Date
July 19, 2025, 11:12 p.m.
| Environment | |
|---|---|
| qemu-x86_64 |
[ 14.102866] ================================================================== [ 14.103154] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.103688] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.104032] [ 14.104116] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.104160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.104171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.104190] Call Trace: [ 14.104201] <TASK> [ 14.104214] dump_stack_lvl+0x73/0xb0 [ 14.104240] print_report+0xd1/0x610 [ 14.104261] ? __virt_addr_valid+0x1db/0x2d0 [ 14.104282] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.104306] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.104339] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.104411] kasan_report+0x141/0x180 [ 14.104475] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.104507] kasan_check_range+0x10c/0x1c0 [ 14.104530] __kasan_check_write+0x18/0x20 [ 14.104548] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.104573] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.104598] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.104650] ? trace_hardirqs_on+0x37/0xe0 [ 14.104671] ? kasan_bitops_generic+0x92/0x1c0 [ 14.104697] kasan_bitops_generic+0x116/0x1c0 [ 14.104719] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.104743] ? __pfx_read_tsc+0x10/0x10 [ 14.104763] ? ktime_get_ts64+0x86/0x230 [ 14.104813] kunit_try_run_case+0x1a5/0x480 [ 14.104836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.104857] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.104880] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.104902] ? __kthread_parkme+0x82/0x180 [ 14.104921] ? preempt_count_sub+0x50/0x80 [ 14.104974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.104997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.105031] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.105053] kthread+0x337/0x6f0 [ 14.105071] ? trace_preempt_on+0x20/0xc0 [ 14.105092] ? __pfx_kthread+0x10/0x10 [ 14.105112] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.105132] ? calculate_sigpending+0x7b/0xa0 [ 14.105154] ? __pfx_kthread+0x10/0x10 [ 14.105174] ret_from_fork+0x116/0x1d0 [ 14.105223] ? __pfx_kthread+0x10/0x10 [ 14.105243] ret_from_fork_asm+0x1a/0x30 [ 14.105272] </TASK> [ 14.105282] [ 14.115071] Allocated by task 278: [ 14.115205] kasan_save_stack+0x45/0x70 [ 14.115597] kasan_save_track+0x18/0x40 [ 14.115886] kasan_save_alloc_info+0x3b/0x50 [ 14.116190] __kasan_kmalloc+0xb7/0xc0 [ 14.116450] __kmalloc_cache_noprof+0x189/0x420 [ 14.116712] kasan_bitops_generic+0x92/0x1c0 [ 14.116953] kunit_try_run_case+0x1a5/0x480 [ 14.117180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.117478] kthread+0x337/0x6f0 [ 14.117773] ret_from_fork+0x116/0x1d0 [ 14.117998] ret_from_fork_asm+0x1a/0x30 [ 14.118151] [ 14.118221] The buggy address belongs to the object at ffff888101df6d60 [ 14.118221] which belongs to the cache kmalloc-16 of size 16 [ 14.118949] The buggy address is located 8 bytes inside of [ 14.118949] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.119693] [ 14.119791] The buggy address belongs to the physical page: [ 14.120075] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.120503] flags: 0x200000000000000(node=0|zone=2) [ 14.120887] page_type: f5(slab) [ 14.121035] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.121295] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.121998] page dumped because: kasan: bad access detected [ 14.122268] [ 14.122360] Memory state around the buggy address: [ 14.122514] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.122835] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.123241] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.123704] ^ [ 14.124063] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.124468] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.124787] ================================================================== [ 14.125314] ================================================================== [ 14.125608] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.126417] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.126685] [ 14.126792] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.126900] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.126912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.126931] Call Trace: [ 14.126944] <TASK> [ 14.126957] dump_stack_lvl+0x73/0xb0 [ 14.126984] print_report+0xd1/0x610 [ 