Date
July 15, 2025, 11:09 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 17.949345] ================================================================== [ 17.953051] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x334/0xbc0 [ 17.953595] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.954290] Hardware name: linux,dummy-virt (DT) [ 17.955554] __kasan_check_write+0x20/0x30 [ 17.956393] kasan_bitops_generic+0x11c/0x1c8 [ 17.956585] kthread+0x328/0x630 [ 17.958380] kunit_try_run_case+0x170/0x3f0 [ 17.958421] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.959922] [ 17.960074] [ 17.961107] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.961299] page_type: f5(slab) [ 17.961594] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.962512] fff00000c591d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.963103] ^ [ 17.963585] fff00000c591d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.967935] ================================================================== [ 17.892522] ================================================================== [ 17.892579] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 17.892634] Read of size 8 at addr fff00000c591d628 by task kunit_try_catch/262 [ 17.892697] [ 17.892730] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.892824] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.892861] Hardware name: linux,dummy-virt (DT) [ 17.892893] Call trace: [ 17.892922] show_stack+0x20/0x38 (C) [ 17.892977] dump_stack_lvl+0x8c/0xd0 [ 17.893307] print_report+0x118/0x5d0 [ 17.893865] kasan_report+0xdc/0x128 [ 17.894174] __asan_report_load8_noabort+0x20/0x30 [ 17.894248] kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 17.894544] kasan_bitops_generic+0x11c/0x1c8 [ 17.894750] kunit_try_run_case+0x170/0x3f0 [ 17.894824] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.901138] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.901573] page dumped because: kasan: bad access detected [ 17.901740] [ 17.901800] Memory state around the buggy address: [ 17.902358] fff00000c591d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.903007] fff00000c591d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.907374] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.907433] Hardware name: linux,dummy-virt (DT) [ 17.907520] Call trace: [ 17.907545] show_stack+0x20/0x38 (C) [ 17.908369] kasan_report+0xdc/0x128 [ 17.909971] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.910075] kthread+0x328/0x630 [ 17.910496] Allocated by task 262: [ 17.911190] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.911381] kthread+0x328/0x630 [ 17.911617] The buggy address is located 8 bytes inside of [ 17.911617] allocated 9-byte region [fff00000c591d620, fff00000c591d629) [ 17.911875] page_type: f5(slab) [ 17.911923] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.912148] fff00000c591d500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.912816] >fff00000c591d600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.914484] fff00000c591d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.915552] ================================================================== [ 17.886137] ================================================================== [ 17.886211] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 17.886317] Write of size 8 at addr fff00000c591d628 by task kunit_try_catch/262 [ 17.888023] [ 17.888082] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.888175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.888434] Hardware name: linux,dummy-virt (DT) [ 17.888495] Call trace: [ 17.888677] show_stack+0x20/0x38 (C) [ 17.888741] dump_stack_lvl+0x8c/0xd0 [ 17.888791] print_report+0x118/0x5d0 [ 17.888900] kasan_report+0xdc/0x128 [ 17.888952] kasan_check_range+0x100/0x1a8 [ 17.889007] __kasan_check_write+0x20/0x30 [ 17.889101] kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 17.889171] kasan_bitops_generic+0x11c/0x1c8 [ 17.889232] kunit_try_run_case+0x170/0x3f0 [ 17.889297] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.889350] kthread+0x328/0x630 [ 17.889393] ret_from_fork+0x10/0x20 [ 17.889678] [ 17.889701] Allocated by task 262: [ 17.889741] kasan_save_stack+0x3c/0x68 [ 17.889785] kasan_save_track+0x20/0x40 [ 17.889824] kasan_save_alloc_info+0x40/0x58 [ 17.889872] __kasan_kmalloc+0xd4/0xd8 [ 17.889909] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.889951] kasan_bitops_generic+0xa0/0x1c8 [ 17.889990] kunit_try_run_case+0x170/0x3f0 [ 17.890028] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.890074] kthread+0x328/0x630 [ 17.890108] ret_from_fork+0x10/0x20 [ 17.890151] [ 17.890450] The buggy address belongs to the object at fff00000c591d620 [ 17.890450] which belongs to the cache kmalloc-16 of size 16 [ 17.890631] The buggy address is located 8 bytes inside of [ 17.890631] allocated 9-byte region [fff00000c591d620, fff00000c591d629) [ 17.890756] [ 17.890904] The buggy address belongs to the physical page: [ 17.890980] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10591d [ 17.891135] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.891217] page_type: f5(slab) [ 17.891671] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.891731] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.891777] page dumped because: kasan: bad access detected [ 17.891822] [ 17.891848] Memory state around the buggy address: [ 17.891896] fff00000c591d500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.891958] fff00000c591d580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.892005] >fff00000c591d600: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.892052] ^ [ 17.892102] fff00000c591d680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.892148] fff00000c591d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.892210] ==================================================================
