Date
July 9, 2025, 11:07 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 19.040655] ================================================================== [ 19.040708] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa84/0xbc0 [ 19.041403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.041834] show_stack+0x20/0x38 (C) [ 19.043463] Allocated by task 261: [ 19.044165] kunit_try_run_case+0x170/0x3f0 [ 19.044631] The buggy address belongs to the physical page: [ 19.044744] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.044797] page_type: f5(slab) [ 19.044901] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.044978] [ 19.044997] Memory state around the buggy address: [ 19.045991] ^ [ 19.065560] ok 64 kasan_bitops_tags # SKIP Test requires CONFIG_KASAN_GENERIC=n [ 19.069391] Read of size 4 at addr fff00000c7692130 by task kunit_try_catch/265 [ 19.071211] kthread+0x328/0x630 [ 19.071798] __kasan_kmalloc+0xd4/0xd8 [ 19.073022] kthread+0x328/0x630 [ 19.073956] [ 19.073983] The buggy address belongs to the physical page: [ 19.074816] page_type: f5(slab) [ 19.074926] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 19.075674] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.075757] page dumped because: kasan: bad access detected [ 19.075881] [ 19.075906] Memory state around the buggy address: [ 19.075990] fff00000c7692080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.076137] ^ [ 19.076274] ==================================================================
[ 14.796193] ================================================================== [ 14.796939] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.797641] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.798252] [ 14.798505] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.798549] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.798562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.798581] Call Trace: [ 14.798595] <TASK> [ 14.798610] dump_stack_lvl+0x73/0xb0 [ 14.798764] print_report+0xd1/0x650 [ 14.798789] ? __virt_addr_valid+0x1db/0x2d0 [ 14.798813] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.798843] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.798867] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.798897] kasan_report+0x141/0x180 [ 14.798919] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.798953] kasan_check_range+0x10c/0x1c0 [ 14.798977] __kasan_check_write+0x18/0x20 [ 14.798996] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.799026] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.799064] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.799088] ? trace_hardirqs_on+0x37/0xe0 [ 14.799110] ? kasan_bitops_generic+0x92/0x1c0 [ 14.799137] kasan_bitops_generic+0x121/0x1c0 [ 14.799161] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.799186] ? __pfx_read_tsc+0x10/0x10 [ 14.799223] ? ktime_get_ts64+0x86/0x230 [ 14.799247] kunit_try_run_case+0x1a5/0x480 [ 14.799294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.799318] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.799343] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.799367] ? __kthread_parkme+0x82/0x180 [ 14.799388] ? preempt_count_sub+0x50/0x80 [ 14.799412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.799436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.799461] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.799487] kthread+0x337/0x6f0 [ 14.799506] ? trace_preempt_on+0x20/0xc0 [ 14.799529] ? __pfx_kthread+0x10/0x10 [ 14.799550] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.799571] ? calculate_sigpending+0x7b/0xa0 [ 14.799596] ? __pfx_kthread+0x10/0x10 [ 14.799617] ret_from_fork+0x116/0x1d0 [ 14.799635] ? __pfx_kthread+0x10/0x10 [ 14.799655] ret_from_fork_asm+0x1a/0x30 [ 14.799686] </TASK> [ 14.799697] [ 14.812854] Allocated by task 278: [ 14.813220] kasan_save_stack+0x45/0x70 [ 14.813507] kasan_save_track+0x18/0x40 [ 14.813786] kasan_save_alloc_info+0x3b/0x50 [ 14.814128] __kasan_kmalloc+0xb7/0xc0 [ 14.814503] __kmalloc_cache_noprof+0x189/0x420 [ 14.814689] kasan_bitops_generic+0x92/0x1c0 [ 14.815115] kunit_try_run_case+0x1a5/0x480 [ 14.815491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.815769] kthread+0x337/0x6f0 [ 14.815938] ret_from_fork+0x116/0x1d0 [ 14.816334] ret_from_fork_asm+0x1a/0x30 [ 14.816622] [ 14.816735] The buggy address belongs to the object at ffff88810226cfe0 [ 14.816735] which belongs to the cache kmalloc-16 of size 16 [ 14.817601] The buggy address is located 8 bytes inside of [ 14.817601] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.818475] [ 14.818687] The buggy address belongs to the