14.127016] ? __virt_addr_valid+0x1db/0x2d0 [ 14.127038] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.127061] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.127083] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.127140] kasan_report+0x141/0x180 [ 14.127163] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.127215] kasan_check_range+0x10c/0x1c0 [ 14.127238] __kasan_check_write+0x18/0x20 [ 14.127256] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.127281] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.127305] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.127327] ? trace_hardirqs_on+0x37/0xe0 [ 14.127348] ? kasan_bitops_generic+0x92/0x1c0 [ 14.127420] kasan_bitops_generic+0x116/0x1c0 [ 14.127444] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.127467] ? __pfx_read_tsc+0x10/0x10 [ 14.127486] ? ktime_get_ts64+0x86/0x230 [ 14.127509] kunit_try_run_case+0x1a5/0x480 [ 14.127569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.127592] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.127614] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.127636] ? __kthread_parkme+0x82/0x180 [ 14.127655] ? preempt_count_sub+0x50/0x80 [ 14.127676] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.127729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.127753] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.127775] kthread+0x337/0x6f0 [ 14.127793] ? trace_preempt_on+0x20/0xc0 [ 14.127814] ? __pfx_kthread+0x10/0x10 [ 14.127834] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.127853] ? calculate_sigpending+0x7b/0xa0 [ 14.127906] ? __pfx_kthread+0x10/0x10 [ 14.127926] ret_from_fork+0x116/0x1d0 [ 14.127944] ? __pfx_kthread+0x10/0x10 [ 14.127963] ret_from_fork_asm+0x1a/0x30 [ 14.127992] </TASK> [ 14.128002] [ 14.137440] Allocated by task 278: [ 14.137721] kasan_save_stack+0x45/0x70 [ 14.137895] kasan_save_track+0x18/0x40 [ 14.138137] kasan_save_alloc_info+0x3b/0x50 [ 14.138370] __kasan_kmalloc+0xb7/0xc0 [ 14.138650] __kmalloc_cache_noprof+0x189/0x420 [ 14.138878] kasan_bitops_generic+0x92/0x1c0 [ 14.139158] kunit_try_run_case+0x1a5/0x480 [ 14.139650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.140092] kthread+0x337/0x6f0 [ 14.140217] ret_from_fork+0x116/0x1d0 [ 14.140350] ret_from_fork_asm+0x1a/0x30 [ 14.140930] [ 14.141105] The buggy address belongs to the object at ffff888101df6d60 [ 14.141105] which belongs to the cache kmalloc-16 of size 16 [ 14.142473] The buggy address is located 8 bytes inside of [ 14.142473] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.143213] [ 14.143292] The buggy address belongs to the physical page: [ 14.143834] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.144643] flags: 0x200000000000000(node=0|zone=2) [ 14.145195] page_type: f5(slab) [ 14.145523] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.146141] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.146416] page dumped because: kasan: bad access detected [ 14.147047] [ 14.147237] Memory state around the buggy address: [ 14.147853] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.148607] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.148868] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.149527] ^ [ 14.150122] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.150920] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.151211] ================================================================== [ 14.023742] ================================================================== [ 14.023975] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.024555] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.024789] [ 14.024875] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.024918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.024929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.024950] Call Trace: [ 14.024963] <TASK> [ 14.024984] dump_stack_lvl+0x73/0xb0 [ 14.025024] print_report+0xd1/0x610 [ 14.025045] ? __virt_addr_valid+0x1db/0x2d0 [ 14.025066] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.025117] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.025139] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.025163] kasan_report+0x141/0x180 [ 14.025200] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.025244] kasan_check_range+0x10c/0x1c0 [ 14.025267] __kasan_check_write+0x18/0x20 [ 14.025298] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.025336] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.025467] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.025494] ? trace_hardirqs_on+0x37/0xe0 [ 14.025514] ? kasan_bitops_generic+0x92/0x1c0 [ 14.025541] kasan_bitops_generic+0x116/0x1c0 [ 14.025563] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.025588] ? __pfx_read_tsc+0x10/0x10 [ 14.025607] ? ktime_get_ts64+0x86/0x230 [ 14.025631] kunit_try_run_case+0x1a5/0x480 [ 14.025654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.025697] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.025720] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.025742] ? __kthread_parkme+0x82/0x180 [ 14.025761] ? preempt_count_sub+0x50/0x80 [ 14.025784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.025808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.025847] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.025870] kthread+0x337/0x6f0 [ 14.025889] ? trace_preempt_on+0x20/0xc0 [ 14.025909] ? __pfx_kthread+0x10/0x10 [ 14.025929] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.025949] ? calculate_sigpending+0x7b/0xa0 [ 14.025972] ? __pfx_kthread+0x10/0x10 [ 14.025993] ret_from_fork+0x116/0x1d0 [ 14.026039] ? __pfx_kthread+0x10/0x10 [ 14.026059] ret_from_fork_asm+0x1a/0x30 [ 14.026089] </TASK> [ 14.026098] [ 14.040283] Allocated by task 278: [ 14.040724] kasan_save_stack+0x45/0x70 [ 14.041118] kasan_save_track+0x18/0x40 [ 14.041545] kasan_save_alloc_info+0x3b/0x50 [ 14.041947] __kasan_kmalloc+0xb7/0xc0 [ 14.042300] __kmalloc_cache_noprof+0x189/0x420 [ 14.042805] kasan_bitops_generic+0x92/0x1c0 [ 14.043209] kunit_try_run_case+0x1a5/0x480 [ 14.043677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.043864] kthread+0x337/0x6f0 [ 14.043986] ret_from_fork+0x116/0x1d0 [ 14.044134] ret_from_fork_asm+0x1a/0x30 [ 14.044272] [ 14.044343] The buggy address belongs to the object at ffff888101df6d60 [ 14.044343] which belongs to the cache kmalloc-16 of size 16 [ 14.044704] The buggy address is located 8 bytes inside of [ 14.044704] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.045267] [ 14.045535] The buggy address belongs to the physical page: [ 14.046094] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.046864] flags: 0x200000000000000(node=0|zone=2) [ 14.047322] page_type: f5(slab) [ 14.047707] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.048588] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.049275] page dumped because: kasan: bad access detected [ 14.049862] [ 14.050059] Memory state around the buggy address: [ 14.050564] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.051185] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.051867] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.052553] ^ [ 14.052895] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.053132] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.053551] ================================================================== [ 14.080466] ================================================================== [ 14.080807] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.081183] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.081647] [ 14.081736] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.081777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.081788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.081808] Call Trace: [ 14.081820] <TASK> [ 14.081835] dump_stack_lvl+0x73/0xb0 [ 14.081863] print_report+0xd1/0x610 [ 14.081884] ? __virt_addr_valid+0x1db/0x2d0 [ 14.081906] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.081929] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.081951] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.081975] kasan_report+0x141/0x180 [ 14.081996] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.082040] kasan_check_range+0x10c/0x1c0 [ 14.082063] __kasan_check_write+0x18/0x20 [ 14.082082] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.082106] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.082131] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.082153] ? trace_hardirqs_on+0x37/0xe0 [ 14.082175] ? kasan_bitops_generic+0x92/0x1c0 [ 14.082201] kasan_bitops_generic+0x116/0x1c0 [ 14.082223] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.082247] ? __pfx_read_tsc+0x10/0x10 [ 14.082266] ? ktime_get_ts64+0x86/0x230 [ 14.082289] kunit_try_run_case+0x1a5/0x480 [ 14.082312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.082334] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.082392] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.082439] ? __kthread_parkme+0x82/0x180 [ 14.082481] ? preempt_count_sub+0x50/0x80 [ 