Date
July 13, 2025, 11:09 p.m.
| Environment | |
|---|---|
| qemu-x86_64 |
[ 14.933519] ================================================================== [ 14.933865] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.934297] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 14.934710] [ 14.934817] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.934859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.934870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.934901] Call Trace: [ 14.934917] <TASK> [ 14.934932] dump_stack_lvl+0x73/0xb0 [ 14.934961] print_report+0xd1/0x610 [ 14.934997] ? __virt_addr_valid+0x1db/0x2d0 [ 14.935029] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.935059] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.935084] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.935125] kasan_report+0x141/0x180 [ 14.935147] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.935183] kasan_check_range+0x10c/0x1c0 [ 14.935206] __kasan_check_write+0x18/0x20 [ 14.935226] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.935256] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.935287] ? ret_from_fork_asm+0x1a/0x30 [ 14.935310] ? kthread+0x337/0x6f0 [ 14.935334] kasan_bitops_generic+0x121/0x1c0 [ 14.935358] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.935391] ? __pfx_read_tsc+0x10/0x10 [ 14.935412] ? ktime_get_ts64+0x86/0x230 [ 14.935468] kunit_try_run_case+0x1a5/0x480 [ 14.935494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.935518] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.935541] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.935764] ? __kthread_parkme+0x82/0x180 [ 14.935786] ? preempt_count_sub+0x50/0x80 [ 14.935809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.935835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.935872] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.935899] kthread+0x337/0x6f0 [ 14.935918] ? trace_preempt_on+0x20/0xc0 [ 14.935954] ? __pfx_kthread+0x10/0x10 [ 14.935976] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.935997] ? calculate_sigpending+0x7b/0xa0 [ 14.936023] ? __pfx_kthread+0x10/0x10 [ 14.936044] ret_from_fork+0x116/0x1d0 [ 14.936072] ? __pfx_kthread+0x10/0x10 [ 14.936093] ret_from_fork_asm+0x1a/0x30 [ 14.936134] </TASK> [ 14.936145] [ 14.945244] Allocated by task 279: [ 14.945442] kasan_save_stack+0x45/0x70 [ 14.945768] kasan_save_track+0x18/0x40 [ 14.945978] kasan_save_alloc_info+0x3b/0x50 [ 14.946149] __kasan_kmalloc+0xb7/0xc0 [ 14.946282] __kmalloc_cache_noprof+0x189/0x420 [ 14.946480] kasan_bitops_generic+0x92/0x1c0 [ 14.946774] kunit_try_run_case+0x1a5/0x480 [ 14.946986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.947190] kthread+0x337/0x6f0 [ 14.947314] ret_from_fork+0x116/0x1d0 [ 14.947518] ret_from_fork_asm+0x1a/0x30 [ 14.947720] [ 14.947817] The buggy address belongs to the object at ffff888102676240 [ 14.947817] which belongs to the cache kmalloc-16 of size 16 [ 14.948240] The buggy address is located 8 bytes inside of [ 14.948240] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 14.948776] [ 14.948878] The buggy address belongs to the physical page: [ 14.949109] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 14.949799] flags: 0x200000000000000(node=0|zone=2) [ 14.950052] page_type: f5(slab) [ 14.950209] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.950648] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.950908] page dumped because: kasan: bad access detected [ 14.951184] [ 14.951277] Memory state around the buggy address: [ 14.951537] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.951959] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.952300] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.952722] ^ [ 14.953048] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.953372] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.953688] ================================================================== [ 14.870649] ================================================================== [ 14.870924] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.871267] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 14.871931] [ 14.872036] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.872081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.872092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.872124] Call Trace: [ 14.872138] <TASK> [ 14.872154] dump_stack_lvl+0x73/0xb0 [ 14.872182] print_report+0xd1/0x610 [ 14.872214] ? __virt_addr_valid+0x1db/0x2d0 [ 