physical page: [ 14.818987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.819590] flags: 0x200000000000000(node=0|zone=2) [ 14.820085] page_type: f5(slab) [ 14.820376] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.820864] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.821284] page dumped because: kasan: bad access detected [ 14.821685] [ 14.821968] Memory state around the buggy address: [ 14.822278] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.822622] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.822913] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.823523] ^ [ 14.823826] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.824294] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.824823] ================================================================== [ 14.825607] ================================================================== [ 14.825889] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.826693] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.827368] [ 14.827583] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.827630] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.827642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.827662] Call Trace: [ 14.827676] <TASK> [ 14.827691] dump_stack_lvl+0x73/0xb0 [ 14.827734] print_report+0xd1/0x650 [ 14.827756] ? __virt_addr_valid+0x1db/0x2d0 [ 14.827778] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.827893] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.827916] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.827946] kasan_report+0x141/0x180 [ 14.827968] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.828002] kasan_check_range+0x10c/0x1c0 [ 14.828048] __kasan_check_write+0x18/0x20 [ 14.828069] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.828110] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.828141] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.828167] ? trace_hardirqs_on+0x37/0xe0 [ 14.828190] ? kasan_bitops_generic+0x92/0x1c0 [ 14.828218] kasan_bitops_generic+0x121/0x1c0 [ 14.828241] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.828267] ? __pfx_read_tsc+0x10/0x10 [ 14.828287] ? ktime_get_ts64+0x86/0x230 [ 14.828311] kunit_try_run_case+0x1a5/0x480 [ 14.828341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.828364] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.828388] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.828412] ? __kthread_parkme+0x82/0x180 [ 14.828432] ? preempt_count_sub+0x50/0x80 [ 14.828456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.828480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.828504] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.828530] kthread+0x337/0x6f0 [ 14.828548] ? trace_preempt_on+0x20/0xc0 [ 14.828571] ? __pfx_kthread+0x10/0x10 [ 14.828591] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.828612] ? calculate_sigpending+0x7b/0xa0 [ 14.828636] ? __pfx_kthread+0x10/0x10 [ 14.828657] ret_from_fork+0x116/0x1d0 [ 14.828675] ? __pfx_kthread+0x10/0x10 [ 14.828695] ret_from_fork_asm+0x1a/0x30 [ 14.828738] </TASK> [ 14.828747] [ 14.840993] Allocated by task 278: [ 14.841182] kasan_save_stack+0x45/0x70 [ 14.841617] kasan_save_track+0x18/0x40 [ 14.841890] kasan_save_alloc_info+0x3b/0x50 [ 14.842070] __kasan_kmalloc+0xb7/0xc0 [ 14.842480] __kmalloc_cache_noprof+0x189/0x420 [ 14.842659] kasan_bitops_generic+0x92/0x1c0 [ 14.843026] kunit_try_run_case+0x1a5/0x480 [ 14.843262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.843611] kthread+0x337/0x6f0 [ 14.843894] ret_from_fork+0x116/0x1d0 [ 14.844120] ret_from_fork_asm+0x1a/0x30 [ 14.844548] [ 14.844740] The buggy address belongs to the object at ffff88810226cfe0 [ 14.844740] which belongs to the cache kmalloc-16 of size 16 [ 14.845684] The buggy address is located 8 bytes inside of [ 14.845684] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.846400] [ 14.846486] The buggy address belongs to the physical page: [ 14.846913] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.847434] flags: 0x200000000000000(node=0|zone=2) [ 14.847642] page_type: f5(slab) [ 14.847884] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.848559] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.848895] page dumped because: kasan: bad access detected [ 14.849301] [ 14.849468] Memory state around the buggy address: [ 14.849671] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.850008] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.850553] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.850929] ^ [ 