14.082527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.082550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.082594] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.082639] kthread+0x337/0x6f0 [ 14.082658] ? trace_preempt_on+0x20/0xc0 [ 14.082679] ? __pfx_kthread+0x10/0x10 [ 14.082720] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.082834] ? calculate_sigpending+0x7b/0xa0 [ 14.082858] ? __pfx_kthread+0x10/0x10 [ 14.082879] ret_from_fork+0x116/0x1d0 [ 14.082896] ? __pfx_kthread+0x10/0x10 [ 14.082917] ret_from_fork_asm+0x1a/0x30 [ 14.082946] </TASK> [ 14.082954] [ 14.092851] Allocated by task 278: [ 14.093117] kasan_save_stack+0x45/0x70 [ 14.093318] kasan_save_track+0x18/0x40 [ 14.093655] kasan_save_alloc_info+0x3b/0x50 [ 14.093888] __kasan_kmalloc+0xb7/0xc0 [ 14.094095] __kmalloc_cache_noprof+0x189/0x420 [ 14.094315] kasan_bitops_generic+0x92/0x1c0 [ 14.094624] kunit_try_run_case+0x1a5/0x480 [ 14.094779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.094954] kthread+0x337/0x6f0 [ 14.095085] ret_from_fork+0x116/0x1d0 [ 14.095219] ret_from_fork_asm+0x1a/0x30 [ 14.095524] [ 14.095642] The buggy address belongs to the object at ffff888101df6d60 [ 14.095642] which belongs to the cache kmalloc-16 of size 16 [ 14.096728] The buggy address is located 8 bytes inside of [ 14.096728] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.097387] [ 14.097507] The buggy address belongs to the physical page: [ 14.097764] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.098135] flags: 0x200000000000000(node=0|zone=2) [ 14.098302] page_type: f5(slab) [ 14.098626] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.098913] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.099150] page dumped because: kasan: bad access detected [ 14.099358] [ 14.099501] Memory state around the buggy address: [ 14.099793] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.100178] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.100721] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.101095] ^ [ 14.101359] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.101759] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.102051] ================================================================== [ 14.003493] ================================================================== [ 14.004069] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.004322] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.004988] [ 14.005107] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.005150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.005163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.005183] Call Trace: [ 14.005195] <TASK> [ 14.005209] dump_stack_lvl+0x73/0xb0 [ 14.005237] print_report+0xd1/0x610 [ 14.005259] ? __virt_addr_valid+0x1db/0x2d0 [ 14.005280] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.005304] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.005325] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.005349] kasan_report+0x141/0x180 [ 14.005371] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.005575] kasan_check_range+0x10c/0x1c0 [ 14.005603] __kasan_check_write+0x18/0x20 [ 14.005622] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.005646] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.005672] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.005696] ? trace_hardirqs_on+0x37/0xe0 [ 14.005718] ? kasan_bitops_generic+0x92/0x1c0 [ 14.005745] kasan_bitops_generic+0x116/0x1c0 [ 14.005768] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.005793] ? __pfx_read_tsc+0x10/0x10 [ 14.005814] ? ktime_get_ts64+0x86/0x230 [ 14.005837] kunit_try_run_case+0x1a5/0x480 [ 14.005861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.005883] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.005907] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.005929] ? __kthread_parkme+0x82/0x180 [ 14.005948] ? preempt_count_sub+0x50/0x80 [ 14.005972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.005996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.006033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.006059] kthread+0x337/0x6f0 [ 14.006078] ? trace_preempt_on+0x20/0xc0 [ 14.006099] ? __pfx_kthread+0x10/0x10 [ 14.006119] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.006140] ? calculate_sigpending+0x7b/0xa0 [ 14.006163] ? __pfx_kthread+0x10/0x10 [ 14.006183] ret_from_fork+0x116/0x1d0 [ 14.006200] ? __pfx_kthread+0x10/0x10 [ 14.006219] ret_from_fork_asm+0x1a/0x30 [ 14.006249] </TASK> [ 14.006259] [ 