Date
July 9, 2025, 11:07 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 18.887407] ================================================================== [ 18.887538] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 18.887655] Write of size 8 at addr fff00000c4352f48 by task kunit_try_catch/261 [ 18.887787] [ 18.887830] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.887919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.888281] Hardware name: linux,dummy-virt (DT) [ 18.888352] Call trace: [ 18.888665] show_stack+0x20/0x38 (C) [ 18.888788] dump_stack_lvl+0x8c/0xd0 [ 18.888876] print_report+0x118/0x608 [ 18.889062] kasan_report+0xdc/0x128 [ 18.889132] kasan_check_range+0x100/0x1a8 [ 18.889186] __kasan_check_write+0x20/0x30 [ 18.889581] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 18.889924] kasan_bitops_generic+0x110/0x1c8 [ 18.890086] kunit_try_run_case+0x170/0x3f0 [ 18.890436] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.890607] kthread+0x328/0x630 [ 18.890819] ret_from_fork+0x10/0x20 [ 18.891086] [ 18.891157] Allocated by task 261: [ 18.891222] kasan_save_stack+0x3c/0x68 [ 18.891309] kasan_save_track+0x20/0x40 [ 18.891512] kasan_save_alloc_info+0x40/0x58 [ 18.891753] __kasan_kmalloc+0xd4/0xd8 [ 18.891963] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.892032] kasan_bitops_generic+0xa0/0x1c8 [ 18.892073] kunit_try_run_case+0x170/0x3f0 [ 18.892126] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.892173] kthread+0x328/0x630 [ 18.892430] ret_from_fork+0x10/0x20 [ 18.892567] [ 18.892592] The buggy address belongs to the object at fff00000c4352f40 [ 18.892592] which belongs to the cache kmalloc-16 of size 16 [ 18.892919] The buggy address is located 8 bytes inside of [ 18.892919] allocated 9-byte region [fff00000c4352f40, fff00000c4352f49) [ 18.893154] [ 18.893348] The buggy address belongs to the physical page: [ 18.893442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104352 [ 18.893767] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.894175] page_type: f5(slab) [ 18.894290] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.894480] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.894579] page dumped because: kasan: bad access detected [ 18.894615] [ 18.894702] Memory state around the buggy address: [ 18.895096] fff00000c4352e00: 00 03 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 18.895216] fff00000c4352e80: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.895264] >fff00000c4352f00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 18.895305] ^ [ 18.895374] fff00000c4352f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.895421] fff00000c4353000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.895464] ================================================================== [ 18.905141] ================================================================== [ 18.905370] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 18.905438] Write of size 8 at addr fff00000c4352f48 by task kunit_try_catch/261 [ 18.905491] [ 18.905532] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.906834] __kasan_check_write+0x20/0x30 [ 18.909682] The buggy address is located 8 bytes inside of [ 18.909682] allocated 9-byte region [fff00000c4352f40, fff00000c4352f49) [ 18.912334] fff00000c4353000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.914691] Call trace: [ 18.916060] kasan_bitops_generic+0x110/0x1c8 [ 18.918424] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.918913] ^ [ 18.920561] Write of size 8 at addr fff00000c4352f48 by task kunit_try_catch/261 [ 18.922556] kasan_check_range+0x100/0x1a8 [ 18.923504] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.926244] The buggy address is located 8 bytes inside of [ 18.926244] allocated 9-byte region [fff00000c4352f40, fff00000c4352f49) [ 18.928041] >fff00000c4352f00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 18.930491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.931484] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 18.934336] The buggy address belongs to the object at fff00000c4352f40 [ 18.934336] which belongs to the cache kmalloc-16 of size 16 [ 18.936622] fff00000c4352f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.938430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.942013] kasan_save_stack+0x3c/0x68 [ 18.943417] [ 18.943554] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.945133] fff00000c4352e80: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.947392] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 18.948556] print_report+0x118/0x608 [ 18.949503] kasan_bitops_generic+0x110/0x1c8 [ 18.953455] The buggy address is located 8 bytes inside of [ 18.953455] allocated 9-byte region [fff00000c4352f40, fff00000c4352f49) [ 18.955219] fff00000c4352e80: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.955265] >fff00000c4352f00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 