[ 14.708722] ================================================================== [ 14.708989] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.709266] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.710217] [ 14.710545] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.710604] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.710617] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.710637] Call Trace: [ 14.710649] <TASK> [ 14.710663] dump_stack_lvl+0x73/0xb0 [ 14.710694] print_report+0xd1/0x610 [ 14.710715] ? __virt_addr_valid+0x1db/0x2d0 [ 14.710738] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.710821] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.710848] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.710879] kasan_report+0x141/0x180 [ 14.710900] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.710935] kasan_check_range+0x10c/0x1c0 [ 14.710959] __kasan_check_write+0x18/0x20 [ 14.710979] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.711010] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.711041] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.711066] ? trace_hardirqs_on+0x37/0xe0 [ 14.711089] ? kasan_bitops_generic+0x92/0x1c0 [ 14.711117] kasan_bitops_generic+0x121/0x1c0 [ 14.711142] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.711169] ? __pfx_read_tsc+0x10/0x10 [ 14.711190] ? ktime_get_ts64+0x86/0x230 [ 14.711213] kunit_try_run_case+0x1a5/0x480 [ 14.711239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.711263] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.711287] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.711311] ? __kthread_parkme+0x82/0x180 [ 14.711417] ? preempt_count_sub+0x50/0x80 [ 14.711458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.711484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.711512] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.711538] kthread+0x337/0x6f0 [ 14.711562] ? trace_preempt_on+0x20/0xc0 [ 14.711588] ? __pfx_kthread+0x10/0x10 [ 14.711610] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.711633] ? calculate_sigpending+0x7b/0xa0 [ 14.711658] ? __pfx_kthread+0x10/0x10 [ 14.711680] ret_from_fork+0x116/0x1d0 [ 14.711698] ? __pfx_kthread+0x10/0x10 [ 14.711719] ret_from_fork_asm+0x1a/0x30 [ 14.711752] </TASK> [ 14.711774] [ 14.724282] Allocated by task 278: [ 14.724625] kasan_save_stack+0x45/0x70 [ 14.724831] kasan_save_track+0x18/0x40 [ 14.725013] kasan_save_alloc_info+0x3b/0x50 [ 14.725209] __kasan_kmalloc+0xb7/0xc0 [ 14.726014] __kmalloc_cache_noprof+0x189/0x420 [ 14.726210] kasan_bitops_generic+0x92/0x1c0 [ 14.726368] kunit_try_run_case+0x1a5/0x480 [ 14.726641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.726898] kthread+0x337/0x6f0 [ 14.727063] ret_from_fork+0x116/0x1d0 [ 14.727231] ret_from_fork_asm+0x1a/0x30 [ 14.727884] [ 14.727994] The buggy address belongs to the object at ffff888102781700 [ 14.727994] which belongs to the cache kmalloc-16 of size 16 [ 14.728821] The buggy address is located 8 bytes inside of [ 14.728821] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.729309] [ 14.729521] The buggy address belongs to the physical page: [ 14.729767] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.730089] flags: 0x200000000000000(node=0|zone=2) [ 14.730303] page_type: f5(slab) [ 14.731086] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.731450] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.732209] page dumped because: kasan: bad access detected [ 14.732611] [ 14.732712] Memory state around the buggy address: [ 14.732936] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.733232] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.733836] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.734131] ^ [ 14.734286] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.735245] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.735598] ================================================================== [ 14.755474] ================================================================== [ 14.755945] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.756305] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.756819] [ 14.756914] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.756960] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.756971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.756992] Call Trace: [ 14.757004] <TASK> [ 14.757018] dump_stack_lvl+0x73/0xb0 [ 14.757047] print_report+0xd1/0x610 [ 14.757070] ? __virt_addr_valid+0x1db/0x2d0 [ 14.757092] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.757124] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.757148] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.757179] kasan_report+0x141/0x180 [ 14.757201] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.757236] kasan_check_range+0x10c/0x1c0 [ 14.757260] __kasan_check_write+0x18/0x20 [ 14.757280] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.757310] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.757403] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.757431] ? trace_hardirqs_on+0x37/0xe0 [ 14.757453] ? kasan_bitops_generic+0x92/0x1c0 [ 14.757482] kasan_bitops_generic+0x121/0x1c0 [ 14.757506] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.757532] ? __pfx_read_tsc+0x10/0x10 [ 14.757553] ? ktime_get_ts64+0x86/0x230 [ 14.757577] kunit_try_run_case+0x1a5/0x480 [ 14.757602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.757626] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.757651] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.757676] ? __kthread_parkme+0x82/0x180 [ 14.757696] ? preempt_count_sub+0x50/0x80 [ 14.757719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.757745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.757784] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.757810] kthread+0x337/0x6f0 [ 14.757830] ? trace_preempt_on+0x20/0xc0 [ 14.757853] ? __pfx_kthread+0x10/0x10 [ 14.757875] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.757897] ? calculate_sigpending+0x7b/0xa0 [ 14.757922] ? __pfx_kthread+0x10/0x10 [ 14.757943] ret_from_fork+0x116/0x1d0 [ 14.757963] ? __pfx_kthread+0x10/0x10 [ 14.757984] ret_from_fork_asm+0x1a/0x30 [ 14.758015] </TASK> [ 14.758025] [ 14.766834] Allocated by task 278: [ 14.767024] kasan_save_stack+0x45/0x70 [ 14.767217] kasan_save_track+0x18/0x40 [ 14.767393] kasan_save_alloc_info+0x3b/0x50 [ 14.767543] __kasan_kmalloc+0xb7/0xc0 [ 14.767677] __kmalloc_cache_noprof+0x189/0x420 [ 14.767844] kasan_bitops_generic+0x92/0x1c0 [ 14.767994] kunit_try_run_case+0x1a5/0x480 [ 14.768143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.768394] kthread+0x337/0x6f0 [ 14.768654] ret_from_fork+0x116/0x1d0 [ 14.768862] ret_from_fork_asm+0x1a/0x30 [ 14.769060] [ 14.769161] The buggy address belongs to the object at ffff888102781700 [ 14.769161] which belongs to the cache kmalloc-16 of size 16 [ 14.769894] The buggy address is located 8 bytes inside of [ 14.769894] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.770256] [ 14.770456] The buggy address belongs to the physical page: [ 14.770718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.771097] flags: 0x200000000000000(node=0|zone=2) [ 14.771790] page_type: f5(slab) [ 14.772137] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.772810] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.773088] page dumped because: kasan: bad access detected [ 14.773513] [ 14.773620] Memory state around the buggy address: [ 14.773850] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.774085] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.775407] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.775706] ^ [ 14.775895] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.776191] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.776583] ================================================================== [ 14.885573] ================================================================== [ 14.885832] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.886113] Read of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.886334] [ 14.886421] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.886464] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.886475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.886495] Call Trace: [ 14.886508] <TASK> [ 14.886522] dump_stack_lvl+0x73/0xb0 [ 14.886549] print_report+0xd1/0x610 [ 14.886570] ? __virt_addr_valid+0x1db/0x2d0 [ 14.886591] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.886618] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.886641] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.886668] kasan_report+0x141/0x180 [ 14.886689] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.886721] __asan_report_load8_noabort+0x18/0x20 [ 14.886746] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.888730] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.888780] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.888806] ? trace_hardirqs_on+0x37/0xe0 [ 14.888829] ? kasan_bitops_generic+0x92/0x1c0 [ 14.888858] kasan_bitops_generic+0x121/0x1c0 [ 14.888882] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.888908] ? __pfx_read_tsc+0x10/0x10 [ 14.888930] ? ktime_get_ts64+0x86/0x230 [ 14.888953] kunit_try_run_case+0x1a5/0x480 [ 14.888978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.889002] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.889027] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.889051] ? __kthread_parkme+0x82/0x180 [ 14.889073] ? preempt_count_sub+0x50/0x80 [ 14.889097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.889125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.889152] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.889178] kthread+0x337/0x6f0 [ 14.889198] ? trace_preempt_on+0x20/0xc0 [ 14.889221] ? __pfx_kthread+0x10/0x10 [ 14.889242] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.889265] ? calculate_sigpending+0x7b/0xa0 [ 14.889289] ? __pfx_kthread+0x10/0x10 [ 14.889318] ret_from_fork+0x116/0x1d0 [ 14.889337] ? __pfx_kthread+0x10/0x10 [ 14.889357] ret_from_fork_asm+0x1a/0x30 [ 14.889389] </TASK> [ 14.889399] [ 14.902481] Allocated by task 278: [ 14.902812] kasan_save_stack+0x45/0x70 [ 14.903017] kasan_save_track+0x18/0x40 [ 14.903199] kasan_save_alloc_info+0x3b/0x50 [ 14.903496] __kasan_kmalloc+0xb7/0xc0 [ 14.903679] __kmalloc_cache_noprof+0x189/0x420 [ 14.903894] kasan_bitops_generic+0x92/0x1c0 [ 14.904090] kunit_try_run_case+0x1a5/0x480 [ 14.904283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.904746] kthread+0x337/0x6f0 [ 14.904931] ret_from_fork+0x116/0x1d0 [ 14.905101] ret_from_fork_asm+0x1a/0x30 [ 14.905284] [ 14.905472] The buggy address belongs to the object at ffff888102781700 [ 14.905472] which belongs to the cache kmalloc-16 of size 16 [ 14.905970] The buggy address is located 8 bytes inside of [ 14.905970] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.907427] [ 14.907527] The buggy address belongs to the physical page: [ 14.907704] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.907958] flags: 0x200000000000000(node=0|zone=2) [ 14.908160] page_type: f5(slab) [ 14.908307] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.908781] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.909105] page dumped because: kasan: bad access detected [ 14.909308] [ 14.909496] Memory state around the buggy address: [ 14.909701] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.909965] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.910270] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.910608] ^ [ 14.910775] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.911091] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.911324] ================================================================== [ 14.842001] ================================================================== [ 14.842519] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.842962] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.843274] [ 14.843457] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.843500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.843511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.843531] Call Trace: [ 14.843544] <TASK> [ 14.843561] dump_stack_lvl+0x73/0xb0 [ 14.843591] print_report+0xd1/0x610 [ 14.843613] ? __virt_addr_valid+0x1db/0x2d0 [ 14.843636] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.843666] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.843691] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.843721] kasan_report+0x141/0x180 [ 14.843744] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.843793] kasan_check_range+0x10c/0x1c0 [ 14.843818] __kasan_check_write+0x18/0x20 [ 14.843837] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.843868] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.843899] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.843925] ? trace_hardirqs_on+0x37/0xe0 [ 14.843947] ? kasan_bitops_generic+0x92/0x1c0 [ 14.843975] kasan_bitops_generic+0x121/0x1c0 [ 14.844001] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.844028] ? __pfx_read_tsc+0x10/0x10 [ 14.844049] ? ktime_get_ts64+0x86/0x230 [ 14.844074] kunit_try_run_case+0x1a5/0x480 [ 14.844099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.844123] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.844148] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.844173] ? __kthread_parkme+0x82/0x180 [ 14.844193] ? preempt_count_sub+0x50/0x80 [ 14.844218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.844243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.844268] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.844295] kthread+0x337/0x6f0 [ 14.844314] ? trace_preempt_on+0x20/0xc0 [ 14.844416] ? __pfx_kthread+0x10/0x10 [ 14.844442] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.844467] ? calculate_sigpending+0x7b/0xa0 [ 14.844493] ? __pfx_kthread+0x10/0x10 [ 14.844516] ret_from_fork+0x116/0x1d0 [ 14.844535] ? __pfx_kthread+0x10/0x10 [ 14.844573] ret_from_fork_asm+0x1a/0x30 [ 14.844605] </TASK> [ 14.844616] [ 14.853671] Allocated by task 278: [ 14.853857] kasan_save_stack+0x45/0x70 [ 14.854007] kasan_save_track+0x18/0x40 [ 14.854144] kasan_save_alloc_info+0x3b/0x50 [ 14.854418] __kasan_kmalloc+0xb7/0xc0 [ 14.854615] __kmalloc_cache_noprof+0x189/0x420 [ 14.854886] kasan_bitops_generic+0x92/0x1c0 [ 14.855276] kunit_try_run_case+0x1a5/0x480 [ 14.855652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.855855] kthread+0x337/0x6f0 [ 14.855979] ret_from_fork+0x116/0x1d0 [ 14.856149] ret_from_fork_asm+0x1a/0x30 [ 14.856342] [ 14.856439] The buggy address belongs to the object at ffff888102781700 [ 14.856439] which belongs to the cache kmalloc-16 of size 16 [ 14.856991] The buggy address is located 8 bytes inside of [ 14.856991] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.857356] [ 