14.014844] Allocated by task 278: [ 14.015039] kasan_save_stack+0x45/0x70 [ 14.015190] kasan_save_track+0x18/0x40 [ 14.015324] kasan_save_alloc_info+0x3b/0x50 [ 14.015470] __kasan_kmalloc+0xb7/0xc0 [ 14.015602] __kmalloc_cache_noprof+0x189/0x420 [ 14.015755] kasan_bitops_generic+0x92/0x1c0 [ 14.015901] kunit_try_run_case+0x1a5/0x480 [ 14.016068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.016242] kthread+0x337/0x6f0 [ 14.016412] ret_from_fork+0x116/0x1d0 [ 14.017000] ret_from_fork_asm+0x1a/0x30 [ 14.017210] [ 14.017304] The buggy address belongs to the object at ffff888101df6d60 [ 14.017304] which belongs to the cache kmalloc-16 of size 16 [ 14.017827] The buggy address is located 8 bytes inside of [ 14.017827] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.018632] [ 14.018705] The buggy address belongs to the physical page: [ 14.018874] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.019121] flags: 0x200000000000000(node=0|zone=2) [ 14.019572] page_type: f5(slab) [ 14.019750] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.020107] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.020566] page dumped because: kasan: bad access detected [ 14.020823] [ 14.020895] Memory state around the buggy address: [ 14.021119] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.021439] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.021725] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.022031] ^ [ 14.022300] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.023131] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.023368] ================================================================== [ 14.152546] ================================================================== [ 14.153224] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.154212] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.155075] [ 14.155280] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.155324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.155336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.155357] Call Trace: [ 14.155371] <TASK> [ 14.155385] dump_stack_lvl+0x73/0xb0 [ 14.155413] print_report+0xd1/0x610 [ 14.155435] ? __virt_addr_valid+0x1db/0x2d0 [ 14.155455] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.155509] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.155530] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.155554] kasan_report+0x141/0x180 [ 14.155575] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.155604] kasan_check_range+0x10c/0x1c0 [ 14.155626] __kasan_check_write+0x18/0x20 [ 14.155644] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.155669] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.155694] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.155716] ? trace_hardirqs_on+0x37/0xe0 [ 14.155737] ? kasan_bitops_generic+0x92/0x1c0 [ 14.155763] kasan_bitops_generic+0x116/0x1c0 [ 14.155785] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.155808] ? __pfx_read_tsc+0x10/0x10 [ 14.155828] ? ktime_get_ts64+0x86/0x230 [ 14.155851] kunit_try_run_case+0x1a5/0x480 [ 14.155873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.155895] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.155917] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.155939] ? __kthread_parkme+0x82/0x180 [ 14.155958] ? preempt_count_sub+0x50/0x80 [ 14.155980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.156003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.156035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.156057] kthread+0x337/0x6f0 [ 14.156104] ? trace_preempt_on+0x20/0xc0 [ 14.156124] ? __pfx_kthread+0x10/0x10 [ 14.156144] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.156164] ? calculate_sigpending+0x7b/0xa0 [ 14.156187] ? __pfx_kthread+0x10/0x10 [ 14.156208] ret_from_fork+0x116/0x1d0 [ 14.156225] ? __pfx_kthread+0x10/0x10 [ 14.156245] ret_from_fork_asm+0x1a/0x30 [ 14.156274] </TASK> [ 14.156284] [ 14.169223] Allocated by task 278: [ 14.169366] kasan_save_stack+0x45/0x70 [ 14.169556] kasan_save_track+0x18/0x40 [ 14.169724] kasan_save_alloc_info+0x3b/0x50 [ 14.169913] __kasan_kmalloc+0xb7/0xc0 [ 14.170099] __kmalloc_cache_noprof+0x189/0x420 [ 14.170305] kasan_bitops_generic+0x92/0x1c0 [ 14.170591] kunit_try_run_case+0x1a5/0x480 [ 14.170744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.170936] kthread+0x337/0x6f0 [ 14.171119] ret_from_fork+0x116/0x1d0 [ 14.171327] ret_from_fork_asm+0x1a/0x30 [ 14.171708] [ 14.171828] The buggy address belongs to the object at ffff888101df6d60 [ 14.171828] which belongs to the cache kmalloc-16 of size 16 [ 14.172207] The buggy address is located 8 bytes inside of [ 14.172207] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.172683] [ 14.172781] The buggy address belongs to the physical page: [ 14.173042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.173272] flags: 0x200000000000000(node=0|zone=2) [ 14.173660] page_type: f5(slab) [ 14.173830] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.174231] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.174617] page dumped because: kasan: bad access detected [ 14.174833] [ 14.174923] Memory state around the buggy address: [ 14.175148] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.175356] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.176112] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.176532] ^ [ 14.176855] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.177094] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.177393] ================================================================== [ 13.984212] ================================================================== [ 13.984782] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.985105] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 13.985534] [ 13.985658] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 13.985703] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.985714] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.985734] Call Trace: [ 13.985745] <TASK> [ 13.985760] dump_stack_lvl+0x73/0xb0 [ 13.985788] print_report+0xd1/0x610 [ 13.985810] ? __virt_addr_valid+0x1db/0x2d0 [ 13.985832] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.985856] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.985877] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.985902] kasan_report+0x141/0x180 [ 13.985923] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.985952] kasan_check_range+0x10c/0x1c0 [ 13.985975] __kasan_check_write+0x18/0x20 [ 13.985994] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.986031] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.986057] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.986080] ? trace_hardirqs_on+0x37/0xe0 [ 13.986102] ? kasan_bitops_generic+0x92/0x1c0 [ 13.986128] kasan_bitops_generic+0x116/0x1c0 [ 13.986151] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.986175] ? __pfx_read_tsc+0x10/0x10 [ 13.986195] ? ktime_get_ts64+0x86/0x230 [ 13.986219] kunit_try_run_case+0x1a5/0x480 [ 13.986242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.986264] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.986286] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.986309] ? __kthread_parkme+0x82/0x180 [ 13.986328] ? preempt_count_sub+0x50/0x80 [ 13.986351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.986447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.986471] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.986493] kthread+0x337/0x6f0 [ 13.986512] ? trace_preempt_on+0x20/0xc0 [ 13.986533] ? __pfx_kthread+0x10/0x10 [ 13.986553] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.986573] ? calculate_sigpending+0x7b/0xa0 [ 13.986606] ? __pfx_kthread+0x10/0x10 [ 13.986627] ret_from_fork+0x116/0x1d0 [ 13.986644] ? __pfx_kthread+0x10/0x10 [ 13.986664] ret_from_fork_asm+0x1a/0x30 [ 13.986694] </TASK> [ 13.986703] [ 13.995031] Allocated by task 278: [ 13.995212] kasan_save_stack+0x45/0x70 [ 13.995454] kasan_save_track+0x18/0x40 [ 13.995620] kasan_save_alloc_info+0x3b/0x50 [ 13.995813] __kasan_kmalloc+0xb7/0xc0 [ 13.995998] __kmalloc_cache_noprof+0x189/0x420 [ 13.996205] kasan_bitops_generic+0x92/0x1c0 [ 13.996413] kunit_try_run_case+0x1a5/0x480 [ 13.996587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.996818] kthread+0x337/0x6f0 [ 13.996940] ret_from_fork+0x116/0x1d0 [ 13.997143] ret_from_fork_asm+0x1a/0x30 [ 13.997342] [ 13.997493] The buggy address belongs to the object at ffff888101df6d60 [ 13.997493] which belongs to the cache kmalloc-16 of size 16 [ 13.997967] The buggy address is located 8 bytes inside of [ 13.997967] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 13.998652] [ 13.998762] The buggy address belongs to the physical page: [ 13.999029] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 13.999279] flags: 0x200000000000000(node=0|zone=2) [ 13.999607] page_type: f5(slab) [ 13.999859] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.000120] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.000615] page dumped because: kasan: bad access