14.851416] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.851754] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.852241] ================================================================== [ 14.852890] ================================================================== [ 14.853134] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.854134] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.854635] [ 14.854845] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.854890] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.854901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.854922] Call Trace: [ 14.854935] <TASK> [ 14.854948] dump_stack_lvl+0x73/0xb0 [ 14.854978] print_report+0xd1/0x650 [ 14.855246] ? __virt_addr_valid+0x1db/0x2d0 [ 14.855271] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.855300] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.855325] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.855357] kasan_report+0x141/0x180 [ 14.855380] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.855414] kasan_check_range+0x10c/0x1c0 [ 14.855437] __kasan_check_write+0x18/0x20 [ 14.855457] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.855486] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.855516] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.855541] ? trace_hardirqs_on+0x37/0xe0 [ 14.855564] ? kasan_bitops_generic+0x92/0x1c0 [ 14.855591] kasan_bitops_generic+0x121/0x1c0 [ 14.855615] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.855640] ? __pfx_read_tsc+0x10/0x10 [ 14.855660] ? ktime_get_ts64+0x86/0x230 [ 14.855683] kunit_try_run_case+0x1a5/0x480 [ 14.855719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.855741] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.855766] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.855790] ? __kthread_parkme+0x82/0x180 [ 14.855810] ? preempt_count_sub+0x50/0x80 [ 14.855834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.855858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.855882] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.855908] kthread+0x337/0x6f0 [ 14.855927] ? trace_preempt_on+0x20/0xc0 [ 14.855949] ? __pfx_kthread+0x10/0x10 [ 14.855970] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.855991] ? calculate_sigpending+0x7b/0xa0 [ 14.856015] ? __pfx_kthread+0x10/0x10 [ 14.856069] ret_from_fork+0x116/0x1d0 [ 14.856095] ? __pfx_kthread+0x10/0x10 [ 14.856115] ret_from_fork_asm+0x1a/0x30 [ 14.856146] </TASK> [ 14.856156] [ 14.867261] Allocated by task 278: [ 14.867674] kasan_save_stack+0x45/0x70 [ 14.867982] kasan_save_track+0x18/0x40 [ 14.868231] kasan_save_alloc_info+0x3b/0x50 [ 14.868651] __kasan_kmalloc+0xb7/0xc0 [ 14.868836] __kmalloc_cache_noprof+0x189/0x420 [ 14.869247] kasan_bitops_generic+0x92/0x1c0 [ 14.869436] kunit_try_run_case+0x1a5/0x480 [ 14.869739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.869989] kthread+0x337/0x6f0 [ 14.870331] ret_from_fork+0x116/0x1d0 [ 14.870560] ret_from_fork_asm+0x1a/0x30 [ 14.870957] [ 14.871040] The buggy address belongs to the object at ffff88810226cfe0 [ 14.871040] which belongs to the cache kmalloc-16 of size 16 [ 14.871657] The buggy address is located 8 bytes inside of [ 14.871657] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.872654] [ 14.872769] The buggy address belongs to the physical page: [ 14.873157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.873698] flags: 0x200000000000000(node=0|zone=2) [ 14.874017] page_type: f5(slab) [ 14.874369] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.874684] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.875278] page dumped because: kasan: bad access detected [ 14.875468] [ 14.875565] Memory state around the buggy address: [ 14.875888] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.876559] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.876854] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.877316] ^ [ 14.877603] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.878064] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.878589] ================================================================== [ 14.769009] ================================================================== [ 14.769639] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.770023] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.770401] [ 14.770515] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.770575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.770587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.770606] Call Trace: [ 14.770636] <TASK> [ 14.770651] dump_stack_lvl+0x73/0xb0 [ 14.770756] print_report+0xd1/0x650 [ 14.770778] ? __virt_addr_valid+0x1db/0x2d0 [ 