Date
July 19, 2025, 11:11 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 17.588226] ================================================================== [ 17.588291] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 17.588346] Write of size 8 at addr fff00000c5f9c4e8 by task kunit_try_catch/262 [ 17.588397] [ 17.588435] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.588518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.589424] Hardware name: linux,dummy-virt (DT) [ 17.589768] Call trace: [ 17.589812] show_stack+0x20/0x38 (C) [ 17.590151] dump_stack_lvl+0x8c/0xd0 [ 17.590332] print_report+0x118/0x5d0 [ 17.590576] kasan_report+0xdc/0x128 [ 17.590641] kasan_check_range+0x100/0x1a8 [ 17.590833] __kasan_check_write+0x20/0x30 [ 17.591044] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 17.591144] kasan_bitops_generic+0x110/0x1c8 [ 17.591451] kunit_try_run_case+0x170/0x3f0 [ 17.591517] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.592172] kthread+0x328/0x630 [ 17.592589] ret_from_fork+0x10/0x20 [ 17.592722] [ 17.592745] Allocated by task 262: [ 17.592952] kasan_save_stack+0x3c/0x68 [ 17.593452] kasan_save_track+0x20/0x40 [ 17.593690] kasan_save_alloc_info+0x40/0x58 [ 17.593886] __kasan_kmalloc+0xd4/0xd8 [ 17.593940] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.594101] kasan_bitops_generic+0xa0/0x1c8 [ 17.594296] kunit_try_run_case+0x170/0x3f0 [ 17.594430] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.594576] kthread+0x328/0x630 [ 17.594635] ret_from_fork+0x10/0x20 [ 17.594686] [ 17.594963] The buggy address belongs to the object at fff00000c5f9c4e0 [ 17.594963] which belongs to the cache kmalloc-16 of size 16 [ 17.595146] The buggy address is located 8 bytes inside of [ 17.595146] allocated 9-byte region [fff00000c5f9c4e0, fff00000c5f9c4e9) [ 17.595214] [ 17.595583] The buggy address belongs to the physical page: [ 17.595948] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9c [ 17.596224] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.596375] page_type: f5(slab) [ 17.596497] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.596689] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.596942] page dumped because: kasan: bad access detected [ 17.597081] [ 17.597147] Memory state around the buggy address: [ 17.597186] fff00000c5f9c380: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 17.597497] fff00000c5f9c400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.597732] >fff00000c5f9c480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 17.597787] ^ [ 17.598171] fff00000c5f9c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.598515] fff00000c5f9c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.598664] ================================================================== [ 17.601219] ================================================================== [ 17.601551] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 17.601715] Read of size 8 at addr fff00000c5f9c4e8 by task kunit_try_catch/262 [ 17.601794] [ 17.601877] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.601966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.602311] Hardware name: linux,dummy-virt (DT) [ 17.602390] Call trace: [ 17.602477] show_stack+0x20/0x38 (C) [ 17.602562] dump_stack_lvl+0x8c/0xd0 [ 17.602695] print_report+0x118/0x5d0 [ 17.602748] kasan_report+0xdc/0x128 [ 17.602795] __asan_report_load8_noabort+0x20/0x30 [ 17.602855] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 17.603072] kasan_bitops_generic+0x110/0x1c8 [ 17.603274] kunit_try_run_case+0x170/0x3f0 [ 17.603567] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.603781] kthread+0x328/0x630 [ 17.603900] ret_from_fork+0x10/0x20 [ 17.604236] [ 17.604428] Allocated by task 262: [ 17.604494] kasan_save_stack+0x3c/0x68 [ 17.604610] kasan_save_track+0x20/0x40 [ 17.604768] kasan_save_alloc_info+0x40/0x58 [ 17.605017] __kasan_kmalloc+0xd4/0xd8 [ 17.605217] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.605341] kasan_bitops_generic+0xa0/0x1c8 [ 17.605476] kunit_try_run_case+0x170/0x3f0 [ 17.605597] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.605683] kthread+0x328/0x630 [ 17.605725] ret_from_fork+0x10/0x20 [ 17.605770] [ 17.605964] The buggy address belongs to the object at fff00000c5f9c4e0 [ 17.605964] which belongs to the cache kmalloc-16 of size 16 [ 17.606140] The buggy address is located 8 bytes inside of [ 17.606140] allocated 9-byte region [fff00000c5f9c4e0, fff00000c5f9c4e9) [ 17.606646] [ 17.606727] The buggy address belongs to the physical page: [ 17.606864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105f9c [ 17.606960] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.607102] page_type: f5(slab) [ 17.607180] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.607476] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.607628] page dumped because: kasan: bad access detected [ 17.607791] [ 17.607871] Memory state around the buggy address: [ 17.607958] fff00000c5f9c380: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 