14.872237] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.872267] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.872305] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.872335] kasan_report+0x141/0x180 [ 14.872357] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.872422] kasan_check_range+0x10c/0x1c0 [ 14.872446] __kasan_check_write+0x18/0x20 [ 14.872475] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.872505] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.872544] ? ret_from_fork_asm+0x1a/0x30 [ 14.872648] ? kthread+0x337/0x6f0 [ 14.872673] kasan_bitops_generic+0x121/0x1c0 [ 14.872698] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.872725] ? __pfx_read_tsc+0x10/0x10 [ 14.872757] ? ktime_get_ts64+0x86/0x230 [ 14.872781] kunit_try_run_case+0x1a5/0x480 [ 14.872816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.872839] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.872865] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.872889] ? __kthread_parkme+0x82/0x180 [ 14.872909] ? preempt_count_sub+0x50/0x80 [ 14.872934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.872959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.872983] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.873018] kthread+0x337/0x6f0 [ 14.873038] ? trace_preempt_on+0x20/0xc0 [ 14.873060] ? __pfx_kthread+0x10/0x10 [ 14.873093] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.873114] ? calculate_sigpending+0x7b/0xa0 [ 14.873140] ? __pfx_kthread+0x10/0x10 [ 14.873161] ret_from_fork+0x116/0x1d0 [ 14.873179] ? __pfx_kthread+0x10/0x10 [ 14.873200] ret_from_fork_asm+0x1a/0x30 [ 14.873231] </TASK> [ 14.873240] [ 14.882240] Allocated by task 279: [ 14.882483] kasan_save_stack+0x45/0x70 [ 14.882798] kasan_save_track+0x18/0x40 [ 14.882957] kasan_save_alloc_info+0x3b/0x50 [ 14.883184] __kasan_kmalloc+0xb7/0xc0 [ 14.883416] __kmalloc_cache_noprof+0x189/0x420 [ 14.883859] kasan_bitops_generic+0x92/0x1c0 [ 14.884072] kunit_try_run_case+0x1a5/0x480 [ 14.884220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.884545] kthread+0x337/0x6f0 [ 14.884794] ret_from_fork+0x116/0x1d0 [ 14.884971] ret_from_fork_asm+0x1a/0x30 [ 14.885113] [ 14.885185] The buggy address belongs to the object at ffff888102676240 [ 14.885185] which belongs to the cache kmalloc-16 of size 16 [ 14.885839] The buggy address is located 8 bytes inside of [ 14.885839] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 14.886349] [ 14.886442] The buggy address belongs to the physical page: [ 14.886796] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 14.887144] flags: 0x200000000000000(node=0|zone=2) [ 14.887369] page_type: f5(slab) [ 14.887598] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.888150] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.888798] page dumped because: kasan: bad access detected [ 14.889063] [ 14.889139] Memory state around the buggy address: [ 14.889338] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.889627] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.889919] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.890182] ^ [ 14.890430] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.890921] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.891222] ================================================================== [ 15.004995] ================================================================== [ 15.005337] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.005843] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 15.006101] [ 15.006196] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.006239] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.006250] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.006271] Call Trace: [ 15.006286] <TASK> [ 15.006301] dump_stack_lvl+0x73/0xb0 [ 15.006329] print_report+0xd1/0x610 [ 15.006351] ? __virt_addr_valid+0x1db/0x2d0 [ 15.006374] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.006403] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.006427] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.006490] kasan_report+0x141/0x180 [ 15.006512] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.006737] kasan_check_range+0x10c/0x1c0 [ 15.006773] __kasan_check_write+0x18/0x20 [ 15.006794] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.006825] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.006857] ? ret_from_fork_asm+0x1a/0x30 [ 15.006881] ? kthread+0x337/0x6f0 [ 15.006904] kasan_bitops_generic+0x121/0x1c0 [ 15.006929] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.006955] ? __pfx_read_tsc+0x10/0x10 [ 15.006975] ? ktime_get_ts64+0x86/0x230 [ 15.007000] kunit_try_run_case+0x1a5/0x480 [ 15.007024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.007047] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.007071] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.007095] ? __kthread_parkme+0x82/0x180 [ 15.007116] ? preempt_count_sub+0x50/0x80 [ 15.007140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.007165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.007189] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.007215] kthread+0x337/0x6f0 [ 15.007233] ? trace_preempt_on+0x20/0xc0 [ 15.007256] ? __pfx_kthread+0x10/0x10 [ 15.007276] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.007298] ? calculate_sigpending+0x7b/0xa0 [ 15.007323] ? __pfx_kthread+0x10/0x10 [ 15.007344] ret_from_fork+0x116/0x1d0 [ 15.007362] ? __pfx_kthread+0x10/0x10 [ 15.007382] ret_from_fork_asm+0x1a/0x30 [ 15.007413] </TASK> [ 15.007422] [ 15.015883] Allocated by task 279: [ 15.016069] kasan_save_stack+0x45/0x70 [ 15.016277] kasan_save_track+0x18/0x40 [ 15.016513] kasan_save_alloc_info+0x3b/0x50 [ 15.016783] __kasan_kmalloc+0xb7/0xc0 [ 15.016922] __kmalloc_cache_noprof+0x189/0x420 [ 15.017108] kasan_bitops_generic+0x92/0x1c0 [ 15.017320] kunit_try_run_case+0x1a5/0x480 [ 15.017632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.017895] kthread+0x337/0x6f0 [ 15.018063] ret_from_fork+0x116/0x1d0 [ 15.018256] ret_from_fork_asm+0x1a/0x30 [ 15.018447] [ 15.018529] The buggy address belongs to the object at ffff888102676240 [ 15.018529] which belongs to the cache kmalloc-16 of size 16 [ 15.019221] The buggy address is located 8 bytes inside of [ 15.019221] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 15.019788] [ 15.019891] The buggy address belongs to the physical page: [ 15.020149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 15.020541] flags: 0x200000000000000(node=0|zone=2) [ 15.020854] page_type: f5(slab) [ 15.020993] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.021262] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.021625] page dumped because: kasan: bad access detected [ 15.021887] [ 15.021980] Memory state around the buggy address: [ 15.022215] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 15.022751] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.023005] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.023290] ^ [ 15.023650] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.023887] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.024170] ================================================================== [ 14.984342] ================================================================== [ 14.985033] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.985426] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 14.986198] [ 14.986413] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.986535] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.986629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.986655] Call Trace: [ 14.986672] <TASK> [ 14.986688] dump_stack_lvl+0x73/0xb0 [ 14.986718] print_report+0xd1/0x610 [ 14.986740] ? __virt_addr_valid+0x1db/0x2d0 [ 14.986763] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.986793] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.986818] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.986849] kasan_report+0x141/0x180 [ 14.986870] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.986904] kasan_check_range+0x10c/0x1c0 [ 14.986929] __kasan_check_write+0x18/0x20 [ 14.986950] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.986979] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.987012] ? ret_from_fork_asm+0x1a/0x30 [ 14.987035] ? kthread+0x337/0x6f0 [ 14.987059] kasan_bitops_generic+0x121/0x1c0 [ 14.987082] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.987109] ? __pfx_read_tsc+0x10/0x10 [ 14.987130] ? ktime_get_ts64+0x86/0x230 [ 14.987154] kunit_try_run_case+0x1a5/0x480 [ 14.987179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.987203] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.987227] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.987251] ? __kthread_parkme+0x82/0x180 [ 14.987272] ? preempt_count_sub+0x50/0x80 [ 14.987298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.987323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.987347] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.987372] kthread+0x337/0x6f0 [ 14.987392] ? trace_preempt_on+0x20/0xc0 [ 