Date
July 20, 2025, 11:12 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 17.788525] ================================================================== [ 17.788951] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0 [ 17.789168] Write of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.789401] [ 17.789469] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.789556] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.789815] Hardware name: linux,dummy-virt (DT) [ 17.789972] Call trace: [ 17.790212] show_stack+0x20/0x38 (C) [ 17.790430] dump_stack_lvl+0x8c/0xd0 [ 17.790589] print_report+0x118/0x5d0 [ 17.790907] kasan_report+0xdc/0x128 [ 17.790995] kasan_check_range+0x100/0x1a8 [ 17.791483] __kasan_check_write+0x20/0x30 [ 17.791570] kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0 [ 17.791629] kasan_bitops_generic+0x11c/0x1c8 [ 17.791691] kunit_try_run_case+0x170/0x3f0 [ 17.791764] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.791819] kthread+0x328/0x630 [ 17.791861] ret_from_fork+0x10/0x20 [ 17.791910] [ 17.791943] Allocated by task 261: [ 17.791995] kasan_save_stack+0x3c/0x68 [ 17.792039] kasan_save_track+0x20/0x40 [ 17.792080] kasan_save_alloc_info+0x40/0x58 [ 17.792123] __kasan_kmalloc+0xd4/0xd8 [ 17.792162] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.792211] kasan_bitops_generic+0xa0/0x1c8 [ 17.792252] kunit_try_run_case+0x170/0x3f0 [ 17.792294] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.792355] kthread+0x328/0x630 [ 17.792404] ret_from_fork+0x10/0x20 [ 17.792449] [ 17.792470] The buggy address belongs to the object at fff00000c3fc6220 [ 17.792470] which belongs to the cache kmalloc-16 of size 16 [ 17.792530] The buggy address is located 8 bytes inside of [ 17.792530] allocated 9-byte region [fff00000c3fc6220, fff00000c3fc6229) [ 17.792619] [ 17.792641] The buggy address belongs to the physical page: [ 17.792699] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 17.792752] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.792801] page_type: f5(slab) [ 17.792863] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.792931] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.792975] page dumped because: kasan: bad access detected [ 17.793009] [ 17.793039] Memory state around the buggy address: [ 17.793072] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.793123] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.793167] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.793206] ^ [ 17.793242] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.793292] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.793351] ================================================================== [ 17.777283] ================================================================== [ 17.777497] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0 [ 17.777591] Read of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.777652] [ 17.777811] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.777900] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.778133] Hardware name: linux,dummy-virt (DT) [ 17.778181] Call trace: [ 17.778311] show_stack+0x20/0x38 (C) [ 17.778447] dump_stack_lvl+0x8c/0xd0 [ 17.778654] print_report+0x118/0x5d0 [ 17.778735] kasan_report+0xdc/0x128 [ 17.778784] __asan_report_load8_noabort+0x20/0x30 [ 17.779258] kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0 [ 17.779342] kasan_bitops_generic+0x11c/0x1c8 [ 17.779393] kunit_try_run_case+0x170/0x3f0 [ 17.779443] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.779498] kthread+0x328/0x630 [ 17.779543] ret_from_fork+0x10/0x20 [ 17.780008] [ 17.780743] Allocated by task 261: [ 17.780810] kasan_save_stack+0x3c/0x68 [ 17.780881] kasan_save_track+0x20/0x40 [ 17.781193] kasan_save_alloc_info+0x40/0x58 [ 17.781470] __kasan_kmalloc+0xd4/0xd8 [ 17.781577] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.781714] kasan_bitops_generic+0xa0/0x1c8 [ 17.781781] kunit_try_run_case+0x170/0x3f0 [ 17.781856] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.782198] kthread+0x328/0x630 [ 17.782649] ret_from_fork+0x10/0x20 [ 17.782744] [ 17.782836] The buggy address belongs to the object at fff00000c3fc6220 [ 17.782836] which belongs to the cache kmalloc-16 of size 16 [ 17.782901] The buggy address is located 8 bytes inside of [ 17.782901] allocated 9-byte region [fff00000c3fc6220, fff00000c3fc6229) [ 17.783061] [ 17.783253] The buggy address belongs to the physical page: [ 17.783592] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 17.784080] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.784266] page_type: f5(slab) [ 17.784325] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.784598] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.784996] page dumped because: kasan: bad access detected [ 17.785282] [ 17.785311] Memory state around the buggy address: [ 17.785517] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.785784] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.785878] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.785928] ^ [ 17.786095] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.786149] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.786191] ================================================================== [ 17.747366] ================================================================== [ 17.747641] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 17.747714] Write of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.747818] [ 17.748267] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.748398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.748475] Hardware name: linux,dummy-virt (DT) [ 17.748695] Call trace: [ 17.748948] show_stack+0x20/0x38 (C) [ 17.749018] dump_stack_lvl+0x8c/0xd0 [ 17.749230] print_report+0x118/0x5d0 [ 17.749685] kasan_report+0xdc/0x128 [ 17.749847] kasan_check_range+0x100/0x1a8 [ 17.750275] __kasan_check_write+0x20/0x30 [ 17.750765] kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 17.750921] kasan_bitops_generic+0x11c/0x1c8 [ 17.751197] kunit_try_run_case+0x170/0x3f0 [ 17.751461] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.751798] kthread+0x328/0x630 [ 17.751984] ret_from_fork+0x10/0x20 [ 17.752156] [ 17.752199] Allocated by task 261: [ 17.752442] kasan_save_stack+0x3c/0x68 [ 17.752617] kasan_save_track+0x20/0x40 [ 17.752728] kasan_save_alloc_info+0x40/0x58 [ 17.752831] __kasan_kmalloc+0xd4/0xd8 [ 17.753057] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.753213] kasan_bitops_generic+0xa0/0x1c8 [ 17.753334] kunit_try_run_case+0x170/0x3f0 [ 17.753514] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.753688] kthread+0x328/0x630 [ 17.753811] ret_from_fork+0x10/0x20 [ 17.753917] [ 17.753960] The buggy address belongs to the object at fff00000c3fc6220 [ 17.753960] which belongs to the cache kmalloc-16 of size 16 [ 17.754171] The buggy address is located 8 bytes inside of [ 17.754171] allocated 9-byte region [fff00000c3fc6220, fff00000c3fc6229) [ 17.754425] [ 17.754474] The buggy address belongs to the physical page: [ 17.754509] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 17.754926] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.755160] page_type: f5(slab) [ 17.755234] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.755564] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.755723] page dumped because: kasan: bad access detected [ 17.755761] [ 17.755782] Memory state around the buggy address: [ 17.756070] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.756336] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.756699] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.756908] ^ [ 17.756951] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.756999] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.757042] ================================================================== [ 17.761584] ================================================================== [ 17.761658] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 17.761730] Read of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.761783] [ 17.761830] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.761915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.761954] Hardware name: linux,dummy-virt (DT) [ 17.761990] Call trace: [ 17.762015] show_stack+0x20/0x38 (C) [ 17.762066] dump_stack_lvl+0x8c/0xd0 [ 17.762118] print_report+0x118/0x5d0 [ 17.762169] kasan_report+0xdc/0x128 [ 17.762228] __asan_report_load8_noabort+0x20/0x30 [ 17.762283] kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 17.762341] kasan_bitops_generic+0x11c/0x1c8 [ 17.762390] kunit_try_run_case+0x170/0x3f0 [ 17.762449] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.762506] kthread+0x328/0x630 [ 17.762550] ret_from_fork+0x10/0x20 [ 17.762597] [ 17.762627] Allocated by task 261: [ 17.762657] kasan_save_stack+0x3c/0x68 [ 17.762711] kasan_save_track+0x20/0x40 [ 17.762749] kasan_save_alloc_info+0x40/0x58 [ 17.762791] __kasan_kmalloc+0xd4/0xd8 [ 17.762829] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.762871] kasan_bitops_generic+0xa0/0x1c8 [ 17.762909] kunit_try_run_case+0x170/0x3f0 [ 17.762964] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.764071] kthread+0x328/0x630 [ 17.764162] ret_from_fork+0x10/0x20 [ 17.764227] [ 17.764249] The buggy address belongs to the object at fff00000c3fc6220 [ 17.764249] which belongs to the cache kmalloc-16 of size 16 [ 17.764335] The buggy address is located 8 bytes inside of [ 17.764335] allocated 9-byte region [fff00000c3fc6220, fff00000c3fc6229) [ 17.764410] [ 17.764433] The buggy address belongs to the physical page: [ 17.764465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 17.764703] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.764972] page_type: f5(slab) [ 17.765263] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.765349] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.765401] page dumped because: kasan: bad access detected [ 17.765436] [ 17.765717] Memory state around the buggy address: [ 17.765985] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.766167] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.766243] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.766338] ^ [ 17.766375] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.766425] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.766829] ================================================================== [ 17.794457] ================================================================== [ 17.794510] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xacc/0xbc0 [ 17.794563] Read of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.794616] [ 17.795206] Hardware name: linux,dummy-virt (DT) [ 17.800098] kunit_try_run_case+0x170/0x3f0 [ 17.801389] [ 17.801764] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.802361] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.803484] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.804354] ================================================================== [ 17.768049] ================================================================== [ 17.768111] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc0 [ 17.768166] Write of size 8 at addr fff00000c3fc6228 by task kunit_try_catch/261 [ 17.768450] [ 17.768496] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.768684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.768720] Hardware name: linux,dummy-virt (DT) [ 17.768797] Call trace: [ 17.768825] show_stack+0x20/0x38 (C) [ 17.768878] dump_stack_lvl+0x8c/0xd0 [ 17.769215] print_report+0x118/0x5d0 [ 17.769354] kasan_report+0xdc/0x128 [ 17.769438] kasan_check_range+0x100/0x1a8 [ 17.769534] __kasan_check_write+0x20/0x30 [ 17.769633] kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc0 [ 17.769707] kasan_bitops_generic+0x11c/0x1c8 [ 17.769757] kunit_try_run_case+0x170/0x3f0 [ 17.769813] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.769869] kthread+0x328/0x630 [ 17.769915] ret_from_fork+0x10/0x20 [ 17.770491] [ 17.770574] Allocated by task 261: [ 17.770612] kasan_save_stack+0x3c/0x68 [ 17.770670] kasan_save_track+0x20/0x40 [ 17.771202] kasan_save_alloc_info+0x40/0x58 [ 17.771294] __kasan_kmalloc+0xd4/0xd8 [ 17.771390] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.771583] kasan_bitops_generic+0xa0/0x1c8 [ 