17.608078] fff00000c5f9c400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.608165] >fff00000c5f9c480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 17.608398] ^ [ 17.608719] fff00000c5f9c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.608801] fff00000c5f9c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.608922] ================================================================== [ 17.610359] ================================================================== [ 17.610420] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 17.610477] Write of size 8 at addr fff00000c5f9c4e8 by task kunit_try_catch/262 [ 17.610526] [ 17.610665] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.610756] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.610808] Hardware name: linux,dummy-virt (DT) [ 17.610850] Call trace: [ 17.610881] show_stack+0x20/0x38 (C) [ 17.610932] dump_stack_lvl+0x8c/0xd0 [ 17.610982] print_report+0x118/0x5d0 [ 17.611032] kasan_report+0xdc/0x128 [ 17.611080] kasan_check_range+0x100/0x1a8 [ 17.611128] __kasan_check_write+0x20/0x30 [ 17.611175] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 17.611227] kasan_bitops_generic+0x110/0x1c8 [ 17.611276] kunit_try_run_case+0x170/0x3f0 [ 17.611325] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.611379] kthread+0x328/0x630 [ 17.611422] ret_from_fork+0x10/0x20 [ 17.611471] [ 17.611491] Allocated by task 262: [ 17.611519] kasan_save_stack+0x3c/0x68 [ 17.612174] kasan_save_track+0x20/0x40 [ 17.612248] kasan_save_alloc_info+0x40/0x58 [ 17.612338] __kasan_kmalloc+0xd4/0xd8 [ 17.612382] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.612509] kunit_try_run_case+0x170/0x3f0 [ 17.613847] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.614644] fff00000c5f9c400: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.615853] fff00000c5f9c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.616974] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 17.618709] print_report+0x118/0x5d0 [ 17.619170] kasan_bitops_generic+0x110/0x1c8 [ 17.621620] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.623368] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.624948] >fff00000c5f9c480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 17.625465] fff00000c5f9c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.627669] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.627830] dump_stack_lvl+0x8c/0xd0 [ 17.628132] kasan_check_range+0x100/0x1a8 [ 17.628296] kasan_bitops_generic+0x110/0x1c8 [ 17.628780] [ 17.629128] kasan_save_track+0x20/0x40 [ 17.629574] kasan_bitops_generic+0xa0/0x1c8 [ 17.630749] [ 17.631092] page_type: f5(slab) [ 17.632320] fff00000c5f9c380: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 17.632782] fff00000c5f9c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.634517] [ 17.635002] Hardware name: linux,dummy-virt (DT) [ 17.636065] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 17.637415] Allocated by task 262: [ 17.638452] [ 17.638564] The buggy address is located 8 bytes inside of [ 17.638564] allocated 9-byte region [fff00000c5f9c4e0, fff00000c5f9c4e9) [ 17.638991] page dumped because: kasan: bad access detected [ 17.639208] >fff00000c5f9c480: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 17.640940] ==================================================================
[ 14.047550] ================================================================== [ 14.048007] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.048396] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.048707] [ 14.048811] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.048860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.048871] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.048894] Call Trace: [ 14.048906] <TASK> [ 14.048924] dump_stack_lvl+0x73/0xb0 [ 14.048953] print_report+0xd1/0x610 [ 14.048976] ? __virt_addr_valid+0x1db/0x2d0 [ 14.049000] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.049025] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.049048] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.049074] kasan_report+0x141/0x180 [ 14.049095] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.049125] kasan_check_range+0x10c/0x1c0 [ 14.049148] __kasan_check_write+0x18/0x20 [ 14.049167] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.049193] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.049221] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.049246] ? trace_hardirqs_on+0x37/0xe0 [ 14.049268] ? kasan_bitops_generic+0x92/0x1c0 [ 14.049296] kasan_bitops_generic+0x116/0x1c0 [ 14.049319] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.049345] ? __pfx_read_tsc+0x10/0x10 [ 14.049366] ? ktime_get_ts64+0x86/0x230 [ 14.049390] kunit_try_run_case+0x1a5/0x480 [ 14.049415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.049437] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.049481] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.049514] ? __kthread_parkme+0x82/0x180 [ 14.049536] ? preempt_count_sub+0x50/0x80 [ 14.049561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.049585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.049609] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.049632] kthread+0x337/0x6f0 [ 14.049652] ? trace_preempt_on+0x20/0xc0 [ 14.049673] ? __pfx_kthread+0x10/0x10 [ 14.049692] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.049714] ? calculate_sigpending+0x7b/0xa0 [ 14.049739] ? __pfx_kthread+0x10/0x10 [ 14.049760] ret_from_fork+0x116/0x1d0 [ 14.049780] ? __pfx_kthread+0x10/0x10 [ 14.049800] ret_from_fork_asm+0x1a/0x30 [ 14.049831] </TASK> [ 14.049841] [ 14.060142] Allocated by task 279: [ 14.060411] kasan_save_stack+0x45/0x70 [ 14.061119] kasan_save_track+0x18/0x40 [ 14.061434] kasan_save_alloc_info+0x3b/0x50 [ 14.061667] __kasan_kmalloc+0xb7/0xc0 [ 14.062014] __kmalloc_cache_noprof+0x189/0x420 [ 14.062480] kasan_bitops_generic+0x92/0x1c0 [ 14.062779] kunit_try_run_case+0x1a5/0x480 [ 14.062941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.063215] kthread+0x337/0x6f0 [ 14.063646] ret_from_fork+0x116/0x1d0 [ 14.063832] ret_from_fork_asm+0x1a/0x30 [ 14.064000] [ 14.064095] The buggy address belongs to the object at ffff888101642a40 [ 14.064095] which belongs to the cache kmalloc-16 of size 16 [ 14.064981] The buggy address is located 8 bytes inside of [ 14.064981] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.065736] [ 14.065999] The buggy address belongs to the physical page: [ 14.066510] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.066861] flags: 0x200000000000000(node=0|zone=2) [ 14.067359] page_type: f5(slab) [ 14.067545] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.067924] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.068390] page dumped because: kasan: bad access detected [ 14.068737] [ 14.068839] Memory state around the buggy address: [ 14.069028] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.069399] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.069740] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.069969] ^ [ 14.070509] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.070841] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.071414] ================================================================== [ 14.160173] ================================================================== [ 14.160639] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.161521] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.161844] [ 14.161950] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.161998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.162009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.162031] Call Trace: [ 14.162044] <TASK> [ 14.162064] dump_stack_lvl+0x73/0xb0 [ 14.162095] print_report+0xd1/0x610 [ 14.162118] ? __virt_addr_valid+0x1db/0x2d0 [ 14.162141] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.162170] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.162199] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.162225] kasan_report+0x141/0x180 [ 14.162248] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.162278] kasan_check_range+0x10c/0x1c0 [ 14.162303] __kasan_check_write+0x18/0x20 [ 14.162323] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.162349] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.162376] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.162401] ? trace_hardirqs_on+0x37/0xe0 [ 14.162699] ? kasan_bitops_generic+0x92/0x1c0 [ 14.162728] kasan_bitops_generic+0x116/0x1c0 [ 14.162752] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.162778] ? __pfx_read_tsc+0x10/0x10 [ 14.162798] ? ktime_get_ts64+0x86/0x230 [ 14.162822] kunit_try_run_case+0x1a5/0x480 [ 14.162846] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.162869] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.162894] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.162918] ? __kthread_parkme+0x82/0x180 [ 14.162939] ? preempt_count_sub+0x50/0x80 [ 14.162963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.162986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.163009] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.163033] kthread+0x337/0x6f0 [ 14.163138] ? trace_preempt_on+0x20/0xc0 [ 14.163161] ? __pfx_kthread+0x10/0x10 [ 14.163181] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.163202] ? calculate_sigpending+0x7b/0xa0 [ 14.163226] ? __pfx_kthread+0x10/0x10 [ 14.163247] ret_from_fork+0x116/0x1d0 [ 14.163265] ? __pfx_kthread+0x10/0x10 [ 14.163285] ret_from_fork_asm+0x1a/0x30 [ 14.163315] </TASK> [ 14.163326] [ 14.172005] Allocated by task 279: [ 14.172346] kasan_save_stack+0x45/0x70 [ 14.172575] kasan_save_track+0x18/0x40 [ 14.172772] kasan_save_alloc_info+0x3b/0x50 [ 14.172961] __kasan_kmalloc+0xb7/0xc0 [ 14.173218] __kmalloc_cache_noprof+0x189/0x420 [ 14.173380] kasan_bitops_generic+0x92/0x1c0 [ 14.173543] kunit_try_run_case+0x1a5/0x480 [ 14.173691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.173896] kthread+0x337/0x6f0 [ 14.174060] ret_from_fork+0x116/0x1d0 [ 14.174253] ret_from_fork_asm+0x1a/0x30 [ 14.174447] [ 14.174549] The buggy address belongs to the object at ffff888101642a40 [ 14.174549] which belongs to the cache kmalloc-16 of size 16 [ 14.175554] The buggy address is located 8 bytes inside of [ 14.175554] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.176034] [ 14.176109] The buggy address belongs to the physical page: [ 14.176516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.176804] flags: 0x200000000000000(node=0|zone=2) [ 14.177042] page_type: f5(slab) [ 14.177375] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.177718] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.177978] page dumped because: kasan: bad access detected [ 14.178279] [ 14.178513] Memory state around the buggy address: [ 14.178725] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.178993] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.179617] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.179908] ^ [ 14.180121] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.180341] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.180677] ================================================================== [ 14.100972] ================================================================== [ 14.101442] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.102284] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.102827] [ 14.102942] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.102987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.102998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.103019] Call Trace: [ 14.103034] <TASK> [ 14.103047] dump_stack_lvl+0x73/0xb0 [ 14.103077] print_report+0xd1/0x610 [ 14.103099] ? __virt_addr_valid+0x1db/0x2d0 [ 14.103120] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.103146] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.103465] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.103493] kasan_report+0x141/0x180 [ 14.103532] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.103563] kasan_check_range+0x10c/0x1c0 [ 14.103586] __kasan_check_write+0x18/0x20 [ 14.103604] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.103630] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.103657] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.103680] ? trace_hardirqs_on+0x37/0xe0 [ 14.103703] ? kasan_bitops_generic+0x92/0x1c0 [ 14.103730] kasan_bitops_generic+0x116/0x1c0 [ 14.103752] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.103777] ? __pfx_read_tsc+0x10/0x10 [ 14.103797] ? ktime_get_ts64+0x86/0x230 [ 14.103820] kunit_try_run_case+0x1a5/0x480 [ 14.103844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.103866] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.103890] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.103913] ? __kthread_parkme+0x82/0x180 [ 14.103932] ? preempt_count_sub+0x50/0x80 [ 14.103955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.103980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.104003] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.104027] kthread+0x337/0x6f0 [ 14.104084] ? trace_preempt_on+0x20/0xc0 [ 14.104106] ? __pfx_kthread+0x10/0x10 [ 14.104126] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.104147] ? calculate_sigpending+0x7b/0xa0 [ 14.104171] ? __pfx_kthread+0x10/0x10 [ 14.104192] ret_from_fork+0x116/0x1d0 [ 14.104210] ? __pfx_kthread+0x10/0x10 [ 14.104230] ret_from_fork_asm+0x1a/0x30 [ 14.104260] </TASK> [ 14.104270] [ 14.117677] Allocated by task 279: [ 14.117858] kasan_save_stack+0x45/0x70 [ 14.118441] kasan_save_track+0x18/0x40 [ 14.118752] kasan_save_alloc_info+0x3b/0x50 [ 14.119235] __kasan_kmalloc+0xb7/0xc0 [ 14.119422] __kmalloc_cache_noprof+0x189/0x420 [ 14.119611] kasan_bitops_generic+0x92/0x1c0 [ 14.119836] kunit_try_run_case+0x1a5/0x480 [ 14.120043] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.120603] kthread+0x337/0x6f0 [ 14.120862] ret_from_fork+0x116/0x1d0 [ 14.121178] ret_from_fork_asm+0x1a/0x30 [ 14.121517] [ 14.121860] The buggy address belongs to the object at ffff888101642a40 [ 14.121860] which belongs to the cache kmalloc-16 of size 16 [ 14.122870] The buggy address is located 8 bytes inside of [ 14.122870] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.123768] [ 14.123974] The buggy address belongs to the physical page: [ 14.124343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.124828] flags: 0x200000000000000(node=0|zone=2) [ 14.125079] page_type: f5(slab) [ 14.125487] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.125940] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.126648] page dumped because: kasan: bad access detected [ 14.126894] [ 14.126973] Memory state around the buggy address: [ 14.127547] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.127910] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.128366] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.128829] ^ [ 