14.987414] ? __pfx_kthread+0x10/0x10 [ 14.987435] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.987483] ? calculate_sigpending+0x7b/0xa0 [ 14.987507] ? __pfx_kthread+0x10/0x10 [ 14.987529] ret_from_fork+0x116/0x1d0 [ 14.987630] ? __pfx_kthread+0x10/0x10 [ 14.987659] ret_from_fork_asm+0x1a/0x30 [ 14.987690] </TASK> [ 14.987699] [ 14.996283] Allocated by task 279: [ 14.996486] kasan_save_stack+0x45/0x70 [ 14.996764] kasan_save_track+0x18/0x40 [ 14.996966] kasan_save_alloc_info+0x3b/0x50 [ 14.997178] __kasan_kmalloc+0xb7/0xc0 [ 14.997369] __kmalloc_cache_noprof+0x189/0x420 [ 14.997813] kasan_bitops_generic+0x92/0x1c0 [ 14.998044] kunit_try_run_case+0x1a5/0x480 [ 14.998200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.998466] kthread+0x337/0x6f0 [ 14.998722] ret_from_fork+0x116/0x1d0 [ 14.998866] ret_from_fork_asm+0x1a/0x30 [ 14.999065] [ 14.999162] The buggy address belongs to the object at ffff888102676240 [ 14.999162] which belongs to the cache kmalloc-16 of size 16 [ 14.999778] The buggy address is located 8 bytes inside of [ 14.999778] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 15.000168] [ 15.000239] The buggy address belongs to the physical page: [ 15.000424] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 15.000884] flags: 0x200000000000000(node=0|zone=2) [ 15.001121] page_type: f5(slab) [ 15.001286] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.001563] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.001805] page dumped because: kasan: bad access detected [ 15.002056] [ 15.002145] Memory state around the buggy address: [ 15.002368] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 15.002702] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.003263] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.003618] ^ [ 15.003880] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.004160] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.004493] ================================================================== [ 15.044026] ================================================================== [ 15.044313] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.044663] Read of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 15.044978] [ 15.045059] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.045100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.045111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.045131] Call Trace: [ 15.045144] <TASK> [ 15.045159] dump_stack_lvl+0x73/0xb0 [ 15.045183] print_report+0xd1/0x610 [ 15.045204] ? __virt_addr_valid+0x1db/0x2d0 [ 15.045225] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.045252] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.045274] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.045302] kasan_report+0x141/0x180 [ 15.045322] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.045354] __asan_report_load8_noabort+0x18/0x20 [ 15.045378] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.045406] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.045435] ? ret_from_fork_asm+0x1a/0x30 [ 15.045761] ? kthread+0x337/0x6f0 [ 15.045790] kasan_bitops_generic+0x121/0x1c0 [ 15.045817] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.045843] ? __pfx_read_tsc+0x10/0x10 [ 15.045864] ? ktime_get_ts64+0x86/0x230 [ 15.045888] kunit_try_run_case+0x1a5/0x480 [ 15.045912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.045936] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.045961] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.045984] ? __kthread_parkme+0x82/0x180 [ 15.046005] ? preempt_count_sub+0x50/0x80 [ 15.046029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.046054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.046079] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.046105] kthread+0x337/0x6f0 [ 15.046124] ? trace_preempt_on+0x20/0xc0 [ 15.046147] ? __pfx_kthread+0x10/0x10 [ 15.046168] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.046189] ? calculate_sigpending+0x7b/0xa0 [ 15.046214] ? __pfx_kthread+0x10/0x10 [ 15.046235] ret_from_fork+0x116/0x1d0 [ 15.046255] ? __pfx_kthread+0x10/0x10 [ 15.046275] ret_from_fork_asm+0x1a/0x30 [ 15.046306] </TASK> [ 15.046316] [ 15.054490] Allocated by task 279: [ 15.054845] kasan_save_stack+0x45/0x70 [ 15.055036] kasan_save_track+0x18/0x40 [ 15.055171] kasan_save_alloc_info+0x3b/0x50 [ 15.055362] __kasan_kmalloc+0xb7/0xc0 [ 15.055662] __kmalloc_cache_noprof+0x189/0x420 [ 15.055901] kasan_bitops_generic+0x92/0x1c0 [ 15.056107] kunit_try_run_case+0x1a5/0x480 [ 