17.771634] kunit_try_run_case+0x170/0x3f0 [ 17.771781] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.771940] kthread+0x328/0x630 [ 17.772177] ret_from_fork+0x10/0x20 [ 17.772295] [ 17.772374] The buggy address belongs to the object at fff00000c3fc6220 [ 17.772374] which belongs to the cache kmalloc-16 of size 16 [ 17.772517] The buggy address is located 8 bytes inside of [ 17.772517] allocated 9-byte region [fff00000c3fc6220, fff00000c3fc6229) [ 17.772610] [ 17.772787] The buggy address belongs to the physical page: [ 17.773036] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103fc6 [ 17.773172] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.773284] page_type: f5(slab) [ 17.773393] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.773809] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.773877] page dumped because: kasan: bad access detected [ 17.774026] [ 17.774125] Memory state around the buggy address: [ 17.774311] fff00000c3fc6100: 00 06 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.774390] fff00000c3fc6180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.774933] >fff00000c3fc6200: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.774990] ^ [ 17.775111] fff00000c3fc6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.775174] fff00000c3fc6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.775781] ==================================================================
[ 14.647564] ================================================================== [ 14.647921] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.648461] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.648884] [ 14.649131] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.649173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.649185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.649205] Call Trace: [ 14.649216] <TASK> [ 14.649229] dump_stack_lvl+0x73/0xb0 [ 14.649256] print_report+0xd1/0x610 [ 14.649277] ? __virt_addr_valid+0x1db/0x2d0 [ 14.649297] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.649323] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.649343] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.649402] kasan_report+0x141/0x180 [ 14.649424] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.649465] kasan_check_range+0x10c/0x1c0 [ 14.649488] __kasan_check_write+0x18/0x20 [ 14.649506] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.649542] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.649569] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.649594] ? trace_hardirqs_on+0x37/0xe0 [ 14.649615] ? kasan_bitops_generic+0x92/0x1c0 [ 14.649640] kasan_bitops_generic+0x121/0x1c0 [ 14.649663] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.649715] ? __pfx_read_tsc+0x10/0x10 [ 14.649735] ? ktime_get_ts64+0x86/0x230 [ 14.649758] kunit_try_run_case+0x1a5/0x480 [ 14.649791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.649813] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.649836] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.649857] ? __kthread_parkme+0x82/0x180 [ 14.649900] ? preempt_count_sub+0x50/0x80 [ 14.649933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.649956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.650006] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.650030] kthread+0x337/0x6f0 [ 14.650049] ? trace_preempt_on+0x20/0xc0 [ 14.650080] ? __pfx_kthread+0x10/0x10 [ 14.650100] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.650119] ? calculate_sigpending+0x7b/0xa0 [ 14.650142] ? __pfx_kthread+0x10/0x10 [ 14.650187] ret_from_fork+0x116/0x1d0 [ 14.650205] ? __pfx_kthread+0x10/0x10 [ 14.650223] ret_from_fork_asm+0x1a/0x30 [ 14.650264] </TASK> [ 14.650275] [ 14.658877] Allocated by task 279: [ 14.659047] kasan_save_stack+0x45/0x70 [ 14.659265] kasan_save_track+0x18/0x40 [ 14.659485] kasan_save_alloc_info+0x3b/0x50 [ 14.659747] __kasan_kmalloc+0xb7/0xc0 [ 14.659976] __kmalloc_cache_noprof+0x189/0x420 [ 14.660239] kasan_bitops_generic+0x92/0x1c0 [ 14.660526] kunit_try_run_case+0x1a5/0x480 [ 14.660670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.660930] kthread+0x337/0x6f0 [ 14.661059] ret_from_fork+0x116/0x1d0 [ 14.661241] ret_from_fork_asm+0x1a/0x30 [ 14.661432] [ 14.661539] The buggy address belongs to the object at ffff888100fffac0 [ 14.661539] which belongs to the cache kmalloc-16 of size 16 [ 14.662095] The buggy address is located 8 bytes inside of [ 14.662095] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.662606] [ 14.662712] The buggy address belongs to the physical page: [ 14.662968] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.663332] flags: 0x200000000000000(node=0|zone=2) [ 14.663563] page_type: f5(slab) [ 14.663770] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.664137] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.664481] page dumped because: kasan: bad access detected [ 14.664762] [ 14.664854] Memory state around the buggy address: [ 14.665112] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.665356] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.665697] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.666021] ^ [ 14.666276] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.666603] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.666964] ================================================================== [ 14.535166] ================================================================== [ 14.535541] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.536326] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.537026] [ 14.537246] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.537287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.537298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.537318] Call Trace: [ 14.537334] <TASK> [ 14.537348] dump_stack_lvl+0x73/0xb0 [ 14.537373] print_report+0xd1/0x610 [ 14.537394] ? __virt_addr_valid+0x1db/0x2d0 [ 14.537415] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.537441] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.537462] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.537488] kasan_report+0x141/0x180 [ 