18.955304] ^ [ 18.955428] ================================================================== [ 18.897486] ================================================================== [ 18.897984] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 18.898086] Read of size 8 at addr fff00000c4352f48 by task kunit_try_catch/261 [ 18.898422] [ 18.898595] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 18.898692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.898874] Hardware name: linux,dummy-virt (DT) [ 18.898969] Call trace: [ 18.898994] show_stack+0x20/0x38 (C) [ 18.899151] dump_stack_lvl+0x8c/0xd0 [ 18.899342] print_report+0x118/0x608 [ 18.899408] kasan_report+0xdc/0x128 [ 18.899574] __asan_report_load8_noabort+0x20/0x30 [ 18.899761] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 18.900061] kasan_bitops_generic+0x110/0x1c8 [ 18.900238] kunit_try_run_case+0x170/0x3f0 [ 18.900392] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.900815] kthread+0x328/0x630 [ 18.900896] ret_from_fork+0x10/0x20 [ 18.901207] [ 18.901279] Allocated by task 261: [ 18.901319] kasan_save_stack+0x3c/0x68 [ 18.901544] kasan_save_track+0x20/0x40 [ 18.901787] kasan_save_alloc_info+0x40/0x58 [ 18.901916] __kasan_kmalloc+0xd4/0xd8 [ 18.902035] __kmalloc_cache_noprof+0x16c/0x3c0 [ 18.902077] kasan_bitops_generic+0xa0/0x1c8 [ 18.902127] kunit_try_run_case+0x170/0x3f0 [ 18.902169] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 18.902222] kthread+0x328/0x630 [ 18.902259] ret_from_fork+0x10/0x20 [ 18.902297] [ 18.902319] The buggy address belongs to the object at fff00000c4352f40 [ 18.902319] which belongs to the cache kmalloc-16 of size 16 [ 18.902391] The buggy address is located 8 bytes inside of [ 18.902391] allocated 9-byte region [fff00000c4352f40, fff00000c4352f49) [ 18.902454] [ 18.902484] The buggy address belongs to the physical page: [ 18.902535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104352 [ 18.902610] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 18.902662] page_type: f5(slab) [ 18.902702] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 18.902754] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.902796] page dumped because: kasan: bad access detected [ 18.902839] [ 18.902869] Memory state around the buggy address: [ 18.902903] fff00000c4352e00: 00 03 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 18.902960] fff00000c4352e80: 00 01 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.903013] >fff00000c4352f00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 18.903064] ^ [ 18.903111] fff00000c4352f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.903165] fff00000c4353000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.903220] ==================================================================
[ 14.605854] ================================================================== [ 14.606351] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.606683] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.606993] [ 14.607100] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.607142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.607154] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.607173] Call Trace: [ 14.607186] <TASK> [ 14.607199] dump_stack_lvl+0x73/0xb0 [ 14.607228] print_report+0xd1/0x650 [ 14.607250] ? __virt_addr_valid+0x1db/0x2d0 [ 14.607273] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.607313] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.607337] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.607363] kasan_report+0x141/0x180 [ 14.607386] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.607427] kasan_check_range+0x10c/0x1c0 [ 14.607451] __kasan_check_write+0x18/0x20 [ 14.607556] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.607599] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.607628] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.607652] ? trace_hardirqs_on+0x37/0xe0 [ 14.607687] ? kasan_bitops_generic+0x92/0x1c0 [ 14.607725] kasan_bitops_generic+0x116/0x1c0 [ 14.607749] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.607783] ? __pfx_read_tsc+0x10/0x10 [ 14.607804] ? ktime_get_ts64+0x86/0x230 [ 14.607827] kunit_try_run_case+0x1a5/0x480 [ 14.607861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.607884] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.607909] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.607934] ? __kthread_parkme+0x82/0x180 [ 14.607954] ? preempt_count_sub+0x50/0x80 [ 14.607978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.608002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.608027] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.608069] kthread+0x337/0x6f0 [ 14.608087] ? trace_preempt_on+0x20/0xc0 [ 14.608110] ? __pfx_kthread+0x10/0x10 [ 14.608131] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.608152] ? calculate_sigpending+0x7b/0xa0 [ 14.608177] ? __pfx_kthread+0x10/0x10 [ 14.608246] ret_from_fork+0x116/0x1d0 [ 14.608268] ? __pfx_kthread+0x10/0x10 [ 14.608311] ret_from_fork_asm+0x1a/0x30 [ 14.608351] </TASK> [ 14.608362] [ 14.617218] Allocated by task 278: [ 14.617442] kasan_save_stack+0x45/0x70 [ 14.617605] kasan_save_track+0x18/0x40 [ 14.617828] kasan_save_alloc_info+0x3b/0x50 [ 14.618023] __kasan_kmalloc+0xb7/0xc0 [ 14.618290] __kmalloc_cache_noprof+0x189/0x420 [ 14.618527] kasan_bitops_generic+0x92/0x1c0 [ 14.618725] kunit_try_run_case+0x1a5/0x480 [ 14.618903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.619350] kthread+0x337/0x6f0 [ 14.619532] ret_from_fork+0x116/0x1d0 [ 14.619663] ret_from_fork_asm+0x1a/0x30 [ 14.619812] [ 14.619881] The buggy address belongs to the object at ffff88810226cfe0 [ 14.619881] which belongs to the cache kmalloc-16 of size 16 [ 14.620629] The buggy address is located 8 bytes inside of [ 14.620629] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.621301] [ 14.621376] The buggy address belongs to the physical page: [ 14.621546] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.621838] flags: 0x200000000000000(node=0|zone=2) [ 14.622069] page_type: f5(slab) [ 14.622267] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.622738] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.623449] page dumped because: kasan: bad access detected [ 14.623680] [ 14.623798] Memory state around the buggy address: [ 14.623998] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.624435] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.624655] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.624967] ^ [ 14.625261] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.625826] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.626072] ================================================================== [ 14.626689] ================================================================== [ 14.627265] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.627727] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.628188] [ 14.628305] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.628358] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.628369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.628422] Call Trace: [ 14.628437] <TASK> [ 14.628450] dump_stack_lvl+0x73/0xb0 [ 14.628491] print_report+0xd1/0x650 [ 14.628513] ? __virt_addr_valid+0x1db/0x2d0 [ 14.628536] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.628563] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.628586] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.628613] kasan_report+0x141/0x180 [ 14.628635] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.628666] kasan_check_range+0x10c/0x1c0 [ 14.628690] __kasan_check_write+0x18/0x20 [ 14.628718] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.628745] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.628773] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.628797] ? trace_hardirqs_on+0x37/0xe0 [ 14.628820] ? kasan_bitops_generic+0x92/0x1c0 [ 14.628848] kasan_bitops_generic+0x116/0x1c0 [ 14.628904] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.628942] ? __pfx_read_tsc+0x10/0x10 [ 14.628974] ? ktime_get_ts64+0x86/0x230 [ 14.629044] kunit_try_run_case+0x1a5/0x480 [ 14.629068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.629143] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.629169] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.629231] ? __kthread_parkme+0x82/0x180 [ 14.629252] ? preempt_count_sub+0x50/0x80 [ 14.629286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.629311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.629335] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.629391] kthread+0x337/0x6f0 [ 14.629411] ? trace_preempt_on+0x20/0xc0 [ 14.629434] ? __pfx_kthread+0x10/0x10 [ 14.629466] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.629487] ? calculate_sigpending+0x7b/0xa0 [ 14.629512] ? __pfx_kthread+0x10/0x10 [ 14.629533] ret_from_fork+0x116/0x1d0 [ 14.629552] ? __pfx_kthread+0x10/0x10 [ 14.629573] ret_from_fork_asm+0x1a/0x30 [ 14.629604] </TASK> [ 14.629613] [ 14.638385] Allocated by task 278: [ 14.638569] kasan_save_stack+0x45/0x70 [ 14.638784] kasan_save_track+0x18/0x40 [ 14.639013] kasan_save_alloc_info+0x3b/0x50 [ 14.639301] __kasan_kmalloc+0xb7/0xc0 [ 14.639470] __kmalloc_cache_noprof+0x189/0x420 [ 14.639621] kasan_bitops_generic+0x92/0x1c0 [ 14.639777] kunit_try_run_case+0x1a5/0x480 [ 14.639928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.640533] kthread+0x337/0x6f0 [ 14.640747] ret_from_fork+0x116/0x1d0 [ 14.640940] ret_from_fork_asm+0x1a/0x30 [ 14.641165] [ 14.641370] The buggy address belongs to the object at ffff88810226cfe0 [ 14.641370] which belongs to the cache kmalloc-16 of size 16 [ 14.641836] The buggy address is located 8 bytes inside of [ 14.641836] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.642467] [ 