14.129081] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.129733] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.130386] ================================================================== [ 14.181401] ================================================================== [ 14.182136] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.182574] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.182827] [ 14.182919] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.182965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.182977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.182999] Call Trace: [ 14.183012] <TASK> [ 14.183029] dump_stack_lvl+0x73/0xb0 [ 14.183058] print_report+0xd1/0x610 [ 14.183079] ? __virt_addr_valid+0x1db/0x2d0 [ 14.183102] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.183175] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.183199] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.183225] kasan_report+0x141/0x180 [ 14.183247] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.183278] kasan_check_range+0x10c/0x1c0 [ 14.183302] __kasan_check_write+0x18/0x20 [ 14.183321] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.183346] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.183374] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.183399] ? trace_hardirqs_on+0x37/0xe0 [ 14.183421] ? kasan_bitops_generic+0x92/0x1c0 [ 14.183447] kasan_bitops_generic+0x116/0x1c0 [ 14.183471] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.183507] ? __pfx_read_tsc+0x10/0x10 [ 14.183528] ? ktime_get_ts64+0x86/0x230 [ 14.183552] kunit_try_run_case+0x1a5/0x480 [ 14.183577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.183598] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.183622] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.183646] ? __kthread_parkme+0x82/0x180 [ 14.183665] ? preempt_count_sub+0x50/0x80 [ 14.183689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.183712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.183735] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.183759] kthread+0x337/0x6f0 [ 14.183777] ? trace_preempt_on+0x20/0xc0 [ 14.183798] ? __pfx_kthread+0x10/0x10 [ 14.183817] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.183838] ? calculate_sigpending+0x7b/0xa0 [ 14.183863] ? __pfx_kthread+0x10/0x10 [ 14.183882] ret_from_fork+0x116/0x1d0 [ 14.183901] ? __pfx_kthread+0x10/0x10 [ 14.183921] ret_from_fork_asm+0x1a/0x30 [ 14.183952] </TASK> [ 14.183962] [ 14.192834] Allocated by task 279: [ 14.193019] kasan_save_stack+0x45/0x70 [ 14.193353] kasan_save_track+0x18/0x40 [ 14.193651] kasan_save_alloc_info+0x3b/0x50 [ 14.193916] __kasan_kmalloc+0xb7/0xc0 [ 14.194061] __kmalloc_cache_noprof+0x189/0x420 [ 14.194222] kasan_bitops_generic+0x92/0x1c0 [ 14.194370] kunit_try_run_case+0x1a5/0x480 [ 14.194634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.194895] kthread+0x337/0x6f0 [ 14.195101] ret_from_fork+0x116/0x1d0 [ 14.195725] ret_from_fork_asm+0x1a/0x30 [ 14.195943] [ 14.196040] The buggy address belongs to the object at ffff888101642a40 [ 14.196040] which belongs to the cache kmalloc-16 of size 16 [ 14.196651] The buggy address is located 8 bytes inside of [ 14.196651] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.197185] [ 14.197276] The buggy address belongs to the physical page: [ 14.197492] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.197824] flags: 0x200000000000000(node=0|zone=2) [ 14.198094] page_type: f5(slab) [ 14.198260] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.198504] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.198836] page dumped because: kasan: bad access detected [ 14.199290] [ 14.199392] Memory state around the buggy address: [ 14.199605] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.199869] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.200330] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.200639] ^ [ 14.200853] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.201233] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.201528] ================================================================== [ 14.201948] ================================================================== [ 14.202575] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.202836] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.203059] [ 14.203143] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.203186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.203197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.203218] Call Trace: [ 14.203236] <TASK> [ 14.203250] dump_stack_lvl+0x73/0xb0 [ 14.203277] print_report+0xd1/0x610 [ 14.203299] ? __virt_addr_valid+0x1db/0x2d0 [ 14.203323] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.203348] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.203371] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.203396] kasan_report+0x141/0x180 [ 14.203418] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.203449] kasan_check_range+0x10c/0x1c0 [ 14.203471] __kasan_check_write+0x18/0x20 [ 14.203490] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.203528] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.203555] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.203578] ? trace_hardirqs_on+0x37/0xe0 [ 14.203600] ? kasan_bitops_generic+0x92/0x1c0 [ 14.203639] kasan_bitops_generic+0x116/0x1c0 [ 14.203662] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.203687] ? __pfx_read_tsc+0x10/0x10 [ 14.203707] ? ktime_get_ts64+0x86/0x230 [ 14.203731] kunit_try_run_case+0x1a5/0x480 [ 14.203756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.203778] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.203802] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.203825] ? __kthread_parkme+0x82/0x180 [ 14.203844] ? preempt_count_sub+0x50/0x80 [ 14.203868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.203891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.203914] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.203938] kthread+0x337/0x6f0 [ 14.203957] ? trace_preempt_on+0x20/0xc0 [ 14.203978] ? __pfx_kthread+0x10/0x10 [ 14.203997] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.204018] ? calculate_sigpending+0x7b/0xa0 [ 14.204041] ? __pfx_kthread+0x10/0x10 [ 14.204062] ret_from_fork+0x116/0x1d0 [ 14.204080] ? __pfx_kthread+0x10/0x10 [ 14.204100] ret_from_fork_asm+0x1a/0x30 [ 14.204129] </TASK> [ 14.204138] [ 14.213320] Allocated by task 279: [ 14.213459] kasan_save_stack+0x45/0x70 [ 14.213672] kasan_save_track+0x18/0x40 [ 14.213989] kasan_save_alloc_info+0x3b/0x50 [ 14.214609] __kasan_kmalloc+0xb7/0xc0 [ 14.215015] __kmalloc_cache_noprof+0x189/0x420 [ 14.215428] kasan_bitops_generic+0x92/0x1c0 [ 14.215660] kunit_try_run_case+0x1a5/0x480 [ 14.215868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.216259] kthread+0x337/0x6f0 [ 14.216393] ret_from_fork+0x116/0x1d0 [ 14.216540] ret_from_fork_asm+0x1a/0x30 [ 14.216681] [ 14.216756] The buggy address belongs to the object at ffff888101642a40 [ 14.216756] which belongs to the cache kmalloc-16 of size 16 [ 14.217632] The buggy address is located 8 bytes inside of [ 14.217632] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.218090] [ 14.218419] The buggy address belongs to the physical page: [ 14.218683] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.218971] flags: 0x200000000000000(node=0|zone=2) [ 14.219312] page_type: f5(slab) [ 14.219487] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.219802] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.220144] page dumped because: kasan: bad access detected [ 14.220381] [ 14.220449] Memory state around the buggy address: [ 14.220684] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.220967] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.221347] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.221640] ^ [ 14.221815] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.222030] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.222250] ================================================================== [ 14.222685] ================================================================== [ 14.223033] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.223726] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.224521] [ 14.224643] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.224689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.224701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.224722] Call Trace: [ 14.224741] <TASK> [ 14.224758] dump_stack_lvl+0x73/0xb0 [ 14.224788] print_report+0xd1/0x610 [ 14.224809] ? __virt_addr_valid+0x1db/0x2d0 [ 14.224832] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.224858] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.224879] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.224905] kasan_report+0x141/0x180 [ 14.224926] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.224956] kasan_check_range+0x10c/0x1c0 [ 14.224980] __kasan_check_write+0x18/0x20 [ 14.224998] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.225024] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.225062] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.225086] ? trace_hardirqs_on+0x37/0xe0 [ 14.225109] ? kasan_bitops_generic+0x92/0x1c0 [ 14.225136] kasan_bitops_generic+0x116/0x1c0 [ 14.225159] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.225184] ? __pfx_read_tsc+0x10/0x10 [ 14.225253] ? ktime_get_ts64+0x86/0x230 [ 14.225278] kunit_try_run_case+0x1a5/0x480 [ 14.225303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.225325] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.225349] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.225372] ? __kthread_parkme+0x82/0x180 [ 14.225393] ? preempt_count_sub+0x50/0x80 [ 14.225416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.225440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.225463] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.225486] kthread+0x337/0x6f0 [ 14.225516] ? trace_preempt_on+0x20/0xc0 [ 14.225537] ? __pfx_kthread+0x10/0x10 [ 14.225557] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.225578] ? calculate_sigpending+0x7b/0xa0 [ 14.225602] ? __pfx_kthread+0x10/0x10 [ 14.225623] ret_from_fork+0x116/0x1d0 [ 14.225642] ? __pfx_kthread+0x10/0x10 [ 14.225661] ret_from_fork_asm+0x1a/0x30 [ 14.225692] </TASK> [ 14.225702] [ 14.234015] Allocated by task 279: [ 14.234146] kasan_save_stack+0x45/0x70 [ 14.234377] kasan_save_track+0x18/0x40 [ 14.234579] kasan_save_alloc_info+0x3b/0x50 [ 14.234793] __kasan_kmalloc+0xb7/0xc0 [ 14.234986] __kmalloc_cache_noprof+0x189/0x420 [ 14.235203] kasan_bitops_generic+0x92/0x1c0 [ 14.235465] kunit_try_run_case+0x1a5/0x480 [ 14.235635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.235826] kthread+0x337/0x6f0 [ 14.235993] ret_from_fork+0x116/0x1d0 [ 14.236179] ret_from_fork_asm+0x1a/0x30 [ 14.236377] [ 14.236462] The buggy address belongs to the object at ffff888101642a40 [ 14.236462] which belongs to the cache kmalloc-16 of size 16 [ 14.236829] The buggy address is located 8 bytes inside of [ 14.236829] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.237181] [ 14.237253] The buggy address belongs to the physical page: [ 14.237429] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.238008] flags: 0x200000000000000(node=0|zone=2) [ 14.238613] page_type: f5(slab) [ 14.238809] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.239337] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.239941] page dumped because: kasan: bad access detected [ 14.240189] [ 14.240297] Memory state around the buggy address: [ 14.240525] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.240850] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.241655] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.241883] ^ [ 14.242101] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.242839] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.243298] ================================================================== [ 14.071934] ================================================================== [ 14.072425] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.072832] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.073149] [ 14.073265] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.073323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.073335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.073355] Call Trace: [ 14.073370] <TASK> [ 14.073385] dump_stack_lvl+0x73/0xb0 [ 14.073412] print_report+0xd1/0x610 [ 14.073434] ? __virt_addr_valid+0x1db/0x2d0 [ 14.073458] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.073485] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.073520] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.073548] kasan_report+0x141/0x180 [ 14.073571] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.073604] kasan_check_range+0x10c/0x1c0 [ 14.073628] __kasan_check_write+0x18/0x20 [ 14.073648] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.073673] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.073700] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.073727] ? trace_hardirqs_on+0x37/0xe0 [ 14.073749] ? kasan_bitops_generic+0x92/0x1c0 [ 14.073776] kasan_bitops_generic+0x116/0x1c0 [ 14.073800] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.073824] ? __pfx_read_tsc+0x10/0x10 [ 14.073844] ? ktime_get_ts64+0x86/0x230 [ 14.073868] kunit_try_run_case+0x1a5/0x480 [ 14.073893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.073915] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.073939] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.073963] ? __kthread_parkme+0x82/0x180 [ 14.073983] ? preempt_count_sub+0x50/0x80 [ 14.074007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.074031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.074054] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.074078] kthread+0x337/0x6f0 [ 14.074096] ? trace_preempt_on+0x20/0xc0 [ 14.074119] ? __pfx_kthread+0x10/0x10 [ 14.074139] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.074250] ? calculate_sigpending+0x7b/0xa0 [ 14.074277] ? __pfx_kthread+0x10/0x10 [ 14.074297] ret_from_fork+0x116/0x1d0 [ 14.074317] ? __pfx_kthread+0x10/0x10 [ 14.074337] ret_from_fork_asm+0x1a/0x30 [ 14.074366] </TASK> [ 14.074376] [ 14.087165] Allocated by task 279: [ 14.087647] kasan_save_stack+0x45/0x70 [ 14.087964] kasan_save_track+0x18/0x40 [ 14.088369] kasan_save_alloc_info+0x3b/0x50 [ 14.088608] __kasan_kmalloc+0xb7/0xc0 [ 14.088788] __kmalloc_cache_noprof+0x189/0x420 [ 14.089005] kasan_bitops_generic+0x92/0x1c0 [ 14.089685] kunit_try_run_case+0x1a5/0x480 [ 14.089894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.090355] kthread+0x337/0x6f0 [ 14.090662] ret_from_fork+0x116/0x1d0 [ 14.090960] ret_from_fork_asm+0x1a/0x30 [ 14.091332] [ 14.091632] The buggy address belongs to the object at ffff888101642a40 [ 14.091632] which belongs to the cache kmalloc-16 of size 16 [ 14.092173] The buggy address is located 8 bytes inside