Date
July 18, 2025, 11:11 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 17.729773] ================================================================== [ 17.729826] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 17.729881] Read of size 8 at addr fff00000c58925e8 by task kunit_try_catch/261 [ 17.729934] [ 17.730291] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.730691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.730748] Hardware name: linux,dummy-virt (DT) [ 17.730782] Call trace: [ 17.730826] show_stack+0x20/0x38 (C) [ 17.730966] dump_stack_lvl+0x8c/0xd0 [ 17.731044] print_report+0x118/0x5d0 [ 17.731097] kasan_report+0xdc/0x128 [ 17.731479] __asan_report_load8_noabort+0x20/0x30 [ 17.731559] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 17.731624] kasan_bitops_generic+0x110/0x1c8 [ 17.731952] kunit_try_run_case+0x170/0x3f0 [ 17.732039] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.732115] kthread+0x328/0x630 [ 17.732178] ret_from_fork+0x10/0x20 [ 17.732375] [ 17.732503] Allocated by task 261: [ 17.732547] kasan_save_stack+0x3c/0x68 [ 17.732739] kasan_save_track+0x20/0x40 [ 17.732844] kasan_save_alloc_info+0x40/0x58 [ 17.732959] __kasan_kmalloc+0xd4/0xd8 [ 17.733015] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.733058] kasan_bitops_generic+0xa0/0x1c8 [ 17.733098] kunit_try_run_case+0x170/0x3f0 [ 17.733140] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.733441] kthread+0x328/0x630 [ 17.733689] ret_from_fork+0x10/0x20 [ 17.733776] [ 17.733885] The buggy address belongs to the object at fff00000c58925e0 [ 17.733885] which belongs to the cache kmalloc-16 of size 16 [ 17.734040] The buggy address is located 8 bytes inside of [ 17.734040] allocated 9-byte region [fff00000c58925e0, fff00000c58925e9) [ 17.734107] [ 17.734428] The buggy address belongs to the physical page: [ 17.734506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105892 [ 17.734731] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.734871] page_type: f5(slab) [ 17.734951] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.735940] >fff00000c5892580: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 17.736554] fff00000c5892680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.738858] Call trace: [ 17.739650] kasan_check_range+0x100/0x1a8 [ 17.740419] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.741192] kasan_save_stack+0x3c/0x68 [ 17.741916] kasan_bitops_generic+0xa0/0x1c8 [ 17.743098] [ 17.743506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105892 [ 17.745372] fff00000c5892500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.745607] fff00000c5892600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.747921] Write of size 8 at addr fff00000c58925e8 by task kunit_try_catch/261 [ 17.748787] dump_stack_lvl+0x8c/0xd0 [ 17.748981] kasan_check_range+0x100/0x1a8 [ 17.750047] ret_from_fork+0x10/0x20 [ 17.752387] [ 17.753061] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.754683] fff00000c5892600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.756501] ================================================================== [ 17.715234] ================================================================== [ 17.715322] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 17.715787] Read of size 8 at addr fff00000c58925e8 by task kunit_try_catch/261 [ 17.715871] [ 17.715914] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.716085] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.716119] Hardware name: linux,dummy-virt (DT) [ 17.716178] Call trace: [ 17.716203] show_stack+0x20/0x38 (C) [ 17.716546] dump_stack_lvl+0x8c/0xd0 [ 17.716705] print_report+0x118/0x5d0 [ 17.716757] kasan_report+0xdc/0x128 [ 17.716851] __asan_report_load8_noabort+0x20/0x30 [ 17.716906] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 17.717058] kasan_bitops_generic+0x110/0x1c8 [ 17.717133] kunit_try_run_case+0x170/0x3f0 [ 17.717184] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.717253] kthread+0x328/0x630 [ 17.717478] ret_from_fork+0x10/0x20 [ 17.717930] [ 17.717962] Allocated by task 261: [ 17.718008] kasan_save_stack+0x3c/0x68 [ 17.718154] kasan_save_track+0x20/0x40 [ 17.718788] kasan_save_alloc_info+0x40/0x58 [ 17.718970] __kasan_kmalloc+0xd4/0xd8 [ 17.719112] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.719788] kasan_bitops_generic+0xa0/0x1c8 [ 17.720076] kunit_try_run_case+0x170/0x3f0 [ 17.720154] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.720231] kthread+0x328/0x630 [ 17.720414] ret_from_fork+0x10/0x20 [ 17.720509] [ 17.720566] The buggy address belongs to the object at fff00000c58925e0 [ 17.720566] which belongs to the cache kmalloc-16 of size 16 [ 17.720907] The buggy address is located 8 bytes inside of [ 17.720907] allocated 9-byte region [fff00000c58925e0, fff00000c58925e9) [ 17.721168] [ 17.721196] The buggy address belongs to the physical page: [ 17.721407] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105892 [ 17.721723] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.721893] page_type: f5(slab) [ 17.721958] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.722032] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.722085] page dumped because: kasan: bad access detected [ 17.722120] [ 17.722140] Memory state around the buggy address: [ 17.722175] fff00000c5892480: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 