14.642543] The buggy address belongs to the physical page: [ 14.642719] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.642955] flags: 0x200000000000000(node=0|zone=2) [ 14.643424] page_type: f5(slab) [ 14.643653] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.644008] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.644350] page dumped because: kasan: bad access detected [ 14.644700] [ 14.645028] Memory state around the buggy address: [ 14.645208] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.645426] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.645725] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.646250] ^ [ 14.646573] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.646901] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.647210] ================================================================== [ 14.647816] ================================================================== [ 14.648295] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.648684] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.649060] [ 14.649246] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.649318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.649330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.649350] Call Trace: [ 14.649363] <TASK> [ 14.649388] dump_stack_lvl+0x73/0xb0 [ 14.649416] print_report+0xd1/0x650 [ 14.649438] ? __virt_addr_valid+0x1db/0x2d0 [ 14.649461] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.649519] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.649542] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.649639] kasan_report+0x141/0x180 [ 14.649680] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.649722] kasan_check_range+0x10c/0x1c0 [ 14.649746] __kasan_check_write+0x18/0x20 [ 14.649766] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.649824] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.649853] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.649888] ? trace_hardirqs_on+0x37/0xe0 [ 14.649911] ? kasan_bitops_generic+0x92/0x1c0 [ 14.649939] kasan_bitops_generic+0x116/0x1c0 [ 14.649963] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.649988] ? __pfx_read_tsc+0x10/0x10 [ 14.650011] ? ktime_get_ts64+0x86/0x230 [ 14.650215] kunit_try_run_case+0x1a5/0x480 [ 14.650261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.650284] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.650311] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.650335] ? __kthread_parkme+0x82/0x180 [ 14.650356] ? preempt_count_sub+0x50/0x80 [ 14.650380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.650405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.650430] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.650455] kthread+0x337/0x6f0 [ 14.650474] ? trace_preempt_on+0x20/0xc0 [ 14.650496] ? __pfx_kthread+0x10/0x10 [ 14.650517] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.650538] ? calculate_sigpending+0x7b/0xa0 [ 14.650563] ? __pfx_kthread+0x10/0x10 [ 14.650584] ret_from_fork+0x116/0x1d0 [ 14.650603] ? __pfx_kthread+0x10/0x10 [ 14.650622] ret_from_fork_asm+0x1a/0x30 [ 14.650653] </TASK> [ 14.650663] [ 14.659690] Allocated by task 278: [ 14.659890] kasan_save_stack+0x45/0x70 [ 14.660096] kasan_save_track+0x18/0x40 [ 14.660329] kasan_save_alloc_info+0x3b/0x50 [ 14.660677] __kasan_kmalloc+0xb7/0xc0 [ 14.660832] __kmalloc_cache_noprof+0x189/0x420 [ 14.660986] kasan_bitops_generic+0x92/0x1c0 [ 14.661171] kunit_try_run_case+0x1a5/0x480 [ 14.661375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.661656] kthread+0x337/0x6f0 [ 14.661834] ret_from_fork+0x116/0x1d0 [ 14.662082] ret_from_fork_asm+0x1a/0x30 [ 14.662252] [ 14.662322] The buggy address belongs to the object at ffff88810226cfe0 [ 14.662322] which belongs to the cache kmalloc-16 of size 16 [ 14.662832] The buggy address is located 8 bytes inside of [ 14.662832] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.664013] [ 14.665065] The buggy address belongs to the physical page: [ 14.665966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.667372] flags: 0x200000000000000(node=0|zone=2) [ 14.668373] page_type: f5(slab) [ 14.668547] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.668797] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.669031] page dumped because: kasan: bad access detected [ 14.669202] [ 14.669273] Memory state around the buggy address: [ 14.669431] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.669646] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.672150] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.672835] ^ [ 14.673339] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.673758] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.674265] ================================================================== [ 14.695814] ================================================================== [ 