14.857453] The buggy address belongs to the physical page: [ 14.857711] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.858081] flags: 0x200000000000000(node=0|zone=2) [ 14.858373] page_type: f5(slab) [ 14.858713] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.859023] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.859308] page dumped because: kasan: bad access detected [ 14.859843] [ 14.859939] Memory state around the buggy address: [ 14.860151] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.860490] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.860816] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.861042] ^ [ 14.861221] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.861634] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.861915] ================================================================== [ 14.777038] ================================================================== [ 14.777294] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.777965] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.778395] [ 14.778530] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.778577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.778587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.778609] Call Trace: [ 14.778625] <TASK> [ 14.778640] dump_stack_lvl+0x73/0xb0 [ 14.778669] print_report+0xd1/0x610 [ 14.778692] ? __virt_addr_valid+0x1db/0x2d0 [ 14.778716] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.778747] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.778783] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.778813] kasan_report+0x141/0x180 [ 14.778836] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.778870] kasan_check_range+0x10c/0x1c0 [ 14.778895] __kasan_check_write+0x18/0x20 [ 14.778916] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.778946] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.778979] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.779004] ? trace_hardirqs_on+0x37/0xe0 [ 14.779026] ? kasan_bitops_generic+0x92/0x1c0 [ 14.779055] kasan_bitops_generic+0x121/0x1c0 [ 14.779079] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.779105] ? __pfx_read_tsc+0x10/0x10 [ 14.779126] ? ktime_get_ts64+0x86/0x230 [ 14.779151] kunit_try_run_case+0x1a5/0x480 [ 14.779176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.779199] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.779223] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.779248] ? __kthread_parkme+0x82/0x180 [ 14.779270] ? preempt_count_sub+0x50/0x80 [ 14.779296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.779321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.779403] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.779431] kthread+0x337/0x6f0 [ 14.779461] ? trace_preempt_on+0x20/0xc0 [ 14.779485] ? __pfx_kthread+0x10/0x10 [ 14.779506] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.779529] ? calculate_sigpending+0x7b/0xa0 [ 14.779553] ? __pfx_kthread+0x10/0x10 [ 14.779575] ret_from_fork+0x116/0x1d0 [ 14.779594] ? __pfx_kthread+0x10/0x10 [ 14.779615] ret_from_fork_asm+0x1a/0x30 [ 14.779647] </TASK> [ 14.779656] [ 14.788691] Allocated by task 278: [ 14.788888] kasan_save_stack+0x45/0x70 [ 14.789039] kasan_save_track+0x18/0x40 [ 14.789232] kasan_save_alloc_info+0x3b/0x50 [ 14.789441] __kasan_kmalloc+0xb7/0xc0 [ 14.789800] __kmalloc_cache_noprof+0x189/0x420 [ 14.790039] kasan_bitops_generic+0x92/0x1c0 [ 14.790241] kunit_try_run_case+0x1a5/0x480 [ 14.790513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.790822] kthread+0x337/0x6f0 [ 14.790989] ret_from_fork+0x116/0x1d0 [ 14.791165] ret_from_fork_asm+0x1a/0x30 [ 14.791406] [ 14.791515] The buggy address belongs to the object at ffff888102781700 [ 14.791515] which belongs to the cache kmalloc-16 of size 16 [ 14.792011] The buggy address is located 8 bytes inside of [ 14.792011] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.792628] [ 14.792720] The buggy address belongs to the physical page: [ 14.792958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.793295] flags: 0x200000000000000(node=0|zone=2) [ 14.793653] page_type: f5(slab) [ 14.793846] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.794171] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.795838] page dumped because: kasan: bad access detected [ 14.796322] [ 14.796403] Memory state around the buggy address: [ 14.796564] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.796795] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.797014] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.797234] ^ [ 14.797359] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.797575] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.798520] ================================================================== [ 14.799679] ================================================================== [ 14.801001] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.801426] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.802134] [ 14.802324] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.802622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.802635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.802654] Call