17.722558] fff00000c5892500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.722681] >fff00000c5892580: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 17.722754] ^ [ 17.722812] fff00000c5892600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.723199] fff00000c5892680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.723376] ================================================================== [ 17.725343] ================================================================== [ 17.725404] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 17.725456] Write of size 8 at addr fff00000c58925e8 by task kunit_try_catch/261 [ 17.725516] [ 17.725549] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.726031] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.726070] Hardware name: linux,dummy-virt (DT) [ 17.726112] Call trace: [ 17.726140] show_stack+0x20/0x38 (C) [ 17.726240] dump_stack_lvl+0x8c/0xd0 [ 17.726291] print_report+0x118/0x5d0 [ 17.726361] kasan_report+0xdc/0x128 [ 17.726409] kasan_check_range+0x100/0x1a8 [ 17.726460] __kasan_check_write+0x20/0x30 [ 17.726507] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 17.726571] kasan_bitops_generic+0x110/0x1c8 [ 17.726638] kunit_try_run_case+0x170/0x3f0 [ 17.726688] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.726744] kthread+0x328/0x630 [ 17.726786] ret_from_fork+0x10/0x20 [ 17.726843] [ 17.726874] Allocated by task 261: [ 17.726914] kasan_save_stack+0x3c/0x68 [ 17.726960] kasan_save_track+0x20/0x40 [ 17.727001] kasan_save_alloc_info+0x40/0x58 [ 17.727054] __kasan_kmalloc+0xd4/0xd8 [ 17.727102] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.727145] kasan_bitops_generic+0xa0/0x1c8 [ 17.727186] kunit_try_run_case+0x170/0x3f0 [ 17.727225] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.727278] kthread+0x328/0x630 [ 17.727313] ret_from_fork+0x10/0x20 [ 17.727359] [ 17.727396] The buggy address belongs to the object at fff00000c58925e0 [ 17.727396] which belongs to the cache kmalloc-16 of size 16 [ 17.727486] The buggy address is located 8 bytes inside of [ 17.727486] allocated 9-byte region [fff00000c58925e0, fff00000c58925e9) [ 17.727549] [ 17.727570] The buggy address belongs to the physical page: [ 17.727622] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105892 [ 17.727685] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.727742] page_type: f5(slab) [ 17.727786] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.727840] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.727899] page dumped because: kasan: bad access detected [ 17.727933] [ 17.727954] Memory state around the buggy address: [ 17.728009] fff00000c5892480: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 17.728055] fff00000c5892500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.728107] >fff00000c5892580: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 17.728149] ^ [ 17.728190] fff00000c5892600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.728247] fff00000c5892680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.728288] ================================================================== [ 17.706780] ================================================================== [ 17.706947] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 17.707043] Write of size 8 at addr fff00000c58925e8 by task kunit_try_catch/261 [ 17.707146] [ 17.707213] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.707301] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.707413] Hardware name: linux,dummy-virt (DT) [ 17.707450] Call trace: [ 17.707477] show_stack+0x20/0x38 (C) [ 17.707779] dump_stack_lvl+0x8c/0xd0 [ 17.707863] print_report+0x118/0x5d0 [ 17.707921] kasan_report+0xdc/0x128 [ 17.707979] kasan_check_range+0x100/0x1a8 [ 17.708036] __kasan_check_write+0x20/0x30 [ 17.708085] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 17.708140] kasan_bitops_generic+0x110/0x1c8 [ 17.708191] kunit_try_run_case+0x170/0x3f0 [ 17.708241] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.708297] kthread+0x328/0x630 [ 17.708352] ret_from_fork+0x10/0x20 [ 17.708441] [ 17.708475] Allocated by task 261: [ 17.708520] kasan_save_stack+0x3c/0x68 [ 17.708573] kasan_save_track+0x20/0x40 [ 17.708627] kasan_save_alloc_info+0x40/0x58 [ 17.708678] __kasan_kmalloc+0xd4/0xd8 [ 17.708717] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.708759] kasan_bitops_generic+0xa0/0x1c8 [ 17.708798] kunit_try_run_case+0x170/0x3f0 [ 17.708839] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.708892] kthread+0x328/0x630 [ 17.708932] ret_from_fork+0x10/0x20 [ 17.708969] [ 17.708992] The buggy address belongs to the object at fff00000c58925e0 [ 17.708992] which belongs to the cache kmalloc-16 of size 16 [ 17.709052] The buggy address is located 8 bytes inside of [ 17.709052] allocated 9-byte region [fff00000c58925e0, fff00000c58925e9) [ 17.709116] [ 17.709149] The buggy address belongs to the physical page: [ 17.709193] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105892 [ 17.709249] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.709554] page_type: f5(slab) [ 17.709681] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.710147] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.710230] page dumped because: kasan: bad access detected [ 17.710449] [ 17.710488] Memory state around the buggy address: [ 17.710671] fff00000c5892480: 00 02 fc fc 00 02 fc fc 00 05 fc fc fa fb fc fc [ 17.710988] fff00000c5892500: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.711234] >fff00000c5892580: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 17.711517] ^ [ 17.711596] fff00000c5892600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.711700] fff00000c5892680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.711817] ==================================================================