14.696327] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.696651] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.696950] [ 14.697110] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.697160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.697172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.697192] Call Trace: [ 14.697205] <TASK> [ 14.697221] dump_stack_lvl+0x73/0xb0 [ 14.697249] print_report+0xd1/0x650 [ 14.697271] ? __virt_addr_valid+0x1db/0x2d0 [ 14.697294] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.697321] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.697345] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.697372] kasan_report+0x141/0x180 [ 14.697393] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.697425] kasan_check_range+0x10c/0x1c0 [ 14.697448] __kasan_check_write+0x18/0x20 [ 14.697469] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.697496] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.697524] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.697548] ? trace_hardirqs_on+0x37/0xe0 [ 14.697570] ? kasan_bitops_generic+0x92/0x1c0 [ 14.697598] kasan_bitops_generic+0x116/0x1c0 [ 14.697621] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.697647] ? __pfx_read_tsc+0x10/0x10 [ 14.697668] ? ktime_get_ts64+0x86/0x230 [ 14.697692] kunit_try_run_case+0x1a5/0x480 [ 14.697729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.697753] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.697777] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.697801] ? __kthread_parkme+0x82/0x180 [ 14.697821] ? preempt_count_sub+0x50/0x80 [ 14.697845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.697870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.697894] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.697919] kthread+0x337/0x6f0 [ 14.697938] ? trace_preempt_on+0x20/0xc0 [ 14.697960] ? __pfx_kthread+0x10/0x10 [ 14.697980] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.698002] ? calculate_sigpending+0x7b/0xa0 [ 14.698082] ? __pfx_kthread+0x10/0x10 [ 14.698107] ret_from_fork+0x116/0x1d0 [ 14.698125] ? __pfx_kthread+0x10/0x10 [ 14.698146] ret_from_fork_asm+0x1a/0x30 [ 14.698177] </TASK> [ 14.698187] [ 14.706615] Allocated by task 278: [ 14.706789] kasan_save_stack+0x45/0x70 [ 14.706981] kasan_save_track+0x18/0x40 [ 14.707418] kasan_save_alloc_info+0x3b/0x50 [ 14.707586] __kasan_kmalloc+0xb7/0xc0 [ 14.707774] __kmalloc_cache_noprof+0x189/0x420 [ 14.707998] kasan_bitops_generic+0x92/0x1c0 [ 14.708221] kunit_try_run_case+0x1a5/0x480 [ 14.708430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.708605] kthread+0x337/0x6f0 [ 14.708782] ret_from_fork+0x116/0x1d0 [ 14.708967] ret_from_fork_asm+0x1a/0x30 [ 14.709349] [ 14.709440] The buggy address belongs to the object at ffff88810226cfe0 [ 14.709440] which belongs to the cache kmalloc-16 of size 16 [ 14.709838] The buggy address is located 8 bytes inside of [ 14.709838] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.710187] [ 14.710265] The buggy address belongs to the physical page: [ 14.710516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.710968] flags: 0x200000000000000(node=0|zone=2) [ 14.711321] page_type: f5(slab) [ 14.711447] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.711677] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.711917] page dumped because: kasan: bad access detected [ 14.712327] [ 14.712425] Memory state around the buggy address: [ 14.712654] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.712996] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.713846] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.714221] ^ [ 14.714425] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.714738] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.715049] ================================================================== [ 14.715637] ================================================================== [ 14.715908] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.716679] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.717024] [ 14.717341] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.717384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.717396] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.717415] Call Trace: [ 14.717429] <TASK> [ 14.717441] dump_stack_lvl+0x73/0xb0 [ 14.717471] print_report+0xd1/0x650 [ 14.717492] ? __virt_addr_valid+0x1db/0x2d0 [ 14.717515] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.717542] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.717566] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.717594] kasan_report+0x141/0x180 [ 14.717616] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.717648] kasan_check_range+0x10c/0x1c0 [ 14.717671] __kasan_check_write+0x18/0x20 [ 14.717690] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.717732] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.717760] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.717786] ? trace_hardirqs_on+0x37/0xe0 [ 14.717807] ? kasan_bitops_generic+0x92/0x1c0 [ 14.717836] kasan_bitops_generic+0x116/0x1c0 [ 14.717860] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.717886] ? __pfx_read_tsc+0x10/0x10 [ 14.717906] ? ktime_get_ts64+0x86/0x230 [ 14.717930] kunit_try_run_case+0x1a5/0x480 [ 14.717955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.717978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.718002] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.718046] ? __kthread_parkme+0x82/0x180 [ 14.718067] ? preempt_count_sub+0x50/0x80 [ 14.718090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.718115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.718140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.718164] kthread+0x337/0x6f0 [ 14.718184] ? trace_preempt_on+0x20/0xc0 [ 14.718206] ? __pfx_kthread+0x10/0x10 [ 14.718226] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.718248] ? calculate_sigpending+0x7b/0xa0 [ 14.718272] ? __pfx_kthread+0x10/0x10 [ 14.718293] ret_from_fork+0x116/0x1d0 [ 14.718311] ? __pfx_kthread+0x10/0x10 [ 14.718332] ret_from_fork_asm+0x1a/0x30 [ 14.718363] </TASK> [ 14.718374] [ 14.726299] Allocated by task 278: [ 14.726434] kasan_save_stack+0x45/0x70 [ 14.726770] kasan_save_track+0x18/0x40 [ 14.726982] kasan_save_alloc_info+0x3b/0x50 [ 14.727500] __kasan_kmalloc+0xb7/0xc0 [ 14.727652] __kmalloc_cache_noprof+0x189/0x420 [ 14.727865] kasan_bitops_generic+0x92/0x1c0 [ 14.728015] kunit_try_run_case+0x1a5/0x480 [ 14.728282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.728538] kthread+0x337/0x6f0 [ 14.728713] ret_from_fork+0x116/0x1d0 [ 14.728881] ret_from_fork_asm+0x1a/0x30 [ 14.729133] [ 14.729210] The buggy address belongs to the object at ffff88810226cfe0 [ 14.729210] which belongs to the cache kmalloc-16 of size 16 [ 14.729561] The buggy address is located 8 bytes inside of [ 14.729561] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.730033] [ 14.730131] The buggy address belongs to the physical page: [ 14.730382] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.730766] flags: 0x200000000000000(node=0|zone=2) [ 14.730929] page_type: f5(slab) [ 14.731049] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.731387] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.731725] page dumped because: kasan: bad access detected [ 14.731985] [ 14.732124] Memory state around the buggy address: [ 14.732339] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.732593] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.732871] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.733458] ^ [ 14.733742] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.733984] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.734417] ================================================================== [ 14.674757] ================================================================== [ 14.675132] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.675648] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.676080] [ 14.676173] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.676216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.676228] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.676249] Call Trace: [ 14.676263] <TASK> [ 14.676277] dump_stack_lvl+0x73/0xb0 [ 14.676309] print_report+0xd1/0x650 [ 14.676337] ? __virt_addr_valid+0x1db/0x2d0 [ 14.676360] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.676386] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.676422] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.676460] kasan_report+0x141/0x180 [ 14.676482] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.676514] kasan_check_range+0x10c/0x1c0 [ 14.676611] __kasan_check_write+0x18/0x20 [ 14.676632] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.676661] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.676697] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.676734] ? trace_hardirqs_on+0x37/0xe0 [ 14.676757] ? kasan_bitops_generic+0x92/0x1c0 [ 14.676800] kasan_bitops_generic+0x116/0x1c0 [ 14.676824] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.676850] ? __pfx_read_tsc+0x10/0x10 [ 14.676871] ? ktime_get_ts64+0x86/0x230 [ 14.676895] kunit_try_run_case+0x1a5/0x480 [ 14.676918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.676941] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.676967] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.676991] ? __kthread_parkme+0x82/0x180 [ 14.677011] ? preempt_count_sub+0x50/0x80 [ 14.677035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.677129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.677155] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.677181] kthread+0x337/0x6f0 [ 14.677201] ? trace_preempt_on+0x20/0xc0 [ 14.677224] ? __pfx_kthread+0x10/0x10 [ 