detected [ 14.000827] [ 14.000920] Memory state around the buggy address: [ 14.001105] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.001321] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.001535] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.001746] ^ [ 14.002015] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.002631] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.002945] ================================================================== [ 14.057107] ================================================================== [ 14.057949] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.058888] Write of size 8 at addr ffff888101df6d68 by task kunit_try_catch/278 [ 14.059826] [ 14.059916] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.059958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.059969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.059990] Call Trace: [ 14.060001] <TASK> [ 14.060030] dump_stack_lvl+0x73/0xb0 [ 14.060059] print_report+0xd1/0x610 [ 14.060080] ? __virt_addr_valid+0x1db/0x2d0 [ 14.060101] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.060125] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.060147] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.060171] kasan_report+0x141/0x180 [ 14.060192] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.060221] kasan_check_range+0x10c/0x1c0 [ 14.060243] __kasan_check_write+0x18/0x20 [ 14.060261] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.060285] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.060311] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.060333] ? trace_hardirqs_on+0x37/0xe0 [ 14.060354] ? kasan_bitops_generic+0x92/0x1c0 [ 14.060381] kasan_bitops_generic+0x116/0x1c0 [ 14.060403] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.060426] ? __pfx_read_tsc+0x10/0x10 [ 14.060446] ? ktime_get_ts64+0x86/0x230 [ 14.060493] kunit_try_run_case+0x1a5/0x480 [ 14.060531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.060554] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.060577] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.060599] ? __kthread_parkme+0x82/0x180 [ 14.060619] ? preempt_count_sub+0x50/0x80 [ 14.060641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.060663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.060686] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.060708] kthread+0x337/0x6f0 [ 14.060726] ? trace_preempt_on+0x20/0xc0 [ 14.060747] ? __pfx_kthread+0x10/0x10 [ 14.060779] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.060801] ? calculate_sigpending+0x7b/0xa0 [ 14.060839] ? __pfx_kthread+0x10/0x10 [ 14.060860] ret_from_fork+0x116/0x1d0 [ 14.060877] ? __pfx_kthread+0x10/0x10 [ 14.060897] ret_from_fork_asm+0x1a/0x30 [ 14.060926] </TASK> [ 14.060935] [ 14.070640] Allocated by task 278: [ 14.071043] kasan_save_stack+0x45/0x70 [ 14.071287] kasan_save_track+0x18/0x40 [ 14.071679] kasan_save_alloc_info+0x3b/0x50 [ 14.071919] __kasan_kmalloc+0xb7/0xc0 [ 14.072066] __kmalloc_cache_noprof+0x189/0x420 [ 14.072222] kasan_bitops_generic+0x92/0x1c0 [ 14.072373] kunit_try_run_case+0x1a5/0x480 [ 14.072617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.072870] kthread+0x337/0x6f0 [ 14.073251] ret_from_fork+0x116/0x1d0 [ 14.073574] ret_from_fork_asm+0x1a/0x30 [ 14.073818] [ 14.073914] The buggy address belongs to the object at ffff888101df6d60 [ 14.073914] which belongs to the cache kmalloc-16 of size 16 [ 14.074355] The buggy address is located 8 bytes inside of [ 14.074355] allocated 9-byte region [ffff888101df6d60, ffff888101df6d69) [ 14.074879] [ 14.074978] The buggy address belongs to the physical page: [ 14.075245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df6 [ 14.075787] flags: 0x200000000000000(node=0|zone=2) [ 14.076054] page_type: f5(slab) [ 14.076169] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.076766] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.077198] page dumped because: kasan: bad access detected [ 14.077545] [ 14.077682] Memory state around the buggy address: [ 14.077912] ffff888101df6c00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.078239] ffff888101df6c80: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.078615] >ffff888101df6d00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.078951] ^ [ 14.079257] ffff888101df6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.079712] ffff888101df6e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.079982] ==================================================================