709123] [ 14.709238] Memory state around the buggy address: [ 14.709459] ffff888102625f80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.709799] ffff888102626000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.710112] >ffff888102626080: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.710422] ^ [ 14.710661] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.711003] ffff888102626180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.711274] ==================================================================