14.677245] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.677266] ? calculate_sigpending+0x7b/0xa0 [ 14.677291] ? __pfx_kthread+0x10/0x10 [ 14.677313] ret_from_fork+0x116/0x1d0 [ 14.677333] ? __pfx_kthread+0x10/0x10 [ 14.677353] ret_from_fork_asm+0x1a/0x30 [ 14.677384] </TASK> [ 14.677394] [ 14.686264] Allocated by task 278: [ 14.686438] kasan_save_stack+0x45/0x70 [ 14.686581] kasan_save_track+0x18/0x40 [ 14.686803] kasan_save_alloc_info+0x3b/0x50 [ 14.687020] __kasan_kmalloc+0xb7/0xc0 [ 14.687323] __kmalloc_cache_noprof+0x189/0x420 [ 14.687542] kasan_bitops_generic+0x92/0x1c0 [ 14.687784] kunit_try_run_case+0x1a5/0x480 [ 14.687980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.688445] kthread+0x337/0x6f0 [ 14.688664] ret_from_fork+0x116/0x1d0 [ 14.688870] ret_from_fork_asm+0x1a/0x30 [ 14.689160] [ 14.689255] The buggy address belongs to the object at ffff88810226cfe0 [ 14.689255] which belongs to the cache kmalloc-16 of size 16 [ 14.689780] The buggy address is located 8 bytes inside of [ 14.689780] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.690217] [ 14.690290] The buggy address belongs to the physical page: [ 14.690462] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.690963] flags: 0x200000000000000(node=0|zone=2) [ 14.691443] page_type: f5(slab) [ 14.691653] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.692009] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.692550] page dumped because: kasan: bad access detected [ 14.692771] [ 14.692842] Memory state around the buggy address: [ 14.692996] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.693301] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.693748] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.694199] ^ [ 14.694419] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.694739] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.695147] ================================================================== [ 14.557089] ================================================================== [ 14.558042] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.558728] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.558969] [ 14.559070] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.559116] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.559128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.559151] Call Trace: [ 14.559164] <TASK> [ 14.559181] dump_stack_lvl+0x73/0xb0 [ 14.559212] print_report+0xd1/0x650 [ 14.559234] ? __virt_addr_valid+0x1db/0x2d0 [ 14.559258] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.559285] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.559308] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.559335] kasan_report+0x141/0x180 [ 14.559357] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.559388] kasan_check_range+0x10c/0x1c0 [ 14.559411] __kasan_check_write+0x18/0x20 [ 14.559431] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.559457] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.559485] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.559509] ? trace_hardirqs_on+0x37/0xe0 [ 14.559534] ? kasan_bitops_generic+0x92/0x1c0 [ 14.559562] kasan_bitops_generic+0x116/0x1c0 [ 14.559586] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.559612] ? __pfx_read_tsc+0x10/0x10 [ 14.559634] ? ktime_get_ts64+0x86/0x230 [ 14.559659] kunit_try_run_case+0x1a5/0x480 [ 14.559685] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.559718] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.559743] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.559768] ? __kthread_parkme+0x82/0x180 [ 14.559788] ? preempt_count_sub+0x50/0x80 [ 14.559813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.559837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.559862] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.559888] kthread+0x337/0x6f0 [ 14.559906] ? trace_preempt_on+0x20/0xc0 [ 14.559928] ? __pfx_kthread+0x10/0x10 [ 14.559948] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.559969] ? calculate_sigpending+0x7b/0xa0 [ 14.559994] ? __pfx_kthread+0x10/0x10 [ 14.560014] ret_from_fork+0x116/0x1d0 [ 14.560034] ? __pfx_kthread+0x10/0x10 [ 14.560054] ret_from_fork_asm+0x1a/0x30 [ 14.560086] </TASK> [ 14.560097] [ 14.574508] Allocated by task 278: [ 14.574650] kasan_save_stack+0x45/0x70 [ 14.574814] kasan_save_track+0x18/0x40 [ 14.574953] kasan_save_alloc_info+0x3b/0x50 [ 14.575190] __kasan_kmalloc+0xb7/0xc0 [ 14.575323] __kmalloc_cache_noprof+0x189/0x420 [ 14.575592] kasan_bitops_generic+0x92/0x1c0 [ 14.575871] kunit_try_run_case+0x1a5/0x480 [ 14.576137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.576365] kthread+0x337/0x6f0 [ 14.576486] ret_from_fork+0x116/0x1d0 [ 14.576673] ret_from_fork_asm+0x1a/0x30 [ 14.576901] [ 14.577014] The buggy address belongs to the object at ffff88810226cfe0 [ 14.577014] which belongs to the cache kmalloc-16 of size 16 [ 14.577566] The buggy