[ 14.385153] ================================================================== [ 14.385541] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.385915] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.386665] [ 14.386782] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.386825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.386836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.386857] Call Trace: [ 14.386870] <TASK> [ 14.386883] dump_stack_lvl+0x73/0xb0 [ 14.386911] print_report+0xd1/0x610 [ 14.386932] ? __virt_addr_valid+0x1db/0x2d0 [ 14.386991] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.387018] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.387041] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.387327] kasan_report+0x141/0x180 [ 14.387356] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.387388] kasan_check_range+0x10c/0x1c0 [ 14.387411] __kasan_check_write+0x18/0x20 [ 14.387430] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.387457] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.387484] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.387508] ? trace_hardirqs_on+0x37/0xe0 [ 14.387529] ? kasan_bitops_generic+0x92/0x1c0 [ 14.387557] kasan_bitops_generic+0x116/0x1c0 [ 14.387580] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.387606] ? __pfx_read_tsc+0x10/0x10 [ 14.387626] ? ktime_get_ts64+0x86/0x230 [ 14.387648] kunit_try_run_case+0x1a5/0x480 [ 14.387672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.387695] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.387717] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.387741] ? __kthread_parkme+0x82/0x180 [ 14.387760] ? preempt_count_sub+0x50/0x80 [ 14.387783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.387807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.387830] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.387854] kthread+0x337/0x6f0 [ 14.387873] ? trace_preempt_on+0x20/0xc0 [ 14.387894] ? __pfx_kthread+0x10/0x10 [ 14.387913] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.387935] ? calculate_sigpending+0x7b/0xa0 [ 14.387958] ? __pfx_kthread+0x10/0x10 [ 14.387979] ret_from_fork+0x116/0x1d0 [ 14.387997] ? __pfx_kthread+0x10/0x10 [ 14.388100] ret_from_fork_asm+0x1a/0x30 [ 14.388133] </TASK> [ 14.388143] [ 14.397814] Allocated by task 280: [ 14.397999] kasan_save_stack+0x45/0x70 [ 14.398284] kasan_save_track+0x18/0x40 [ 14.398570] kasan_save_alloc_info+0x3b/0x50 [ 14.398804] __kasan_kmalloc+0xb7/0xc0 [ 14.399007] __kmalloc_cache_noprof+0x189/0x420 [ 14.399215] kasan_bitops_generic+0x92/0x1c0 [ 14.399646] kunit_try_run_case+0x1a5/0x480 [ 14.399854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.400221] kthread+0x337/0x6f0 [ 14.400435] ret_from_fork+0x116/0x1d0 [ 14.400674] ret_from_fork_asm+0x1a/0x30 [ 14.400869] [ 14.400947] The buggy address belongs to the object at ffff8881025c7500 [ 14.400947] which belongs to the cache kmalloc-16 of size 16 [ 14.401816] The buggy address is located 8 bytes inside of [ 14.401816] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.402202] [ 14.402274] The buggy address belongs to the physical page: [ 14.402676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.403068] flags: 0x200000000000000(node=0|zone=2) [ 14.403354] page_type: f5(slab) [ 14.403523] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.403882] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.404209] page dumped because: kasan: bad access detected [ 14.404469] [ 14.404576] Memory state around the buggy address: [ 14.404860] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.405282] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.405690] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.406570] ^ [ 14.406784] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.407217] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.407675] ================================================================== [ 14.317922] ================================================================== [ 14.318657] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.319164] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.319557] [ 14.319684] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.319727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.319739] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.319760] Call Trace: [ 14.319774] <TASK> [ 14.319786] dump_stack_lvl+0x73/0xb0 [ 14.319814] print_report+0xd1/0x610 [ 14.319835] ? __virt_addr_valid+0x1db/0x2d0 [ 14.319858] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.319883] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.319906] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.319932] kasan_report+0x141/0x180 [ 14.319954] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.319985] kasan_check_range+0x10c/0x1c0 [ 14.320008] __kasan_check_write+0x18/0x20 [ 14.320100] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.320127] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.320154] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.320177] ? trace_hardirqs_on+0x37/0xe0 [ 14.320199] ? kasan_bitops_generic+0x92/0x1c0 [ 14.320226] kasan_bitops_generic+0x116/0x1c0 [ 14.320250] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.320346] ? __pfx_read_tsc+0x10/0x10 [ 14.320367] ? ktime_get_ts64+0x86/0x230 [ 14.320414] kunit_try_run_case+0x1a5/0x480 [ 14.320461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.320484] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.320531] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.320577] ? __kthread_parkme+0x82/0x180 [ 14.320598] ? preempt_count_sub+0x50/0x80 [ 14.320622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.320645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.320669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.320695] kthread+0x337/0x6f0 [ 14.320713] ? trace_preempt_on+0x20/0xc0 [ 14.320735] ? __pfx_kthread+0x10/0x10 [ 14.320754] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.320775] ? calculate_sigpending+0x7b/0xa0 [ 14.320798] ? __pfx_kthread+0x10/0x10 [ 14.320819] ret_from_fork+0x116/0x1d0 [ 14.320837] ? __pfx_kthread+0x10/0x10 [ 14.320857] ret_from_fork_asm+0x1a/0x30 [ 14.320886] </TASK> [ 14.320896] [ 14.330467] Allocated by task 280: [ 14.330673] kasan_save_stack+0x45/0x70 [ 14.330875] kasan_save_track+0x18/0x40 [ 14.331099] kasan_save_alloc_info+0x3b/0x50 [ 14.331387] __kasan_kmalloc+0xb7/0xc0 [ 14.331603] __kmalloc_cache_noprof+0x189/0x420 [ 14.331841] kasan_bitops_generic+0x92/0x1c0 [ 14.332124] kunit_try_run_case+0x1a5/0x480 [ 14.332356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.332613] kthread+0x337/0x6f0 [ 14.332814] ret_from_fork+0x116/0x1d0 [ 14.333037] ret_from_fork_asm+0x1a/0x30 [ 14.333489] [ 14.333568] The buggy address belongs to the object at ffff8881025c7500 [ 14.333568] which belongs to the cache kmalloc-16 of size 16 [ 14.334392] The buggy address is located 8 bytes inside of [ 14.334392] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.334740] [ 14.334809] The buggy address belongs to the physical page: [ 14.334998] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.335427] flags: 0x200000000000000(node=0|zone=2) [ 14.335920] page_type: f5(slab) [ 14.336192] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.336546] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.336765] page dumped because: kasan: bad access detected [ 14.336930] [ 14.337012] Memory state around the buggy address: [ 14.337329] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.338001] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.338602] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.338816] ^ [ 14.338992] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.339385] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.339598] ================================================================== [ 14.208378] ================================================================== [ 14.208966] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.209981] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.210841] [ 14.211089] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.211148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.211160] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.211181] Call Trace: [ 14.211194] <TASK> [ 14.211210] dump_stack_lvl+0x73/0xb0 [ 14.211240] print_report+0xd1/0x610 [ 14.211262] ? __virt_addr_valid+0x1db/0x2d0 [ 14.211284] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.211321] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.211343] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.211369] kasan_report+0x141/0x180 [ 14.211390] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.211420] kasan_check_range+0x10c/0x1c0 [ 14.211444] __kasan_check_write+0x18/0x20 [ 14.211515] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.211544] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.211571] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.211607] ? trace_hardirqs_on+0x37/0xe0 [ 14.211630] ? kasan_bitops_generic+0x92/0x1c0 [ 14.211657] kasan_bitops_generic+0x116/0x1c0 [ 14.211680] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.211705] ? __pfx_read_tsc+0x10/0x10 [ 14.211726] ? ktime_get_ts64+0x86/0x230 [ 14.211750] kunit_try_run_case+0x1a5/0x480 [ 14.211776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.211798] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.211822] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.211846] ? __kthread_parkme+0x82/0x180 [ 14.211867] ? preempt_count_sub+0x50/0x80 [ 14.211890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.211914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.211937] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.211961] kthread+0x337/0x6f0 [ 14.211980] ? trace_preempt_on+0x20/0xc0 [ 14.212018] ? __pfx_kthread+0x10/0x10 [ 14.212038] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.212059] ? calculate_sigpending+0x7b/0xa0 [ 14.212082] ? __pfx_kthread+0x10/0x10 [ 14.212102] ret_from_fork+0x116/0x1d0 [ 14.212121] ? __pfx_kthread+0x10/0x10 [ 14.212140] ret_from_fork_asm+0x1a/0x30 [ 14.212170] </TASK> [ 14.212180] [ 14.227693] Allocated by task 280: [ 