14.770800] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.770829] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.770853] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.770882] kasan_report+0x141/0x180 [ 14.770904] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.770937] kasan_check_range+0x10c/0x1c0 [ 14.770961] __kasan_check_write+0x18/0x20 [ 14.770980] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.771009] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.771066] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.771100] ? trace_hardirqs_on+0x37/0xe0 [ 14.771124] ? kasan_bitops_generic+0x92/0x1c0 [ 14.771153] kasan_bitops_generic+0x121/0x1c0 [ 14.771194] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.771222] ? __pfx_read_tsc+0x10/0x10 [ 14.771258] ? ktime_get_ts64+0x86/0x230 [ 14.771291] kunit_try_run_case+0x1a5/0x480 [ 14.771315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.771338] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.771363] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.771387] ? __kthread_parkme+0x82/0x180 [ 14.771407] ? preempt_count_sub+0x50/0x80 [ 14.771433] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.771458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.771484] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.771509] kthread+0x337/0x6f0 [ 14.771529] ? trace_preempt_on+0x20/0xc0 [ 14.771551] ? __pfx_kthread+0x10/0x10 [ 14.771571] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.771592] ? calculate_sigpending+0x7b/0xa0 [ 14.771616] ? __pfx_kthread+0x10/0x10 [ 14.771638] ret_from_fork+0x116/0x1d0 [ 14.771656] ? __pfx_kthread+0x10/0x10 [ 14.771676] ret_from_fork_asm+0x1a/0x30 [ 14.771716] </TASK> [ 14.771725] [ 14.781518] Allocated by task 278: [ 14.781690] kasan_save_stack+0x45/0x70 [ 14.781894] kasan_save_track+0x18/0x40 [ 14.782748] kasan_save_alloc_info+0x3b/0x50 [ 14.783205] __kasan_kmalloc+0xb7/0xc0 [ 14.783616] __kmalloc_cache_noprof+0x189/0x420 [ 14.783796] kasan_bitops_generic+0x92/0x1c0 [ 14.783951] kunit_try_run_case+0x1a5/0x480 [ 14.784106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.784284] kthread+0x337/0x6f0 [ 14.784410] ret_from_fork+0x116/0x1d0 [ 14.784544] ret_from_fork_asm+0x1a/0x30 [ 14.784683] [ 14.785404] The buggy address belongs to the object at ffff88810226cfe0 [ 14.785404] which belongs to the cache kmalloc-16 of size 16 [ 14.787113] The buggy address is located 8 bytes inside of [ 14.787113] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.788605] [ 14.788947] The buggy address belongs to the physical page: [ 14.789722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.790790] flags: 0x200000000000000(node=0|zone=2) [ 14.791017] page_type: f5(slab) [ 14.791416] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.791868] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.792319] page dumped because: kasan: bad access detected [ 14.792662] [ 14.792757] Memory state around the buggy address: [ 14.793239] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.793559] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.793827] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.794409] ^ [ 14.794780] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.795153] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.795733] ================================================================== [ 14.933724] ================================================================== [ 14.933971] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.934668] Read of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.934993] [ 14.935092] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.935135] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.935147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.935166] Call Trace: [ 14.935183] <TASK> [ 14.935198] dump_stack_lvl+0x73/0xb0 [ 14.935227] print_report+0xd1/0x650 [ 14.935248] ? __virt_addr_valid+0x1db/0x2d0 [ 14.935271] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.935300] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.935323] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.935352] kasan_report+0x141/0x180 [ 14.935374] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.935407] kasan_check_range+0x10c/0x1c0 [ 14.935431] __kasan_check_read+0x15/0x20 [ 14.935450] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.935479] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.935509] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.935533] ? trace_hardirqs_on+0x37/0xe0 [ 14.935556] ? kasan_bitops_generic+0x92/0x1c0 [ 14.935584] kasan_bitops_generic+0x121/0x1c0 [ 