14.537519] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.537550] kasan_check_range+0x10c/0x1c0 [ 14.537572] __kasan_check_write+0x18/0x20 [ 14.537590] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.537616] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.537643] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.537666] ? trace_hardirqs_on+0x37/0xe0 [ 14.537714] ? kasan_bitops_generic+0x92/0x1c0 [ 14.537740] kasan_bitops_generic+0x121/0x1c0 [ 14.537957] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.537981] ? __pfx_read_tsc+0x10/0x10 [ 14.538001] ? ktime_get_ts64+0x86/0x230 [ 14.538023] kunit_try_run_case+0x1a5/0x480 [ 14.538046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.538068] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.538090] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.538113] ? __kthread_parkme+0x82/0x180 [ 14.538131] ? preempt_count_sub+0x50/0x80 [ 14.538153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.538176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.538197] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.538220] kthread+0x337/0x6f0 [ 14.538239] ? trace_preempt_on+0x20/0xc0 [ 14.538260] ? __pfx_kthread+0x10/0x10 [ 14.538280] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.538300] ? calculate_sigpending+0x7b/0xa0 [ 14.538322] ? __pfx_kthread+0x10/0x10 [ 14.538342] ret_from_fork+0x116/0x1d0 [ 14.538373] ? __pfx_kthread+0x10/0x10 [ 14.538393] ret_from_fork_asm+0x1a/0x30 [ 14.538422] </TASK> [ 14.538431] [ 14.554938] Allocated by task 279: [ 14.555148] kasan_save_stack+0x45/0x70 [ 14.555557] kasan_save_track+0x18/0x40 [ 14.555788] kasan_save_alloc_info+0x3b/0x50 [ 14.556136] __kasan_kmalloc+0xb7/0xc0 [ 14.556548] __kmalloc_cache_noprof+0x189/0x420 [ 14.556949] kasan_bitops_generic+0x92/0x1c0 [ 14.557259] kunit_try_run_case+0x1a5/0x480 [ 14.557574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.557881] kthread+0x337/0x6f0 [ 14.558261] ret_from_fork+0x116/0x1d0 [ 14.558617] ret_from_fork_asm+0x1a/0x30 [ 14.558959] [ 14.559179] The buggy address belongs to the object at ffff888100fffac0 [ 14.559179] which belongs to the cache kmalloc-16 of size 16 [ 14.559951] The buggy address is located 8 bytes inside of [ 14.559951] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.561111] [ 14.561449] The buggy address belongs to the physical page: [ 14.561676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.562177] flags: 0x200000000000000(node=0|zone=2) [ 14.562704] page_type: f5(slab) [ 14.563087] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.563790] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.564446] page dumped because: kasan: bad access detected [ 14.564628] [ 14.564810] Memory state around the buggy address: [ 14.565259] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.565952] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.566563] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.567043] ^ [ 14.567345] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.567996] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.568491] ================================================================== [ 14.727615] ================================================================== [ 14.728019] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.728517] Read of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.729031] [ 14.729142] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.729194] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.729206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.729225] Call Trace: [ 14.729238] <TASK> [ 14.729251] dump_stack_lvl+0x73/0xb0 [ 14.729278] print_report+0xd1/0x610 [ 14.729298] ? __virt_addr_valid+0x1db/0x2d0 [ 14.729319] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.729346] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.729397] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.729424] kasan_report+0x141/0x180 [ 14.729444] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.729486] __asan_report_load8_noabort+0x18/0x20 [ 14.729509] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.729562] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.729589] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.729612] ? trace_hardirqs_on+0x37/0xe0 [ 14.729643] ? kasan_bitops_generic+0x92/0x1c0 [ 14.729670] kasan_bitops_generic+0x121/0x1c0 [ 14.729703] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.729726] ? __pfx_read_tsc+0x10/0x10 [ 14.729745] ? ktime_get_ts64+0x86/0x230 [ 14.729768] kunit_try_run_case+0x1a5/0x480 [ 14.729817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.729838] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.729862] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.729895] ? __kthread_parkme+0x82/0x180 [ 14.729923] ? preempt_count_sub+0x50/0x80 [ 14.729946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.729995] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.730017] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.730040] kthread+0x337/0x6f0 [ 14.730069] ? trace_preempt_on+0x20/0xc0 [ 14.730090] ? __pfx_kthread+0x10/0x10 [ 14.730110] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.730156] ? calculate_sigpending+0x7b/0xa0 [ 14.730178] ? __pfx_kthread+0x10/0x10 [ 14.730198] ret_from_fork+0x116/0x1d0 [ 14.730226] ? __pfx_kthread+0x10/0x10 [ 14.730246] ret_from_fork_asm+0x1a/0x30 [ 14.730292] </TASK> [ 14.730311] [ 14.738453] Allocated by task 279: [ 14.738649] kasan_save_stack+0x45/0x70 [ 14.738872] kasan_save_track+0x18/0x40 [ 14.739098] kasan_save_alloc_info+0x3b/0x50 [ 14.739380] __kasan_kmalloc+0xb7/0xc0 [ 14.739587] __kmalloc_cache_noprof+0x189/0x420 [ 14.739964] kasan_bitops_generic+0x92/0x1c0 [ 14.740170] kunit_try_run_case+0x1a5/0x480 [ 14.740370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.740613] kthread+0x337/0x6f0 [ 14.740898] ret_from_fork+0x116/0x1d0 [ 14.741092] ret_from_fork_asm+0x1a/0x30 [ 14.741286] [ 14.741377] The buggy address belongs to the object at ffff888100fffac0 [ 14.741377] which belongs to the cache kmalloc-16 of size 16 [ 14.741917] The buggy address is located 8 bytes inside of [ 14.741917] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.742462] [ 