15.056315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.056666] kthread+0x337/0x6f0 [ 15.056828] ret_from_fork+0x116/0x1d0 [ 15.056962] ret_from_fork_asm+0x1a/0x30 [ 15.057103] [ 15.057174] The buggy address belongs to the object at ffff888102676240 [ 15.057174] which belongs to the cache kmalloc-16 of size 16 [ 15.057726] The buggy address is located 8 bytes inside of [ 15.057726] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 15.058268] [ 15.058364] The buggy address belongs to the physical page: [ 15.058796] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 15.059134] flags: 0x200000000000000(node=0|zone=2) [ 15.059300] page_type: f5(slab) [ 15.059422] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.059793] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.060124] page dumped because: kasan: bad access detected [ 15.060301] [ 15.060394] Memory state around the buggy address: [ 15.060627] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 15.060921] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.061159] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.061369] ^ [ 15.061781] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.062111] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.062469] ================================================================== [ 14.891889] ================================================================== [ 14.892210] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.892681] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 14.893036] [ 14.893126] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.893169] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.893181] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.893201] Call Trace: [ 14.893215] <TASK> [ 14.893231] dump_stack_lvl+0x73/0xb0 [ 14.893268] print_report+0xd1/0x610 [ 14.893291] ? __virt_addr_valid+0x1db/0x2d0 [ 14.893313] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.893354] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.893378] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.893408] kasan_report+0x141/0x180 [ 14.893471] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.893506] kasan_check_range+0x10c/0x1c0 [ 14.893530] __kasan_check_write+0x18/0x20 [ 14.893650] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.893687] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.893732] ? ret_from_fork_asm+0x1a/0x30 [ 14.893754] ? kthread+0x337/0x6f0 [ 14.893778] kasan_bitops_generic+0x121/0x1c0 [ 14.893802] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.893828] ? __pfx_read_tsc+0x10/0x10 [ 14.893850] ? ktime_get_ts64+0x86/0x230 [ 14.893875] kunit_try_run_case+0x1a5/0x480 [ 14.893900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.893924] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.893957] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.893983] ? __kthread_parkme+0x82/0x180 [ 14.894003] ? preempt_count_sub+0x50/0x80 [ 14.894037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.894062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.894087] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.894113] kthread+0x337/0x6f0 [ 14.894141] ? trace_preempt_on+0x20/0xc0 [ 14.894164] ? __pfx_kthread+0x10/0x10 [ 14.894185] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.894218] ? calculate_sigpending+0x7b/0xa0 [ 14.894243] ? __pfx_kthread+0x10/0x10 [ 14.894266] ret_from_fork+0x116/0x1d0 [ 14.894285] ? __pfx_kthread+0x10/0x10 [ 14.894306] ret_from_fork_asm+0x1a/0x30 [ 14.894338] </TASK> [ 14.894348] [ 14.903345] Allocated by task 279: [ 14.903523] kasan_save_stack+0x45/0x70 [ 14.903949] kasan_save_track+0x18/0x40 [ 14.904164] kasan_save_alloc_info+0x3b/0x50 [ 14.904377] __kasan_kmalloc+0xb7/0xc0 [ 14.904663] __kmalloc_cache_noprof+0x189/0x420 [ 14.904889] kasan_bitops_generic+0x92/0x1c0 [ 14.905065] kunit_try_run_case+0x1a5/0x480 [ 14.905215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.905466] kthread+0x337/0x6f0 [ 14.905748] ret_from_fork+0x116/0x1d0 [ 14.905944] ret_from_fork_asm+0x1a/0x30 [ 14.906122] [ 14.906195] The buggy address belongs to the object at ffff888102676240 [ 14.906195] which belongs to the cache kmalloc-16 of size 16 [ 14.906832] The buggy address is located 8 bytes inside of [ 14.906832] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 14.907333] [ 14.907476] The buggy address belongs to the physical page: [ 14.907922] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 14.908260] flags: 0x200000000000000(node=0|zone=2) [ 14.908433] page_type: f5(slab) [ 14.908604] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.909034] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.909373] page dumped because: kasan: bad access detected [ 14.909744] [ 14.909820] Memory state around the buggy address: [ 14.910034] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.910373] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.910786] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.911068] ^ [ 14.911349] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.911917] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.912274] ================================================================== [ 14.954204] ================================================================== [ 14.954491] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.955015] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 14.955315] [ 14.955426] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.955501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.955513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.955544] Call Trace: [ 14.955566] <TASK> [ 14.955581] dump_stack_lvl+0x73/0xb0 [ 14.955609] print_report+0xd1/0x610 [ 14.955632] ? __virt_addr_valid+0x1db/0x2d0 [ 14.955736] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.955770] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.955793] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.955833] kasan_report+0x141/0x180 [ 14.955856] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.955891] kasan_check_range+0x10c/0x1c0 [ 14.955925] __kasan_check_write+0x18/0x20 [ 14.955946] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.955976] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.956007] ? ret_from_fork_asm+0x1a/0x30 [ 14.956029] ? kthread+0x337/0x6f0 [ 14.956052] kasan_bitops_generic+0x121/0x1c0 [ 14.956078] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.956104] ? __pfx_read_tsc+0x10/0x10 [ 14.956125] ? ktime_get_ts64+0x86/0x230 [ 14.956149] kunit_try_run_case+0x1a5/0x480 [ 14.956173] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.956198] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.956221] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.956246] ? __kthread_parkme+0x82/0x180 [ 14.956266] ? preempt_count_sub+0x50/0x80 [ 14.956295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.956321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.956346] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.956379] kthread+0x337/0x6f0 [ 14.956398] ? trace_preempt_on+0x20/0xc0 [ 14.956421] ? __pfx_kthread+0x10/0x10 [ 14.956473] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.956495] ? calculate_sigpending+0x7b/0xa0 [ 14.956520] ? __pfx_kthread+0x10/0x10 [ 14.956541] ret_from_fork+0x116/0x1d0 [ 14.956754] ? __pfx_kthread+0x10/0x10 [ 14.956777] ret_from_fork_asm+0x1a/0x30 [ 14.956808] </TASK> [ 14.956817] [ 14.972289] Allocated by task 279: [ 14.972523] kasan_save_stack+0x45/0x70 [ 14.972721] kasan_save_track+0x18/0x40 [ 14.972900] kasan_save_alloc_info+0x3b/0x50 [ 14.973113] __kasan_kmalloc+0xb7/0xc0 [ 14.973304] __kmalloc_cache_noprof+0x189/0x420 [ 14.974224] kasan_bitops_generic+0x92/0x1c0 [ 14.974491] kunit_try_run_case+0x1a5/0x480 [ 14.974790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.975102] kthread+0x337/0x6f0 [ 14.975265] ret_from_fork+0x116/0x1d0 [ 14.975823] ret_from_fork_asm+0x1a/0x30 [ 14.976020] [ 14.976112] The buggy address belongs to the object at ffff888102676240 [ 14.976112] which belongs to the cache kmalloc-16 of size 16 [ 14.976976] The buggy address is located 8 bytes inside of [ 14.976976] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 14.977910] [ 14.978008] The buggy address belongs to the physical page: [ 14.978442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 14.978973] flags: 0x200000000000000(node=0|zone=2) [ 14.979194] page_type: f5(slab) [ 14.979363] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.979717] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.980009] page dumped because: kasan: bad access detected [ 14.980264] [ 14.980356] Memory state around the buggy address: [ 14.980590] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.980860] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.981188] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.982222] ^ [ 14.982726] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.983118] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.983537] ================================================================== [ 