14.935607] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.935632] ? __pfx_read_tsc+0x10/0x10 [ 14.935653] ? ktime_get_ts64+0x86/0x230 [ 14.935677] kunit_try_run_case+0x1a5/0x480 [ 14.935994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.936038] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.936072] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.936110] ? __kthread_parkme+0x82/0x180 [ 14.936131] ? preempt_count_sub+0x50/0x80 [ 14.936155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.936179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.936204] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.936230] kthread+0x337/0x6f0 [ 14.936249] ? trace_preempt_on+0x20/0xc0 [ 14.936272] ? __pfx_kthread+0x10/0x10 [ 14.936293] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.936319] ? calculate_sigpending+0x7b/0xa0 [ 14.936343] ? __pfx_kthread+0x10/0x10 [ 14.936364] ret_from_fork+0x116/0x1d0 [ 14.936383] ? __pfx_kthread+0x10/0x10 [ 14.936404] ret_from_fork_asm+0x1a/0x30 [ 14.936435] </TASK> [ 14.936445] [ 14.948534] Allocated by task 278: [ 14.948726] kasan_save_stack+0x45/0x70 [ 14.948909] kasan_save_track+0x18/0x40 [ 14.949093] kasan_save_alloc_info+0x3b/0x50 [ 14.949581] __kasan_kmalloc+0xb7/0xc0 [ 14.949757] __kmalloc_cache_noprof+0x189/0x420 [ 14.949993] kasan_bitops_generic+0x92/0x1c0 [ 14.950262] kunit_try_run_case+0x1a5/0x480 [ 14.950462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.950695] kthread+0x337/0x6f0 [ 14.950868] ret_from_fork+0x116/0x1d0 [ 14.951030] ret_from_fork_asm+0x1a/0x30 [ 14.951814] [ 14.951911] The buggy address belongs to the object at ffff88810226cfe0 [ 14.951911] which belongs to the cache kmalloc-16 of size 16 [ 14.952742] The buggy address is located 8 bytes inside of [ 14.952742] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.953459] [ 14.953567] The buggy address belongs to the physical page: [ 14.953821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.954376] flags: 0x200000000000000(node=0|zone=2) [ 14.954599] page_type: f5(slab) [ 14.954903] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.955579] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.956266] page dumped because: kasan: bad access detected [ 14.956755] [ 14.956831] Memory state around the buggy address: [ 14.956989] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.957993] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.958862] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.959573] ^ [ 14.960013] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.960812] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.961033] ================================================================== [ 14.879333] ================================================================== [ 14.879775] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.880298] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.881012] [ 14.881166] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.881208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.881220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.881240] Call Trace: [ 14.881255] <TASK> [ 14.881269] dump_stack_lvl+0x73/0xb0 [ 14.881435] print_report+0xd1/0x650 [ 14.881460] ? __virt_addr_valid+0x1db/0x2d0 [ 14.881483] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.881512] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.881536] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.881566] kasan_report+0x141/0x180 [ 14.881587] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.881622] kasan_check_range+0x10c/0x1c0 [ 14.881645] __kasan_check_write+0x18/0x20 [ 14.881664] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.881694] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.881738] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.881762] ? trace_hardirqs_on+0x37/0xe0 [ 14.881784] ? kasan_bitops_generic+0x92/0x1c0 [ 14.881812] kasan_bitops_generic+0x121/0x1c0 [ 14.881837] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.881862] ? __pfx_read_tsc+0x10/0x10 [ 14.881883] ? ktime_get_ts64+0x86/0x230 [ 14.881908] kunit_try_run_case+0x1a5/0x480 [ 14.881931] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.881954] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.881979] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.882003] ? __kthread_parkme+0x82/0x180 [ 14.882023] ? preempt_count_sub+0x50/0x80 [ 14.882046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.882070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.882095] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.882119] kthread+0x337/0x6f0 [ 14.882138] ? trace_preempt_on+0x20/0xc0 [ 