14.228164] kasan_save_stack+0x45/0x70 [ 14.228528] kasan_save_track+0x18/0x40 [ 14.228766] kasan_save_alloc_info+0x3b/0x50 [ 14.229174] __kasan_kmalloc+0xb7/0xc0 [ 14.229332] __kmalloc_cache_noprof+0x189/0x420 [ 14.229500] kasan_bitops_generic+0x92/0x1c0 [ 14.229938] kunit_try_run_case+0x1a5/0x480 [ 14.230440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.231074] kthread+0x337/0x6f0 [ 14.231607] ret_from_fork+0x116/0x1d0 [ 14.231810] ret_from_fork_asm+0x1a/0x30 [ 14.231953] [ 14.232091] The buggy address belongs to the object at ffff8881025c7500 [ 14.232091] which belongs to the cache kmalloc-16 of size 16 [ 14.233306] The buggy address is located 8 bytes inside of [ 14.233306] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.233975] [ 14.234104] The buggy address belongs to the physical page: [ 14.234700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.235493] flags: 0x200000000000000(node=0|zone=2) [ 14.235860] page_type: f5(slab) [ 14.235988] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.236937] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.237602] page dumped because: kasan: bad access detected [ 14.237781] [ 14.237851] Memory state around the buggy address: [ 14.238009] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.238227] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.238507] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.238847] ^ [ 14.239130] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.239488] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.239751] ================================================================== [ 14.340155] ================================================================== [ 14.340683] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.341190] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.341615] [ 14.341752] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.341795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.341806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.341826] Call Trace: [ 14.341841] <TASK> [ 14.341855] dump_stack_lvl+0x73/0xb0 [ 14.341920] print_report+0xd1/0x610 [ 14.341942] ? __virt_addr_valid+0x1db/0x2d0 [ 14.341964] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.341990] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.342013] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.342040] kasan_report+0x141/0x180 [ 14.342135] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.342169] kasan_check_range+0x10c/0x1c0 [ 14.342193] __kasan_check_write+0x18/0x20 [ 14.342248] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.342275] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.342315] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.342340] ? trace_hardirqs_on+0x37/0xe0 [ 14.342361] ? kasan_bitops_generic+0x92/0x1c0 [ 14.342423] kasan_bitops_generic+0x116/0x1c0 [ 14.342447] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.342472] ? __pfx_read_tsc+0x10/0x10 [ 14.342492] ? ktime_get_ts64+0x86/0x230 [ 14.342515] kunit_try_run_case+0x1a5/0x480 [ 14.342539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.342584] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.342608] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.342631] ? __kthread_parkme+0x82/0x180 [ 14.342662] ? preempt_count_sub+0x50/0x80 [ 14.342684] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.342740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.342764] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.342789] kthread+0x337/0x6f0 [ 14.342808] ? trace_preempt_on+0x20/0xc0 [ 14.342830] ? __pfx_kthread+0x10/0x10 [ 14.342850] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.342896] ? calculate_sigpending+0x7b/0xa0 [ 14.342920] ? __pfx_kthread+0x10/0x10 [ 14.342940] ret_from_fork+0x116/0x1d0 [ 14.342959] ? __pfx_kthread+0x10/0x10 [ 14.342978] ret_from_fork_asm+0x1a/0x30 [ 14.343007] </TASK> [ 14.343017] [ 14.353005] Allocated by task 280: [ 14.353167] kasan_save_stack+0x45/0x70 [ 14.353324] kasan_save_track+0x18/0x40 [ 14.353570] kasan_save_alloc_info+0x3b/0x50 [ 14.353735] __kasan_kmalloc+0xb7/0xc0 [ 14.353891] __kmalloc_cache_noprof+0x189/0x420 [ 14.354182] kasan_bitops_generic+0x92/0x1c0 [ 14.354498] kunit_try_run_case+0x1a5/0x480 [ 14.354680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.354856] kthread+0x337/0x6f0 [ 14.354977] ret_from_fork+0x116/0x1d0 [ 14.355262] ret_from_fork_asm+0x1a/0x30 [ 14.355479] [ 14.355573] The buggy address belongs to the object at ffff8881025c7500 [ 14.355573] which belongs to the cache kmalloc-16 of size 16 [ 14.356408] The buggy address is located 8 bytes inside of [ 14.356408] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.356821] [ 14.356893] The buggy address belongs to the physical page: [ 14.357066] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.357716] flags: 0x200000000000000(node=0|zone=2) [ 14.358016] page_type: f5(slab) [ 14.358349] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.358770] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.359008] page dumped because: kasan: bad access detected [ 14.359294] [ 14.359398] Memory state around the buggy address: [ 14.359853] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.360350] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.360718] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.361182] ^ [ 