14.742533] The buggy address belongs to the physical page: [ 14.742719] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.743135] flags: 0x200000000000000(node=0|zone=2) [ 14.743417] page_type: f5(slab) [ 14.743585] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.743897] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.744133] page dumped because: kasan: bad access detected [ 14.744299] [ 14.744365] Memory state around the buggy address: [ 14.744586] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.745282] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.745594] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.746023] ^ [ 14.746271] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.746606] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.746984] ================================================================== [ 14.625275] ================================================================== [ 14.625493] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.625981] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.626356] [ 14.626463] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.626504] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.626515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.626535] Call Trace: [ 14.626550] <TASK> [ 14.626564] dump_stack_lvl+0x73/0xb0 [ 14.626590] print_report+0xd1/0x610 [ 14.626610] ? __virt_addr_valid+0x1db/0x2d0 [ 14.626630] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.626657] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.626678] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.626716] kasan_report+0x141/0x180 [ 14.626736] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.626767] kasan_check_range+0x10c/0x1c0 [ 14.626790] __kasan_check_write+0x18/0x20 [ 14.626808] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.626834] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.626862] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.626884] ? trace_hardirqs_on+0x37/0xe0 [ 14.626916] ? kasan_bitops_generic+0x92/0x1c0 [ 14.626943] kasan_bitops_generic+0x121/0x1c0 [ 14.626964] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.626989] ? __pfx_read_tsc+0x10/0x10 [ 14.627008] ? ktime_get_ts64+0x86/0x230 [ 14.627031] kunit_try_run_case+0x1a5/0x480 [ 14.627057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.627079] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.627101] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.627123] ? __kthread_parkme+0x82/0x180 [ 14.627141] ? preempt_count_sub+0x50/0x80 [ 14.627163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.627186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.627208] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.627230] kthread+0x337/0x6f0 [ 14.627248] ? trace_preempt_on+0x20/0xc0 [ 14.627269] ? __pfx_kthread+0x10/0x10 [ 14.627288] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.627308] ? calculate_sigpending+0x7b/0xa0 [ 14.627330] ? __pfx_kthread+0x10/0x10 [ 14.627350] ret_from_fork+0x116/0x1d0 [ 14.627367] ? __pfx_kthread+0x10/0x10 [ 14.627388] ret_from_fork_asm+0x1a/0x30 [ 14.627417] </TASK> [ 14.627426] [ 14.637653] Allocated by task 279: [ 14.637866] kasan_save_stack+0x45/0x70 [ 14.638098] kasan_save_track+0x18/0x40 [ 14.638345] kasan_save_alloc_info+0x3b/0x50 [ 14.638553] __kasan_kmalloc+0xb7/0xc0 [ 14.638726] __kmalloc_cache_noprof+0x189/0x420 [ 14.638874] kasan_bitops_generic+0x92/0x1c0 [ 14.639072] kunit_try_run_case+0x1a5/0x480 [ 14.639424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.639672] kthread+0x337/0x6f0 [ 14.639829] ret_from_fork+0x116/0x1d0 [ 14.640048] ret_from_fork_asm+0x1a/0x30 [ 14.640261] [ 14.640384] The buggy address belongs to the object at ffff888100fffac0 [ 14.640384] which belongs to the cache kmalloc-16 of size 16 [ 14.641242] The buggy address is located 8 bytes inside of [ 14.641242] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.641833] [ 14.641901] The buggy address belongs to the physical page: [ 14.642162] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.642688] flags: 0x200000000000000(node=0|zone=2) [ 14.643056] page_type: f5(slab) [ 14.643263] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.643579] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.643971] page dumped because: kasan: bad access detected [ 14.644219] [ 14.644305] Memory state around the buggy address: [ 14.644669] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.644998] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.645312] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.645611] ^ [ 14.646142] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.646494] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.646807] ================================================================== [ 14.569340] ================================================================== [ 14.569582] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.569860] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.570101] [ 14.570186] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.570227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.570238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.570258] Call Trace: [ 14.570273] <TASK> [ 14.570286] dump_stack_lvl+0x73/0xb0 [ 14.570311] print_report+0xd1/0x610 [ 14.570332] ? __virt_addr_valid+0x1db/0x2d0 [ 14.570353] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.570379] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.570400] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.570426] kasan_report+0x141/0x180 [ 14.570447] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.570477] kasan_check_range+0x10c/0x1c0 [ 14.570499] __kasan_check_write+0x18/0x20 [ 14.570517] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.570542] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.570569] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.570591] ? trace_hardirqs_on+0x37/0xe0 [ 14.570612] ? kasan_bitops_generic+0x92/0x1c0 [ 14.570638] kasan_bitops_generic+0x121/0x1c0 [ 14.570659] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.570682] ? __pfx_read_tsc+0x10/0x10 [ 14.570702] ? ktime_get_ts64+0x86/0x230 [ 14.570725] kunit_try_run_case+0x1a5/0x480 [ 14.570747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.570768] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.570791] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.570812] ? __kthread_parkme+0x82/0x180 [ 14.570831] ? preempt_count_sub+0x50/0x80 [ 14.570853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.570876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.570897] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.570944] kthread+0x337/0x6f0 [ 14.570962] ? trace_preempt_on+0x20/0xc0 [ 14.570982] ? __pfx_kthread+0x10/0x10 [ 14.571002] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.571021] ? calculate_sigpending+0x7b/0xa0 [ 14.571044] ? __pfx_kthread+0x10/0x10 [ 14.571069] ret_from_fork+0x116/0x1d0 [ 14.571102] ? __pfx_kthread+0x10/0x10 [ 14.571135] ret_from_fork_asm+0x1a/0x30 [ 14.571177] </TASK> [ 14.571187] [ 14.590363] Allocated by task 279: [ 14.590614] kasan_save_stack+0x45/0x70 [ 14.591054] kasan_save_track+0x18/0x40 [ 14.591340] kasan_save_alloc_info+0x3b/0x50 [ 14.591735] __kasan_kmalloc+0xb7/0xc0 [ 14.591993] __kmalloc_cache_noprof+0x189/0x420 [ 14.592427] kasan_bitops_generic+0x92/0x1c0 [ 14.592867] kunit_try_run_case+0x1a5/0x480 [ 14.593335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.593524] kthread+0x337/0x6f0 [ 14.593643] ret_from_fork+0x116/0x1d0 [ 14.593997] ret_from_fork_asm+0x1a/0x30 [ 14.594403] [ 14.594592] The buggy address belongs to the object at ffff888100fffac0 [ 14.594592] which belongs to the cache kmalloc-16 of size 16 [ 14.595837] The buggy address is located 8 bytes inside of [ 14.595837] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.596809] [ 14.597076] The buggy address belongs to the physical page: [ 14.597583] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.598255] flags: 0x200000000000000(node=0|zone=2) [ 14.598459] page_type: f5(slab) [ 14.598762] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.599562] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.600104] page dumped because: kasan: bad access detected [ 14.600269] [ 14.600334] Memory state around the buggy address: [ 14.600967] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.601185] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.601393] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.601597] ^ [ 14.602105] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.602335] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.602787] ================================================================== [ 14.706994] ================================================================== [ 14.707700] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.708113] Read of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.708436] [ 14.708541] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.708581] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.708592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.708612] Call Trace: [ 14.708627] <TASK> [ 14.708641] dump_stack_lvl+0x73/0xb0 [ 14.708667] print_report+0xd1/0x610 [ 14.708697] ? __virt_addr_valid+0x1db/0x2d0 [ 14.708717] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.708744] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.708765] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.708828] kasan_report+0x141/0x180 [ 14.708849] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.708917] kasan_check_range+0x10c/0x1c0 [ 14.708942] __kasan_check_read+0x15/0x20 [ 14.708959] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.708986] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.709013] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.709035] ? trace_hardirqs_on+0x37/0xe0 [ 14.709055] ? kasan_bitops_generic+0x92/0x1c0 [ 14.709081] kasan_bitops_generic+0x121/0x1c0 [ 14.709103] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.709127] ? __pfx_read_tsc+0x10/0x10 [ 14.709146] ? ktime_get_ts64+0x86/0x230 [ 14.709169] kunit_try_run_case+0x1a5/0x480 [ 14.709191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.709213] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.709234] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.709257] ? __kthread_parkme+0x82/0x180 [ 14.709275] ? preempt_count_sub+0x50/0x80 [ 14.709297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.709320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.709342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.709365] kthread+0x337/0x6f0 [ 14.709384] ? trace_preempt_on+0x20/0xc0 [ 14.709406] ? __pfx_kthread+0x10/0x10 [ 14.709425] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.709445] ? calculate_sigpending+0x7b/0xa0 [ 14.709467] ? __pfx_kthread+0x10/0x10 [ 14.709488] ret_from_fork+0x116/0x1d0 [ 14.709505] ? __pfx_kthread+0x10/0x10 [ 14.709524] ret_from_fork_asm+0x1a/0x30 [ 14.709554] </TASK> [ 14.709563] [ 14.718603] Allocated by task 279: [ 14.718793] kasan_save_stack+0x45/0x70 [ 14.719008] kasan_save_track+0x18/0x40 [ 14.719242] kasan_save_alloc_info+0x3b/0x50 [ 14.719485] __kasan_kmalloc+0xb7/0xc0 [ 14.719681] __kmalloc_cache_noprof+0x189/0x420 [ 14.719946] kasan_bitops_generic+0x92/0x1c0 [ 14.720138] kunit_try_run_case+0x1a5/0x480 [ 14.720280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.720447] kthread+0x337/0x6f0 [ 14.720563] ret_from_fork+0x116/0x1d0 [ 14.720719] ret_from_fork_asm+0x1a/0x30 [ 14.720934] [ 14.721027] The buggy address belongs to the object at ffff888100fffac0 [ 14.721027] which belongs to the cache kmalloc-16 of size 16 [ 14.721538] The buggy address is located 8 bytes inside of [ 14.721538] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.722024] [ 14.722092] The buggy address belongs to the physical page: [ 14.722528] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.722863] flags: 0x200000000000000(node=0|zone=2) [ 14.723123] page_type: f5(slab) [ 14.723309] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.723655] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.724028] page dumped because: kasan: bad access detected [ 14.724301] [ 14.724396] Memory state around the buggy address: [ 