14.882162] ? __pfx_kthread+0x10/0x10 [ 14.882182] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.882223] ? calculate_sigpending+0x7b/0xa0 [ 14.882260] ? __pfx_kthread+0x10/0x10 [ 14.882281] ret_from_fork+0x116/0x1d0 [ 14.882299] ? __pfx_kthread+0x10/0x10 [ 14.882319] ret_from_fork_asm+0x1a/0x30 [ 14.882350] </TASK> [ 14.882360] [ 14.893246] Allocated by task 278: [ 14.893806] kasan_save_stack+0x45/0x70 [ 14.894015] kasan_save_track+0x18/0x40 [ 14.894201] kasan_save_alloc_info+0x3b/0x50 [ 14.894512] __kasan_kmalloc+0xb7/0xc0 [ 14.894853] __kmalloc_cache_noprof+0x189/0x420 [ 14.895026] kasan_bitops_generic+0x92/0x1c0 [ 14.895367] kunit_try_run_case+0x1a5/0x480 [ 14.895657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.895934] kthread+0x337/0x6f0 [ 14.896192] ret_from_fork+0x116/0x1d0 [ 14.896498] ret_from_fork_asm+0x1a/0x30 [ 14.896676] [ 14.896784] The buggy address belongs to the object at ffff88810226cfe0 [ 14.896784] which belongs to the cache kmalloc-16 of size 16 [ 14.897520] The buggy address is located 8 bytes inside of [ 14.897520] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.898095] [ 14.898269] The buggy address belongs to the physical page: [ 14.898681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.899171] flags: 0x200000000000000(node=0|zone=2) [ 14.899407] page_type: f5(slab) [ 14.899610] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.899907] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.900136] page dumped because: kasan: bad access detected [ 14.900306] [ 14.900387] Memory state around the buggy address: [ 14.900724] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.901048] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.901369] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.901677] ^ [ 14.902492] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.902773] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.903292] ================================================================== [ 14.903977] ================================================================== [ 14.904230] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.905084] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.905557] [ 14.905797] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.905842] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.905853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.905873] Call Trace: [ 14.905886] <TASK> [ 14.905900] dump_stack_lvl+0x73/0xb0 [ 14.905930] print_report+0xd1/0x650 [ 14.905951] ? __virt_addr_valid+0x1db/0x2d0 [ 14.905974] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.906003] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.906026] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.906239] kasan_report+0x141/0x180 [ 14.906262] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.906296] kasan_check_range+0x10c/0x1c0 [ 14.906319] __kasan_check_write+0x18/0x20 [ 14.906339] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.906369] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.906399] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.906423] ? trace_hardirqs_on+0x37/0xe0 [ 14.906448] ? kasan_bitops_generic+0x92/0x1c0 [ 14.906475] kasan_bitops_generic+0x121/0x1c0 [ 14.906499] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.906524] ? __pfx_read_tsc+0x10/0x10 [ 14.906546] ? ktime_get_ts64+0x86/0x230 [ 14.906569] kunit_try_run_case+0x1a5/0x480 [ 14.906592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.906615] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.906640] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.906663] ? __kthread_parkme+0x82/0x180 [ 14.906684] ? preempt_count_sub+0x50/0x80 [ 14.906723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.906748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.906773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.906798] kthread+0x337/0x6f0 [ 14.906817] ? trace_preempt_on+0x20/0xc0 [ 14.906839] ? __pfx_kthread+0x10/0x10 [ 14.906860] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.906882] ? calculate_sigpending+0x7b/0xa0 [ 14.906906] ? __pfx_kthread+0x10/0x10 [ 14.906927] ret_from_fork+0x116/0x1d0 [ 14.906946] ? __pfx_kthread+0x10/0x10 [ 14.906966] ret_from_fork_asm+0x1a/0x30 [ 14.906997] </TASK> [ 14.907006] [ 14.917616] Allocated by task 278: [ 14.918008] kasan_save_stack+0x45/0x70 [ 14.918505] kasan_save_track+0x18/0x40 [ 14.918672] kasan_save_alloc_info+0x3b/0x50 [ 14.918891] __kasan_kmalloc+0xb7/0xc0 [ 14.919292] __kmalloc_cache_noprof+0x189/0x420 [ 14.919487] kasan_bitops_generic+0x92/0x1c0 [ 14.919747] kunit_try_run_case+0x1a5/0x480 [ 