15.024747] ================================================================== [ 15.025064] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.025373] Read of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 15.025712] [ 15.025820] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.025861] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.025873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.025894] Call Trace: [ 15.025907] <TASK> [ 15.025922] dump_stack_lvl+0x73/0xb0 [ 15.025947] print_report+0xd1/0x610 [ 15.025968] ? __virt_addr_valid+0x1db/0x2d0 [ 15.025991] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.026019] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.026042] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.026069] kasan_report+0x141/0x180 [ 15.026090] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.026122] kasan_check_range+0x10c/0x1c0 [ 15.026145] __kasan_check_read+0x15/0x20 [ 15.026163] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.026190] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.026220] ? ret_from_fork_asm+0x1a/0x30 [ 15.026242] ? kthread+0x337/0x6f0 [ 15.026265] kasan_bitops_generic+0x121/0x1c0 [ 15.026288] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.026311] ? __pfx_read_tsc+0x10/0x10 [ 15.026332] ? ktime_get_ts64+0x86/0x230 [ 15.026355] kunit_try_run_case+0x1a5/0x480 [ 15.026379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.026401] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.026424] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.026447] ? __kthread_parkme+0x82/0x180 [ 15.026476] ? preempt_count_sub+0x50/0x80 [ 15.026499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.026522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.026545] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.026569] kthread+0x337/0x6f0 [ 15.026587] ? trace_preempt_on+0x20/0xc0 [ 15.026609] ? __pfx_kthread+0x10/0x10 [ 15.026630] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.026651] ? calculate_sigpending+0x7b/0xa0 [ 15.026674] ? __pfx_kthread+0x10/0x10 [ 15.026694] ret_from_fork+0x116/0x1d0 [ 15.026712] ? __pfx_kthread+0x10/0x10 [ 15.026731] ret_from_fork_asm+0x1a/0x30 [ 15.026760] </TASK> [ 15.026769] [ 15.035266] Allocated by task 279: [ 15.035447] kasan_save_stack+0x45/0x70 [ 15.035736] kasan_save_track+0x18/0x40 [ 15.035896] kasan_save_alloc_info+0x3b/0x50 [ 15.036106] __kasan_kmalloc+0xb7/0xc0 [ 15.036294] __kmalloc_cache_noprof+0x189/0x420 [ 15.036734] kasan_bitops_generic+0x92/0x1c0 [ 15.036933] kunit_try_run_case+0x1a5/0x480 [ 15.037141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.037368] kthread+0x337/0x6f0 [ 15.037653] ret_from_fork+0x116/0x1d0 [ 15.037820] ret_from_fork_asm+0x1a/0x30 [ 15.037997] [ 15.038074] The buggy address belongs to the object at ffff888102676240 [ 15.038074] which belongs to the cache kmalloc-16 of size 16 [ 15.038776] The buggy address is located 8 bytes inside of [ 15.038776] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 15.039216] [ 15.039313] The buggy address belongs to the physical page: [ 15.039657] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 15.039941] flags: 0x200000000000000(node=0|zone=2) [ 15.040105] page_type: f5(slab) [ 15.040246] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.040734] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.041077] page dumped because: kasan: bad access detected [ 15.041327] [ 15.041411] Memory state around the buggy address: [ 15.041713] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 15.042003] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.042296] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.042792] ^ [ 15.043009] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.043310] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.043611] ================================================================== [ 14.912846] ================================================================== [ 14.913174] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.913640] Write of size 8 at addr ffff888102676248 by task kunit_try_catch/279 [ 14.913986] [ 14.914087] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 14.914131] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.914155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.914175] Call Trace: [ 14.914189] <TASK> [ 14.914203] dump_stack_lvl+0x73/0xb0 [ 14.914231] print_report+0xd1/0x610 [ 14.914262] ? __virt_addr_valid+0x1db/0x2d0 [ 