14.724612] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.725051] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.725398] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.725730] ^ [ 14.725994] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.726303] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.726629] ================================================================== [ 14.667678] ================================================================== [ 14.668000] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.668420] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.668831] [ 14.668981] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.669022] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.669033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.669052] Call Trace: [ 14.669065] <TASK> [ 14.669077] dump_stack_lvl+0x73/0xb0 [ 14.669104] print_report+0xd1/0x610 [ 14.669125] ? __virt_addr_valid+0x1db/0x2d0 [ 14.669146] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.669173] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.669194] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.669221] kasan_report+0x141/0x180 [ 14.669242] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.669273] kasan_check_range+0x10c/0x1c0 [ 14.669295] __kasan_check_write+0x18/0x20 [ 14.669313] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.669339] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.669366] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.669388] ? trace_hardirqs_on+0x37/0xe0 [ 14.669410] ? kasan_bitops_generic+0x92/0x1c0 [ 14.669436] kasan_bitops_generic+0x121/0x1c0 [ 14.669457] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.669481] ? __pfx_read_tsc+0x10/0x10 [ 14.669500] ? ktime_get_ts64+0x86/0x230 [ 14.669523] kunit_try_run_case+0x1a5/0x480 [ 14.669546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.669618] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.669642] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.669671] ? __kthread_parkme+0x82/0x180 [ 14.669690] ? preempt_count_sub+0x50/0x80 [ 14.669713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.669735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.669757] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.669780] kthread+0x337/0x6f0 [ 14.669798] ? trace_preempt_on+0x20/0xc0 [ 14.669818] ? __pfx_kthread+0x10/0x10 [ 14.669837] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.669858] ? calculate_sigpending+0x7b/0xa0 [ 14.669879] ? __pfx_kthread+0x10/0x10 [ 14.669899] ret_from_fork+0x116/0x1d0 [ 14.669927] ? __pfx_kthread+0x10/0x10 [ 14.669946] ret_from_fork_asm+0x1a/0x30 [ 14.669976] </TASK> [ 14.669984] [ 14.678287] Allocated by task 279: [ 14.678414] kasan_save_stack+0x45/0x70 [ 14.678553] kasan_save_track+0x18/0x40 [ 14.678721] kasan_save_alloc_info+0x3b/0x50 [ 14.678977] __kasan_kmalloc+0xb7/0xc0 [ 14.679183] __kmalloc_cache_noprof+0x189/0x420 [ 14.679406] kasan_bitops_generic+0x92/0x1c0 [ 14.679657] kunit_try_run_case+0x1a5/0x480 [ 14.679875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.680174] kthread+0x337/0x6f0 [ 14.680345] ret_from_fork+0x116/0x1d0 [ 14.680569] ret_from_fork_asm+0x1a/0x30 [ 14.680825] [ 14.680921] The buggy address belongs to the object at ffff888100fffac0 [ 14.680921] which belongs to the cache kmalloc-16 of size 16 [ 14.681470] The buggy address is located 8 bytes inside of [ 14.681470] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.682060] [ 14.682187] The buggy address belongs to the physical page: [ 14.682453] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.682877] flags: 0x200000000000000(node=0|zone=2) [ 14.683133] page_type: f5(slab) [ 14.683342] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.683726] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.684075] page dumped because: kasan: bad access detected [ 14.684335] [ 14.684436] Memory state around the buggy address: [ 14.684644] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.685053] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.685341] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.685609] ^ [ 14.686080] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.686350] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.686610] ================================================================== [ 14.687428] ================================================================== [ 14.687922] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.688331] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.688671] [ 14.688785] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.688825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.688836] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.688883] Call Trace: [ 14.688896] <TASK> [ 14.688925] dump_stack_lvl+0x73/0xb0 [ 14.688952] print_report+0xd1/0x610 [ 14.688973] ? __virt_addr_valid+0x1db/0x2d0 [ 14.688994] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.689047] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.689068] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.689095] kasan_report+0x141/0x180 [ 14.689125] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.689157] kasan_check_range+0x10c/0x1c0 [ 14.689204] __kasan_check_write+0x18/0x20 [ 14.689223] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.689249] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.689286] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.689308] ? trace_hardirqs_on+0x37/0xe0 [ 14.689329] ? kasan_bitops_generic+0x92/0x1c0 [ 14.689381] kasan_bitops_generic+0x121/0x1c0 [ 14.689403] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.689427] ? __pfx_read_tsc+0x10/0x10 [ 14.689456] ? ktime_get_ts64+0x86/0x230 [ 14.689479] kunit_try_run_case+0x1a5/0x480 [ 14.689528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.689550] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.689572] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.689605] ? __kthread_parkme+0x82/0x180 [ 14.689623] ? preempt_count_sub+0x50/0x80 [ 14.689662] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.689712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.689733] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.689756] kthread+0x337/0x6f0 [ 14.689802] ? trace_preempt_on+0x20/0xc0 [ 14.689822] ? __pfx_kthread+0x10/0x10 [ 14.689842] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.689862] ? calculate_sigpending+0x7b/0xa0 [ 14.689884] ? __pfx_kthread+0x10/0x10 [ 14.689914] ret_from_fork+0x116/0x1d0 [ 14.689931] ? __pfx_kthread+0x10/0x10 [ 14.689951] ret_from_fork_asm+0x1a/0x30 [ 14.690006] </TASK> [ 14.690015] [ 14.698665] Allocated by task 279: [ 14.698883] kasan_save_stack+0x45/0x70 [ 14.699112] kasan_save_track+0x18/0x40 [ 14.699305] kasan_save_alloc_info+0x3b/0x50 [ 14.699531] __kasan_kmalloc+0xb7/0xc0 [ 14.699672] __kmalloc_cache_noprof+0x189/0x420 [ 14.699938] kasan_bitops_generic+0x92/0x1c0 [ 14.700146] kunit_try_run_case+0x1a5/0x480 [ 14.700348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.700626] kthread+0x337/0x6f0 [ 14.700977] ret_from_fork+0x116/0x1d0 [ 14.701162] ret_from_fork_asm+0x1a/0x30 [ 14.701297] [ 14.701365] The buggy address belongs to the object at ffff888100fffac0 [ 14.701365] which belongs to the cache kmalloc-16 of size 16 [ 14.701887] The buggy address is located 8 bytes inside of [ 14.701887] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.702534] [ 14.702643] The buggy address belongs to the physical page: [ 14.702930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.703229] flags: 0x200000000000000(node=0|zone=2) [ 14.703460] page_type: f5(slab) [ 14.703597] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.703897] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.704123] page dumped because: kasan: bad access detected [ 14.704287] [ 14.704352] Memory state around the buggy address: [ 14.704499] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.704706] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.704941] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.705282] ^ [ 14.705756] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.706092] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.706406] ================================================================== [ 14.603286] ================================================================== [ 14.603866] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.604256] Write of size 8 at addr ffff888100fffac8 by task kunit_try_catch/279 [ 14.604545] [ 14.604656] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.604697] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.604708] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.604758] Call Trace: [ 14.604773] <TASK> [ 14.604787] dump_stack_lvl+0x73/0xb0 [ 14.604897] print_report+0xd1/0x610 [ 14.604930] ? __virt_addr_valid+0x1db/0x2d0 [ 14.604951] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.604977] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.604997] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.605023] kasan_report+0x141/0x180 [ 14.605045] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.605075] kasan_check_range+0x10c/0x1c0 [ 14.605098] __kasan_check_write+0x18/0x20 [ 14.605117] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.605144] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.605171] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.605192] ? trace_hardirqs_on+0x37/0xe0 [ 14.605213] ? kasan_bitops_generic+0x92/0x1c0 [ 14.605239] kasan_bitops_generic+0x121/0x1c0 [ 14.605261] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.605285] ? __pfx_read_tsc+0x10/0x10 [ 14.605305] ? ktime_get_ts64+0x86/0x230 [ 14.605328] kunit_try_run_case+0x1a5/0x480 [ 14.605351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.605372] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.605394] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.605416] ? __kthread_parkme+0x82/0x180 [ 14.605435] ? preempt_count_sub+0x50/0x80 [ 14.605457] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.605480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.605501] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.605524] kthread+0x337/0x6f0 [ 14.605542] ? trace_preempt_on+0x20/0xc0 [ 14.605562] ? __pfx_kthread+0x10/0x10 [ 14.605581] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.605602] ? calculate_sigpending+0x7b/0xa0 [ 14.605624] ? __pfx_kthread+0x10/0x10 [ 14.605645] ret_from_fork+0x116/0x1d0 [ 14.605662] ? __pfx_kthread+0x10/0x10 [ 14.605682] ret_from_fork_asm+0x1a/0x30 [ 14.605711] </TASK> [ 14.605721] [ 14.615833] Allocated by task 279: [ 14.616110] kasan_save_stack+0x45/0x70 [ 14.616314] kasan_save_track+0x18/0x40 [ 14.616461] kasan_save_alloc_info+0x3b/0x50 [ 14.616604] __kasan_kmalloc+0xb7/0xc0 [ 14.616731] __kmalloc_cache_noprof+0x189/0x420 [ 14.616882] kasan_bitops_generic+0x92/0x1c0 [ 14.617157] kunit_try_run_case+0x1a5/0x480 [ 14.617507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.617927] kthread+0x337/0x6f0 [ 14.618161] ret_from_fork+0x116/0x1d0 [ 14.618416] ret_from_fork_asm+0x1a/0x30 [ 14.618551] [ 14.618619] The buggy address belongs to the object at ffff888100fffac0 [ 14.618619] which belongs to the cache kmalloc-16 of size 16 [ 14.619451] The buggy address is located 8 bytes inside of [ 14.619451] allocated 9-byte region [ffff888100fffac0, ffff888100fffac9) [ 14.620206] [ 14.620307] The buggy address belongs to the physical page: [ 14.620593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fff [ 14.620824] flags: 0x200000000000000(node=0|zone=2) [ 14.620991] page_type: f5(slab) [ 14.621141] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.621554] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.622150] page dumped because: kasan: bad access detected [ 14.622500] [ 14.622639] Memory state around the buggy address: [ 14.622935] ffff888100fff980: fa fb fc fc fa fb fc fc 00 02 fc fc 00 02 fc fc [ 14.623272] ffff888100fffa00: 00 06 fc fc 00 06 fc fc fa fb fc fc fa fb fc fc [ 14.623482] >ffff888100fffa80: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.624113] ^ [ 14.624392] ffff888100fffb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.624723] ffff888100fffb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.624939] ==================================================================