of [ 14.092173] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.093006] [ 14.093111] The buggy address belongs to the physical page: [ 14.094053] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.094645] flags: 0x200000000000000(node=0|zone=2) [ 14.094917] page_type: f5(slab) [ 14.095093] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.095754] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.096296] page dumped because: kasan: bad access detected [ 14.096638] [ 14.096715] Memory state around the buggy address: [ 14.097267] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.097586] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.097860] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.098577] ^ [ 14.098824] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.099334] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.099781] ================================================================== [ 14.130942] ================================================================== [ 14.131837] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.132583] Write of size 8 at addr ffff888101642a48 by task kunit_try_catch/279 [ 14.132969] [ 14.133535] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.133589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.133601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.133624] Call Trace: [ 14.133646] <TASK> [ 14.133666] dump_stack_lvl+0x73/0xb0 [ 14.133699] print_report+0xd1/0x610 [ 14.133722] ? __virt_addr_valid+0x1db/0x2d0 [ 14.133745] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.133771] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.133793] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.133820] kasan_report+0x141/0x180 [ 14.133841] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.133871] kasan_check_range+0x10c/0x1c0 [ 14.133894] __kasan_check_write+0x18/0x20 [ 14.133913] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.133939] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.133965] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.133990] ? trace_hardirqs_on+0x37/0xe0 [ 14.134013] ? kasan_bitops_generic+0x92/0x1c0 [ 14.134040] kasan_bitops_generic+0x116/0x1c0 [ 14.134063] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.134087] ? __pfx_read_tsc+0x10/0x10 [ 14.134107] ? ktime_get_ts64+0x86/0x230 [ 14.134131] kunit_try_run_case+0x1a5/0x480 [ 14.134155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.134177] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.134208] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.134243] ? __kthread_parkme+0x82/0x180 [ 14.134265] ? preempt_count_sub+0x50/0x80 [ 14.134293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.134318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.134341] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.134366] kthread+0x337/0x6f0 [ 14.134384] ? trace_preempt_on+0x20/0xc0 [ 14.134405] ? __pfx_kthread+0x10/0x10 [ 14.134425] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.134446] ? calculate_sigpending+0x7b/0xa0 [ 14.134470] ? __pfx_kthread+0x10/0x10 [ 14.134491] ret_from_fork+0x116/0x1d0 [ 14.134520] ? __pfx_kthread+0x10/0x10 [ 14.134540] ret_from_fork_asm+0x1a/0x30 [ 14.134570] </TASK> [ 14.134580] [ 14.146815] Allocated by task 279: [ 14.147315] kasan_save_stack+0x45/0x70 [ 14.147636] kasan_save_track+0x18/0x40 [ 14.147815] kasan_save_alloc_info+0x3b/0x50 [ 14.148026] __kasan_kmalloc+0xb7/0xc0 [ 14.148669] __kmalloc_cache_noprof+0x189/0x420 [ 14.148892] kasan_bitops_generic+0x92/0x1c0 [ 14.149062] kunit_try_run_case+0x1a5/0x480 [ 14.149534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.149935] kthread+0x337/0x6f0 [ 14.150321] ret_from_fork+0x116/0x1d0 [ 14.150593] ret_from_fork_asm+0x1a/0x30 [ 14.150786] [ 14.150872] The buggy address belongs to the object at ffff888101642a40 [ 14.150872] which belongs to the cache kmalloc-16 of size 16 [ 14.151663] The buggy address is located 8 bytes inside of [ 14.151663] allocated 9-byte region [ffff888101642a40, ffff888101642a49) [ 14.152743] [ 14.152854] The buggy address belongs to the physical page: [ 14.153143] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101642 [ 14.153646] flags: 0x200000000000000(node=0|zone=2) [ 14.153888] page_type: f5(slab) [ 14.154036] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.154713] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.155162] page dumped because: kasan: bad access detected [ 14.155414] [ 14.155486] Memory state around the buggy address: [ 14.155713] ffff888101642900: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 14.156016] ffff888101642980: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.156832] >ffff888101642a00: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.157350] ^ [ 14.157618] ffff888101642a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.157862] ffff888101642b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.158212] ==================================================================