address is located 8 bytes inside of [ 14.577566] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.578376] [ 14.578543] The buggy address belongs to the physical page: [ 14.578813] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.579068] flags: 0x200000000000000(node=0|zone=2) [ 14.579299] page_type: f5(slab) [ 14.579613] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.579917] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.580530] page dumped because: kasan: bad access detected [ 14.580787] [ 14.580896] Memory state around the buggy address: [ 14.581069] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.581468] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.581805] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.582094] ^ [ 14.582404] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.582927] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.583300] ================================================================== [ 14.584176] ================================================================== [ 14.584699] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.585118] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.585518] [ 14.585926] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.585971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.585983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.586003] Call Trace: [ 14.586014] <TASK> [ 14.586029] dump_stack_lvl+0x73/0xb0 [ 14.586058] print_report+0xd1/0x650 [ 14.586080] ? __virt_addr_valid+0x1db/0x2d0 [ 14.586102] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.586129] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.586152] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.586179] kasan_report+0x141/0x180 [ 14.586201] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.586232] kasan_check_range+0x10c/0x1c0 [ 14.586256] __kasan_check_write+0x18/0x20 [ 14.586275] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.586302] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.586330] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.586353] ? trace_hardirqs_on+0x37/0xe0 [ 14.586377] ? kasan_bitops_generic+0x92/0x1c0 [ 14.586406] kasan_bitops_generic+0x116/0x1c0 [ 14.586544] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.586575] ? __pfx_read_tsc+0x10/0x10 [ 14.586596] ? ktime_get_ts64+0x86/0x230 [ 14.586620] kunit_try_run_case+0x1a5/0x480 [ 14.586644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.586667] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.586692] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.586726] ? __kthread_parkme+0x82/0x180 [ 14.586747] ? preempt_count_sub+0x50/0x80 [ 14.586772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.586806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.586831] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.586856] kthread+0x337/0x6f0 [ 14.586875] ? trace_preempt_on+0x20/0xc0 [ 14.586898] ? __pfx_kthread+0x10/0x10 [ 14.586919] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.586940] ? calculate_sigpending+0x7b/0xa0 [ 14.586964] ? __pfx_kthread+0x10/0x10 [ 14.586986] ret_from_fork+0x116/0x1d0 [ 14.587005] ? __pfx_kthread+0x10/0x10 [ 14.587073] ret_from_fork_asm+0x1a/0x30 [ 14.587107] </TASK> [ 14.587116] [ 14.596498] Allocated by task 278: [ 14.596679] kasan_save_stack+0x45/0x70 [ 14.596895] kasan_save_track+0x18/0x40 [ 14.597133] kasan_save_alloc_info+0x3b/0x50 [ 14.597299] __kasan_kmalloc+0xb7/0xc0 [ 14.597476] __kmalloc_cache_noprof+0x189/0x420 [ 14.597693] kasan_bitops_generic+0x92/0x1c0 [ 14.597853] kunit_try_run_case+0x1a5/0x480 [ 14.598057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.598444] kthread+0x337/0x6f0 [ 14.598618] ret_from_fork+0x116/0x1d0 [ 14.598819] ret_from_fork_asm+0x1a/0x30 [ 14.599073] [ 14.599161] The buggy address belongs to the object at ffff88810226cfe0 [ 14.599161] which belongs to the cache kmalloc-16 of size 16 [ 14.599510] The buggy address is located 8 bytes inside of [ 14.599510] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.600019] [ 14.600117] The buggy address belongs to the physical page: [ 14.600631] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.601127] flags: 0x200000000000000(node=0|zone=2) [ 14.601286] page_type: f5(slab) [ 14.601404] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.602072] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.602408] page dumped because: kasan: bad access detected [ 14.602812] [ 14.602911] Memory state around the buggy address: [ 14.603348] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.603571] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.603800] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.604266] ^ [ 14.604613] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.604956] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.605384] ==================================================================