Trace: [ 14.802668] <TASK> [ 14.802683] dump_stack_lvl+0x73/0xb0 [ 14.802713] print_report+0xd1/0x610 [ 14.802734] ? __virt_addr_valid+0x1db/0x2d0 [ 14.802771] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.802802] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.802825] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.802856] kasan_report+0x141/0x180 [ 14.802879] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.802913] kasan_check_range+0x10c/0x1c0 [ 14.802939] __kasan_check_write+0x18/0x20 [ 14.802959] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.802990] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.803022] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.803047] ? trace_hardirqs_on+0x37/0xe0 [ 14.803069] ? kasan_bitops_generic+0x92/0x1c0 [ 14.803098] kasan_bitops_generic+0x121/0x1c0 [ 14.803121] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.803149] ? __pfx_read_tsc+0x10/0x10 [ 14.803171] ? ktime_get_ts64+0x86/0x230 [ 14.803194] kunit_try_run_case+0x1a5/0x480 [ 14.803220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.803243] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.803267] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.803292] ? __kthread_parkme+0x82/0x180 [ 14.803313] ? preempt_count_sub+0x50/0x80 [ 14.803424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.803450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.803476] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.803503] kthread+0x337/0x6f0 [ 14.803523] ? trace_preempt_on+0x20/0xc0 [ 14.803545] ? __pfx_kthread+0x10/0x10 [ 14.803567] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.803590] ? calculate_sigpending+0x7b/0xa0 [ 14.803613] ? __pfx_kthread+0x10/0x10 [ 14.803635] ret_from_fork+0x116/0x1d0 [ 14.803655] ? __pfx_kthread+0x10/0x10 [ 14.803676] ret_from_fork_asm+0x1a/0x30 [ 14.803707] </TASK> [ 14.803717] [ 14.813922] Allocated by task 278: [ 14.814113] kasan_save_stack+0x45/0x70 [ 14.814299] kasan_save_track+0x18/0x40 [ 14.814649] kasan_save_alloc_info+0x3b/0x50 [ 14.814882] __kasan_kmalloc+0xb7/0xc0 [ 14.815053] __kmalloc_cache_noprof+0x189/0x420 [ 14.815216] kasan_bitops_generic+0x92/0x1c0 [ 14.815426] kunit_try_run_case+0x1a5/0x480 [ 14.815788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.816012] kthread+0x337/0x6f0 [ 14.816134] ret_from_fork+0x116/0x1d0 [ 14.816285] ret_from_fork_asm+0x1a/0x30 [ 14.816487] [ 14.816588] The buggy address belongs to the object at ffff888102781700 [ 14.816588] which belongs to the cache kmalloc-16 of size 16 [ 14.817162] The buggy address is located 8 bytes inside of [ 14.817162] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.817589] [ 14.817746] The buggy address belongs to the physical page: [ 14.818018] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.818386] flags: 0x200000000000000(node=0|zone=2) [ 14.818593] page_type: f5(slab) [ 14.818729] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.819083] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.819384] page dumped because: kasan: bad access detected [ 14.819631] [ 14.819711] Memory state around the buggy address: [ 14.819939] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.820207] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.820488] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.820801] ^ [ 14.820924] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.821219] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.821431] ================================================================== [ 14.736123] ================================================================== [ 14.736367] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.736833] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.737314] [ 14.737445] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.737490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.737502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.737523] Call Trace: [ 14.737538] <TASK> [ 14.737552] dump_stack_lvl+0x73/0xb0 [ 14.737583] print_report+0xd1/0x610 [ 14.737606] ? __virt_addr_valid+0x1db/0x2d0 [ 14.737630] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.737660] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.737685] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.737716] kasan_report+0x141/0x180 [ 14.737739] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.737789] kasan_check_range+0x10c/0x1c0 [ 14.737815] __kasan_check_write+0x18/0x20 [ 14.737834] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.737866] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.737897] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.737923] ? trace_hardirqs_on+0x37/0xe0 [ 14.737945] ? kasan_bitops_generic+0x92/0x1c0 [ 14.737974] kasan_bitops_generic+0x121/0x1c0 [ 14.737999] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.738026] ? __pfx_read_tsc+0x10/0x10 [ 14.738048] ? ktime_get_ts64+0x86/0x230 [ 14.738073] kunit_try_run_case+0x1a5/0x480 [ 14.738100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.738125] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.738150] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.738175] ? __kthread_parkme+0x82/0x180 [ 14.738196] ? preempt_count_sub+0x50/0x80 [ 14.738221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.738247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.738274] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.738301] kthread+0x337/0x6f0 [ 14.738321] ? trace_preempt_on+0x20/0xc0 [ 14.738344] ? __pfx_kthread+0x10/0x10 [ 14.738366] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.738396] ? calculate_sigpending+0x7b/0xa0 [ 14.738421] ? __pfx_kthread+0x10/0x10 [ 14.738443] ret_from_fork+0x116/0x1d0 [ 14.738462] ? __pfx_kthread+0x10/0x10 [ 14.738484] ret_from_fork_asm+0x1a/0x30 [ 14.738517] </TASK> [ 14.738526] [ 14.746842] Allocated by task 278: [ 14.747027] kasan_save_stack+0x45/0x70 [ 14.747237] kasan_save_track+0x18/0x40 [ 14.747516] kasan_save_alloc_info+0x3b/0x50 [ 14.747697] __kasan_kmalloc+0xb7/0xc0 [ 14.747892] __kmalloc_cache_noprof+0x189/0x420 [ 14.748100] kasan_bitops_generic+0x92/0x1c0 [ 14.748284] kunit_try_run_case+0x1a5/0x480 [ 14.748432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.748709] kthread+0x337/0x6f0 [ 14.748889] ret_from_fork+0x116/0x1d0 [ 14.749062] ret_from_fork_asm+0x1a/0x30 [ 14.749228] [ 14.749320] The buggy address belongs to the object at ffff888102781700 [ 14.749320] which belongs to the cache kmalloc-16 of size 16 [ 14.749738] The buggy address is located 8 bytes inside of [ 14.749738] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.750279] [ 14.750359] The buggy address belongs to the physical page: [ 14.750612] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.750982] flags: 0x200000000000000(node=0|zone=2) [ 14.751188] page_type: f5(slab) [ 14.751336] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.751569] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.751807] page dumped because: kasan: bad access detected [ 14.751979] [ 14.752072] Memory state around the buggy address: [ 14.752293] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.753060] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.753751] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.753986] ^ [ 14.754109] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.754325] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.755016] ================================================================== [ 14.821827] ================================================================== [ 14.822599] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.823053] Write of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.823467] [ 14.823584] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.823627] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.823638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.823660] Call Trace: [ 14.823673] <TASK> [ 14.823687] dump_stack_lvl+0x73/0xb0 [ 14.823716] print_report+0xd1/0x610 [ 14.823738] ? __virt_addr_valid+0x1db/0x2d0 [ 14.823774] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.823804] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.823829] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.823859] kasan_report+0x141/0x180 [ 14.823881] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.823917] kasan_check_range+0x10c/0x1c0 [ 14.823941] __kasan_check_write+0x18/0x20 [ 14.823961] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.823992] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.824023] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.824049] ? trace_hardirqs_on+0x37/0xe0 [ 14.824071] ? kasan_bitops_generic+0x92/0x1c0 [ 14.824100] kasan_bitops_generic+0x121/0x1c0 [ 14.824123] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.824150] ? __pfx_read_tsc+0x10/0x10 [ 14.824172] ? ktime_get_ts64+0x86/0x230 [ 14.824195] kunit_try_run_case+0x1a5/0x480 [ 14.824220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.824244] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.824268] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.824293] ? __kthread_parkme+0x82/0x180 [ 14.824313] ? preempt_count_sub+0x50/0x80 [ 14.824338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.824363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.824389] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.824415] kthread+0x337/0x6f0 [ 14.824434] ? trace_preempt_on+0x20/0xc0 [ 14.824456] ? __pfx_kthread+0x10/0x10 [ 14.824477] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.824500] ? calculate_sigpending+0x7b/0xa0 [ 14.824524] ? __pfx_kthread+0x10/0x10 [ 14.824545] ret_from_fork+0x116/0x1d0 [ 14.824564] ? __pfx_kthread+0x10/0x10 [ 14.824586] ret_from_fork_asm+0x1a/0x30 [ 14.824616] </TASK> [ 14.824626] [ 14.832930] Allocated by task 278: [ 14.833111] kasan_save_stack+0x45/0x70 [ 14.833313] kasan_save_track+0x18/0x40 [ 14.833585] kasan_save_alloc_info+0x3b/0x50 [ 14.833810] __kasan_kmalloc+0xb7/0xc0 [ 14.834005] __kmalloc_cache_noprof+0x189/0x420 [ 14.834227] kasan_bitops_generic+0x92/0x1c0 [ 14.834432] kunit_try_run_case+0x1a5/0x480 [ 14.834810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.835029] kthread+0x337/0x6f0 [ 14.835152] ret_from_fork+0x116/0x1d0 [ 14.835285] ret_from_fork_asm+0x1a/0x30 [ 14.835424] [ 14.835496] The