14.361534] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.361865] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.362343] ================================================================== [ 14.240885] ================================================================== [ 14.241234] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.241894] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.242424] [ 14.242587] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.242665] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.242678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.242698] Call Trace: [ 14.242710] <TASK> [ 14.242724] dump_stack_lvl+0x73/0xb0 [ 14.242753] print_report+0xd1/0x610 [ 14.242774] ? __virt_addr_valid+0x1db/0x2d0 [ 14.242826] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.242853] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.242876] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.242903] kasan_report+0x141/0x180 [ 14.242924] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.242955] kasan_check_range+0x10c/0x1c0 [ 14.242978] __kasan_check_write+0x18/0x20 [ 14.242997] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.243076] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.243105] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.243130] ? trace_hardirqs_on+0x37/0xe0 [ 14.243151] ? kasan_bitops_generic+0x92/0x1c0 [ 14.243178] kasan_bitops_generic+0x116/0x1c0 [ 14.243201] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.243226] ? __pfx_read_tsc+0x10/0x10 [ 14.243247] ? ktime_get_ts64+0x86/0x230 [ 14.243270] kunit_try_run_case+0x1a5/0x480 [ 14.243294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.243330] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.243354] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.243378] ? __kthread_parkme+0x82/0x180 [ 14.243398] ? preempt_count_sub+0x50/0x80 [ 14.243423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.243447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.243470] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.243509] kthread+0x337/0x6f0 [ 14.243528] ? trace_preempt_on+0x20/0xc0 [ 14.243550] ? __pfx_kthread+0x10/0x10 [ 14.243570] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.243592] ? calculate_sigpending+0x7b/0xa0 [ 14.243618] ? __pfx_kthread+0x10/0x10 [ 14.243639] ret_from_fork+0x116/0x1d0 [ 14.243658] ? __pfx_kthread+0x10/0x10 [ 14.243678] ret_from_fork_asm+0x1a/0x30 [ 14.243707] </TASK> [ 14.243717] [ 14.258750] Allocated by task 280: [ 14.259027] kasan_save_stack+0x45/0x70 [ 14.259289] kasan_save_track+0x18/0x40 [ 14.259780] kasan_save_alloc_info+0x3b/0x50 [ 14.260038] __kasan_kmalloc+0xb7/0xc0 [ 14.260648] __kmalloc_cache_noprof+0x189/0x420 [ 14.261003] kasan_bitops_generic+0x92/0x1c0 [ 14.261379] kunit_try_run_case+0x1a5/0x480 [ 14.261680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.262278] kthread+0x337/0x6f0 [ 14.262497] ret_from_fork+0x116/0x1d0 [ 14.262718] ret_from_fork_asm+0x1a/0x30 [ 14.263010] [ 14.263170] The buggy address belongs to the object at ffff8881025c7500 [ 14.263170] which belongs to the cache kmalloc-16 of size 16 [ 14.263897] The buggy address is located 8 bytes inside of [ 14.263897] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.264922] [ 14.265119] The buggy address belongs to the physical page: [ 14.265858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.266328] flags: 0x200000000000000(node=0|zone=2) [ 14.266533] page_type: f5(slab) [ 14.266881] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.267691] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.268209] page dumped because: kasan: bad access detected [ 14.268405] [ 14.268498] Memory state around the buggy address: [ 14.268811] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.269143] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.269486] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.269805] ^ [ 14.269952] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.270257] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.270683] ================================================================== [ 14.362857] ================================================================== [ 14.363287] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.363707] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.363968] [ 14.364078] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.364121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.364133] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.364153] Call Trace: [ 14.364168] <TASK> [ 14.364183] dump_stack_lvl+0x73/0xb0 [ 14.364210] print_report+0xd1/0x610 [ 14.364231] ? __virt_addr_valid+0x1db/0x2d0 [ 14.364253] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.364279] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.364317] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.364344] kasan_report+0x141/0x180 [ 14.364366] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.364398] kasan_check_range+0x10c/0x1c0 [ 14.364422] __kasan_check_write+0x18/0x20 [ 14.364441] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.364466] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.364588] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.364612] ? trace_hardirqs_on+0x37/0xe0 [ 14.364635] ? kasan_bitops_generic+0x92/0x1c0 [ 14.364663] kasan_bitops_generic+0x116/0x1c0 [ 14.364686] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.364711] ? __pfx_read_tsc+0x10/0x10 [ 14.364731] ? ktime_get_ts64+0x86/0x230 [ 14.364754] kunit_try_run_case+0x1a5/0x480 [ 14.364778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.364800] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.364823] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.364847] ? __kthread_parkme+0x82/0x180 [ 14.364867] ? preempt_count_sub+0x50/0x80 [ 14.364891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.364914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.364960] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.364984] kthread+0x337/0x6f0 [ 14.365003] ? trace_preempt_on+0x20/0xc0 [ 14.365055] ? __pfx_kthread+0x10/0x10 [ 14.365113] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.365160] ? calculate_sigpending+0x7b/0xa0 [ 14.365207] ? __pfx_kthread+0x10/0x10 [ 14.365251] ret_from_fork+0x116/0x1d0 [ 14.365271] ? __pfx_kthread+0x10/0x10 [ 14.365290] ret_from_fork_asm+0x1a/0x30 [ 14.365358] </TASK> [ 14.365391] [ 14.375371] Allocated by task 280: [ 14.375499] kasan_save_stack+0x45/0x70 [ 14.375642] kasan_save_track+0x18/0x40 [ 14.375837] kasan_save_alloc_info+0x3b/0x50 [ 14.376119] __kasan_kmalloc+0xb7/0xc0 [ 14.376399] __kmalloc_cache_noprof+0x189/0x420 [ 14.376708] kasan_bitops_generic+0x92/0x1c0 [ 14.376919] kunit_try_run_case+0x1a5/0x480 [ 14.377248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.377535] kthread+0x337/0x6f0 [ 14.377716] ret_from_fork+0x116/0x1d0 [ 14.377928] ret_from_fork_asm+0x1a/0x30 [ 14.378230] [ 14.378345] The buggy address belongs to the object at ffff8881025c7500 [ 14.378345] which belongs to the cache kmalloc-16 of size 16 [ 14.379016] The buggy address is located 8 bytes inside of [ 14.379016] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.379786] [ 14.379923] The buggy address belongs to the physical page: [ 14.380236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.380602] flags: 0x200000000000000(node=0|zone=2) [ 14.380881] page_type: f5(slab) [ 14.381099] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.381489] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.381814] page dumped because: kasan: bad access detected [ 14.382157] [ 14.382240] Memory state around the buggy address: [ 14.382490] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.382737] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.382952] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.383813] ^ [ 14.384022] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.384291] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.384513] ================================================================== [ 14.271705] ================================================================== [ 14.272056] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.272567] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.272905] [ 14.273109] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.273156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.273193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.273236] Call Trace: [ 14.273274] <TASK> [ 14.273289] dump_stack_lvl+0x73/0xb0 [ 14.273333] print_report+0xd1/0x610 [ 14.273355] ? __virt_addr_valid+0x1db/0x2d0 [ 14.273377] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.273403] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.273426] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.273453] kasan_report+0x141/0x180 [ 14.273474] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.273505] kasan_check_range+0x10c/0x1c0 [ 14.273528] __kasan_check_write+0x18/0x20 [ 14.273547] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.273585] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.273612] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.273637] ? trace_hardirqs_on+0x37/0xe0 [ 14.273658] ? kasan_bitops_generic+0x92/0x1c0 [ 14.273685] kasan_bitops_generic+0x116/0x1c0 [ 14.273708] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.273733] ? __pfx_read_tsc+0x10/0x10 [ 14.273754] ? ktime_get_ts64+0x86/0x230 [ 14.273778] kunit_try_run_case+0x1a5/0x480 [ 14.273802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.273824] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.273848] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.273872] ? __kthread_parkme+0x82/0x180 [ 14.273892] ? preempt_count_sub+0x50/0x80 [ 14.273916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.273939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.273963] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.273988] kthread+0x337/0x6f0 [ 14.274007] ? trace_preempt_on+0x20/0xc0 [ 14.274046] ? __pfx_kthread+0x10/0x10 [ 14.274066] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.274087] ? calculate_sigpending+0x7b/0xa0 [ 14.274111] ? __pfx_kthread+0x10/0x10 [ 14.274132] ret_from_fork+0x116/0x1d0 [ 14.274151] ? __pfx_kthread+0x10/0x10 [ 14.274171] ret_from_fork_asm+0x1a/0x30 [ 14.274201] </TASK> [ 14.274211] [ 14.284484] Allocated by task 280: [ 14.284727] kasan_save_stack+0x45/0x70 [ 14.284935] kasan_save_track+0x18/0x40 [ 14.285361] kasan_save_alloc_info+0x3b/0x50 [ 14.285580] __kasan_kmalloc+0xb7/0xc0 [ 14.285880] __kmalloc_cache_noprof+0x189/0x420 [ 14.286099] kasan_bitops_generic+0x92/0x1c0 [ 14.286356] kunit_try_run_case+0x1a5/0x480 [ 