14.920096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.920551] kthread+0x337/0x6f0 [ 14.920865] ret_from_fork+0x116/0x1d0 [ 14.921016] ret_from_fork_asm+0x1a/0x30 [ 14.921212] [ 14.921304] The buggy address belongs to the object at ffff88810226cfe0 [ 14.921304] which belongs to the cache kmalloc-16 of size 16 [ 14.922137] The buggy address is located 8 bytes inside of [ 14.922137] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.924136] [ 14.924352] The buggy address belongs to the physical page: [ 14.924531] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.924787] flags: 0x200000000000000(node=0|zone=2) [ 14.924951] page_type: f5(slab) [ 14.925071] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.925300] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.925521] page dumped because: kasan: bad access detected [ 14.925691] [ 14.927426] Memory state around the buggy address: [ 14.928773] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.929676] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.930806] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.931572] ^ [ 14.931852] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.932541] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.932820] ================================================================== [ 14.735416] ================================================================== [ 14.735785] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.736793] Write of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.737498] [ 14.737935] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.737984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.737996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.738023] Call Trace: [ 14.738037] <TASK> [ 14.738052] dump_stack_lvl+0x73/0xb0 [ 14.738082] print_report+0xd1/0x650 [ 14.738104] ? __virt_addr_valid+0x1db/0x2d0 [ 14.738126] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.738156] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.738179] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.738208] kasan_report+0x141/0x180 [ 14.738231] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.738264] kasan_check_range+0x10c/0x1c0 [ 14.738288] __kasan_check_write+0x18/0x20 [ 14.738307] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.738336] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.738366] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.738390] ? trace_hardirqs_on+0x37/0xe0 [ 14.738413] ? kasan_bitops_generic+0x92/0x1c0 [ 14.738440] kasan_bitops_generic+0x121/0x1c0 [ 14.738464] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.738490] ? __pfx_read_tsc+0x10/0x10 [ 14.738512] ? ktime_get_ts64+0x86/0x230 [ 14.738534] kunit_try_run_case+0x1a5/0x480 [ 14.738558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.738582] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.738606] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.738630] ? __kthread_parkme+0x82/0x180 [ 14.738650] ? preempt_count_sub+0x50/0x80 [ 14.738674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.738699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.738735] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.738760] kthread+0x337/0x6f0 [ 14.738779] ? trace_preempt_on+0x20/0xc0 [ 14.738801] ? __pfx_kthread+0x10/0x10 [ 14.738822] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.738844] ? calculate_sigpending+0x7b/0xa0 [ 14.738867] ? __pfx_kthread+0x10/0x10 [ 14.738890] ret_from_fork+0x116/0x1d0 [ 14.738908] ? __pfx_kthread+0x10/0x10 [ 14.738928] ret_from_fork_asm+0x1a/0x30 [ 14.738959] </TASK> [ 14.738969] [ 14.757215] Allocated by task 278: [ 14.757509] kasan_save_stack+0x45/0x70 [ 14.757759] kasan_save_track+0x18/0x40 [ 14.757978] kasan_save_alloc_info+0x3b/0x50 [ 14.758413] __kasan_kmalloc+0xb7/0xc0 [ 14.758695] __kmalloc_cache_noprof+0x189/0x420 [ 14.759109] kasan_bitops_generic+0x92/0x1c0 [ 14.759443] kunit_try_run_case+0x1a5/0x480 [ 14.759766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.760021] kthread+0x337/0x6f0 [ 14.760406] ret_from_fork+0x116/0x1d0 [ 14.760560] ret_from_fork_asm+0x1a/0x30 [ 14.760970] [ 14.761252] The buggy address belongs to the object at ffff88810226cfe0 [ 14.761252] which belongs to the cache kmalloc-16 of size 16 [ 14.761764] The buggy address is located 8 bytes inside of [ 14.761764] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.762170] [ 14.762318] The buggy address belongs to the physical page: [ 14.762745] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.763372] flags: 0x200000000000000(node=0|zone=2) [ 14.763623] page_type: f5(slab) [ 