buggy address belongs to the object at ffff888102781700 [ 14.835496] which belongs to the cache kmalloc-16 of size 16 [ 14.836366] The buggy address is located 8 bytes inside of [ 14.836366] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.836960] [ 14.837036] The buggy address belongs to the physical page: [ 14.837207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.837768] flags: 0x200000000000000(node=0|zone=2) [ 14.838012] page_type: f5(slab) [ 14.838185] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.838536] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.838892] page dumped because: kasan: bad access detected [ 14.839406] [ 14.839525] Memory state around the buggy address: [ 14.839681] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.839941] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.840258] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.840637] ^ [ 14.840920] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.841145] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.841514] ================================================================== [ 14.862279] ================================================================== [ 14.862722] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.863322] Read of size 8 at addr ffff888102781708 by task kunit_try_catch/278 [ 14.863689] [ 14.863788] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.863833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.863855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.863877] Call Trace: [ 14.863893] <TASK> [ 14.863907] dump_stack_lvl+0x73/0xb0 [ 14.863936] print_report+0xd1/0x610 [ 14.863958] ? __virt_addr_valid+0x1db/0x2d0 [ 14.863981] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.864012] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.864036] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.864067] kasan_report+0x141/0x180 [ 14.864089] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.864124] kasan_check_range+0x10c/0x1c0 [ 14.864148] __kasan_check_read+0x15/0x20 [ 14.864168] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.864198] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.864230] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.864255] ? trace_hardirqs_on+0x37/0xe0 [ 14.864278] ? kasan_bitops_generic+0x92/0x1c0 [ 14.864306] kasan_bitops_generic+0x121/0x1c0 [ 14.864331] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.864359] ? __pfx_read_tsc+0x10/0x10 [ 14.864381] ? ktime_get_ts64+0x86/0x230 [ 14.864404] kunit_try_run_case+0x1a5/0x480 [ 14.864432] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.864626] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.864658] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.864683] ? __kthread_parkme+0x82/0x180 [ 14.864705] ? preempt_count_sub+0x50/0x80 [ 14.864730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.864767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.864794] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.864821] kthread+0x337/0x6f0 [ 14.864841] ? trace_preempt_on+0x20/0xc0 [ 14.864864] ? __pfx_kthread+0x10/0x10 [ 14.864885] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.864907] ? calculate_sigpending+0x7b/0xa0 [ 14.864932] ? __pfx_kthread+0x10/0x10 [ 14.864954] ret_from_fork+0x116/0x1d0 [ 14.864974] ? __pfx_kthread+0x10/0x10 [ 14.864995] ret_from_fork_asm+0x1a/0x30 [ 14.865027] </TASK> [ 14.865036] [ 14.874581] Allocated by task 278: [ 14.874836] kasan_save_stack+0x45/0x70 [ 14.875009] kasan_save_track+0x18/0x40 [ 14.875205] kasan_save_alloc_info+0x3b/0x50 [ 14.875454] __kasan_kmalloc+0xb7/0xc0 [ 14.875638] __kmalloc_cache_noprof+0x189/0x420 [ 14.875867] kasan_bitops_generic+0x92/0x1c0 [ 14.876043] kunit_try_run_case+0x1a5/0x480 [ 14.876246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.876625] kthread+0x337/0x6f0 [ 14.876792] ret_from_fork+0x116/0x1d0 [ 14.876995] ret_from_fork_asm+0x1a/0x30 [ 14.877156] [ 14.877226] The buggy address belongs to the object at ffff888102781700 [ 14.877226] which belongs to the cache kmalloc-16 of size 16 [ 14.877577] The buggy address is located 8 bytes inside of [ 14.877577] allocated 9-byte region [ffff888102781700, ffff888102781709) [ 14.878131] [ 14.878225] The buggy address belongs to the physical page: [ 14.878480] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102781 [ 14.879201] flags: 0x200000000000000(node=0|zone=2) [ 14.879411] page_type: f5(slab) [ 14.879536] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.879786] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.880224] page dumped because: kasan: bad access detected [ 14.880830] [ 14.880939] Memory state around the buggy address: [ 14.881128] ffff888102781600: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.881345] ffff888102781680: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.881805] >ffff888102781700: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.882400] ^ [ 14.882625] ffff888102781780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.883338] ffff888102781800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.883611] ==================================================================