14.286505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.287090] kthread+0x337/0x6f0 [ 14.287533] ret_from_fork+0x116/0x1d0 [ 14.287733] ret_from_fork_asm+0x1a/0x30 [ 14.287904] [ 14.287976] The buggy address belongs to the object at ffff8881025c7500 [ 14.287976] which belongs to the cache kmalloc-16 of size 16 [ 14.288466] The buggy address is located 8 bytes inside of [ 14.288466] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.289334] [ 14.289420] The buggy address belongs to the physical page: [ 14.289748] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.290112] flags: 0x200000000000000(node=0|zone=2) [ 14.290422] page_type: f5(slab) [ 14.290706] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.291042] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.291480] page dumped because: kasan: bad access detected [ 14.291750] [ 14.291835] Memory state around the buggy address: [ 14.292271] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.292636] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.292893] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.293429] ^ [ 14.293602] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.293948] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.294490] ================================================================== [ 14.294949] ================================================================== [ 14.295400] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.295792] Write of size 8 at addr ffff8881025c7508 by task kunit_try_catch/280 [ 14.296276] [ 14.296404] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.296446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.296457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.296477] Call Trace: [ 14.296493] <TASK> [ 14.296507] dump_stack_lvl+0x73/0xb0 [ 14.296571] print_report+0xd1/0x610 [ 14.296592] ? __virt_addr_valid+0x1db/0x2d0 [ 14.296613] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.296639] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.296662] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.296718] kasan_report+0x141/0x180 [ 14.296741] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.296771] kasan_check_range+0x10c/0x1c0 [ 14.296795] __kasan_check_write+0x18/0x20 [ 14.296814] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.296840] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.296894] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.296918] ? trace_hardirqs_on+0x37/0xe0 [ 14.296939] ? kasan_bitops_generic+0x92/0x1c0 [ 14.296974] kasan_bitops_generic+0x116/0x1c0 [ 14.296997] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.297069] ? __pfx_read_tsc+0x10/0x10 [ 14.297090] ? ktime_get_ts64+0x86/0x230 [ 14.297114] kunit_try_run_case+0x1a5/0x480 [ 14.297138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.297193] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.297241] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.297289] ? __kthread_parkme+0x82/0x180 [ 14.297343] ? preempt_count_sub+0x50/0x80 [ 14.297368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.297393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.297441] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.297488] kthread+0x337/0x6f0 [ 14.297507] ? trace_preempt_on+0x20/0xc0 [ 14.297528] ? __pfx_kthread+0x10/0x10 [ 14.297549] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.297570] ? calculate_sigpending+0x7b/0xa0 [ 14.297603] ? __pfx_kthread+0x10/0x10 [ 14.297625] ret_from_fork+0x116/0x1d0 [ 14.297643] ? __pfx_kthread+0x10/0x10 [ 14.297663] ret_from_fork_asm+0x1a/0x30 [ 14.297693] </TASK> [ 14.297702] [ 14.308103] Allocated by task 280: [ 14.308319] kasan_save_stack+0x45/0x70 [ 14.308607] kasan_save_track+0x18/0x40 [ 14.308800] kasan_save_alloc_info+0x3b/0x50 [ 14.309066] __kasan_kmalloc+0xb7/0xc0 [ 14.309315] __kmalloc_cache_noprof+0x189/0x420 [ 14.309676] kasan_bitops_generic+0x92/0x1c0 [ 14.309868] kunit_try_run_case+0x1a5/0x480 [ 14.310017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.310193] kthread+0x337/0x6f0 [ 14.310356] ret_from_fork+0x116/0x1d0 [ 14.310544] ret_from_fork_asm+0x1a/0x30 [ 14.310837] [ 14.310931] The buggy address belongs to the object at ffff8881025c7500 [ 14.310931] which belongs to the cache kmalloc-16 of size 16 [ 14.311772] The buggy address is located 8 bytes inside of [ 14.311772] allocated 9-byte region [ffff8881025c7500, ffff8881025c7509) [ 14.312431] [ 14.312510] The buggy address belongs to the physical page: [ 14.312753] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025c7 [ 14.313237] flags: 0x200000000000000(node=0|zone=2) [ 14.313569] page_type: f5(slab) [ 14.313850] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.314242] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.314599] page dumped because: kasan: bad access detected [ 14.314887] [ 14.314963] Memory state around the buggy address: [ 14.315203] ffff8881025c7400: 00 01 fc fc 00 01 fc fc 00 04 fc fc 00 04 fc fc [ 14.315655] ffff8881025c7480: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.315875] >ffff8881025c7500: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.316363] ^ [ 14.316620] ffff8881025c7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.316931] ffff8881025c7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.317274] ==================================================================