14.763808] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.764322] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.764718] page dumped because: kasan: bad access detected [ 14.765079] [ 14.765242] Memory state around the buggy address: [ 14.765425] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.765944] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.766433] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.766875] ^ [ 14.767403] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.767862] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.768395] ================================================================== [ 14.961382] ================================================================== [ 14.961613] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.961908] Read of size 8 at addr ffff88810226cfe8 by task kunit_try_catch/278 [ 14.962329] [ 14.962842] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 14.962890] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.962902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.962922] Call Trace: [ 14.962937] <TASK> [ 14.962953] dump_stack_lvl+0x73/0xb0 [ 14.962984] print_report+0xd1/0x650 [ 14.963006] ? __virt_addr_valid+0x1db/0x2d0 [ 14.963029] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.963059] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.963083] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.963112] kasan_report+0x141/0x180 [ 14.963135] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.963169] __asan_report_load8_noabort+0x18/0x20 [ 14.963194] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.963481] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.963518] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.963544] ? trace_hardirqs_on+0x37/0xe0 [ 14.963566] ? kasan_bitops_generic+0x92/0x1c0 [ 14.963595] kasan_bitops_generic+0x121/0x1c0 [ 14.963619] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.963644] ? __pfx_read_tsc+0x10/0x10 [ 14.963666] ? ktime_get_ts64+0x86/0x230 [ 14.963690] kunit_try_run_case+0x1a5/0x480 [ 14.963728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.963751] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.963776] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.963800] ? __kthread_parkme+0x82/0x180 [ 14.963821] ? preempt_count_sub+0x50/0x80 [ 14.963845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.963870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.963894] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.963920] kthread+0x337/0x6f0 [ 14.963939] ? trace_preempt_on+0x20/0xc0 [ 14.963962] ? __pfx_kthread+0x10/0x10 [ 14.963983] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.964004] ? calculate_sigpending+0x7b/0xa0 [ 14.964040] ? __pfx_kthread+0x10/0x10 [ 14.964063] ret_from_fork+0x116/0x1d0 [ 14.964107] ? __pfx_kthread+0x10/0x10 [ 14.964128] ret_from_fork_asm+0x1a/0x30 [ 14.964158] </TASK> [ 14.964169] [ 14.975168] Allocated by task 278: [ 14.975819] kasan_save_stack+0x45/0x70 [ 14.975990] kasan_save_track+0x18/0x40 [ 14.976392] kasan_save_alloc_info+0x3b/0x50 [ 14.976601] __kasan_kmalloc+0xb7/0xc0 [ 14.976791] __kmalloc_cache_noprof+0x189/0x420 [ 14.976993] kasan_bitops_generic+0x92/0x1c0 [ 14.977444] kunit_try_run_case+0x1a5/0x480 [ 14.977608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.977958] kthread+0x337/0x6f0 [ 14.978147] ret_from_fork+0x116/0x1d0 [ 14.978515] ret_from_fork_asm+0x1a/0x30 [ 14.978798] [ 14.978884] The buggy address belongs to the object at ffff88810226cfe0 [ 14.978884] which belongs to the cache kmalloc-16 of size 16 [ 14.979770] The buggy address is located 8 bytes inside of [ 14.979770] allocated 9-byte region [ffff88810226cfe0, ffff88810226cfe9) [ 14.980382] [ 14.980476] The buggy address belongs to the physical page: [ 14.980715] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10226c [ 14.981345] flags: 0x200000000000000(node=0|zone=2) [ 14.981573] page_type: f5(slab) [ 14.981720] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.982259] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.982618] page dumped because: kasan: bad access detected [ 14.982859] [ 14.982954] Memory state around the buggy address: [ 14.983154] ffff88810226ce80: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 14.983811] ffff88810226cf00: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.984323] >ffff88810226cf80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.984714] ^ [ 14.985050] ffff88810226d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.985330] ffff88810226d080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.985641] ==================================================================