14.914285] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.914315] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.914351] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.914381] kasan_report+0x141/0x180 [ 14.914402] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.914437] kasan_check_range+0x10c/0x1c0 [ 14.914474] __kasan_check_write+0x18/0x20 [ 14.914494] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.914524] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.914556] ? ret_from_fork_asm+0x1a/0x30 [ 14.914578] ? kthread+0x337/0x6f0 [ 14.914601] kasan_bitops_generic+0x121/0x1c0 [ 14.914690] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.914733] ? __pfx_read_tsc+0x10/0x10 [ 14.914754] ? ktime_get_ts64+0x86/0x230 [ 14.914779] kunit_try_run_case+0x1a5/0x480 [ 14.914804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.914828] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.914853] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.914877] ? __kthread_parkme+0x82/0x180 [ 14.914897] ? preempt_count_sub+0x50/0x80 [ 14.914921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.914946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.914972] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.914998] kthread+0x337/0x6f0 [ 14.915025] ? trace_preempt_on+0x20/0xc0 [ 14.915048] ? __pfx_kthread+0x10/0x10 [ 14.915069] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.915101] ? calculate_sigpending+0x7b/0xa0 [ 14.915126] ? __pfx_kthread+0x10/0x10 [ 14.915147] ret_from_fork+0x116/0x1d0 [ 14.915166] ? __pfx_kthread+0x10/0x10 [ 14.915187] ret_from_fork_asm+0x1a/0x30 [ 14.915217] </TASK> [ 14.915227] [ 14.924103] Allocated by task 279: [ 14.924272] kasan_save_stack+0x45/0x70 [ 14.924492] kasan_save_track+0x18/0x40 [ 14.924780] kasan_save_alloc_info+0x3b/0x50 [ 14.925002] __kasan_kmalloc+0xb7/0xc0 [ 14.925174] __kmalloc_cache_noprof+0x189/0x420 [ 14.925414] kasan_bitops_generic+0x92/0x1c0 [ 14.925740] kunit_try_run_case+0x1a5/0x480 [ 14.925958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.926195] kthread+0x337/0x6f0 [ 14.926317] ret_from_fork+0x116/0x1d0 [ 14.926483] ret_from_fork_asm+0x1a/0x30 [ 14.926771] [ 14.926871] The buggy address belongs to the object at ffff888102676240 [ 14.926871] which belongs to the cache kmalloc-16 of size 16 [ 14.927409] The buggy address is located 8 bytes inside of [ 14.927409] allocated 9-byte region [ffff888102676240, ffff888102676249) [ 14.928137] [ 14.928254] The buggy address belongs to the physical page: [ 14.928478] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102676 [ 14.928918] flags: 0x200000000000000(node=0|zone=2) [ 14.929182] page_type: f5(slab) [ 14.929350] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.929820] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.930121] page dumped because: kasan: bad access detected [ 14.930388] [ 14.930518] Memory state around the buggy address: [ 14.930820] ffff888102676100: 00 06 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 14.931143] ffff888102676180: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.931472] >ffff888102676200: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.931984] ^ [ 14.932274] ffff888102676280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.932685] ffff888102676300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.933013] ==================================================================
[ 15.148537] ================================================================== [ 15.149085] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.149507] Write of size 8 at addr ffff8881016acd88 by task kunit_try_catch/280 [ 15.149896] [ 15.150093] CPU: 0 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.150154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.150167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.150218] Call Trace: [ 15.150233] <TASK> [ 15.150265] dump_stack_lvl+0x73/0xb0 [ 15.150305] print_report+0xd1/0x610 [ 15.150328] ? __virt_addr_valid+0x1db/0x2d0 [ 15.150351] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.150382] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.150406] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.150436] kasan_report+0x141/0x180 [ 15.150458] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.150520] kasan_check_range+0x10c/0x1c0 [ 15.150545] __kasan_check_write+0x18/0x20 [ 15.150565] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.150653] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.150685] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.150714] ? trace_hardirqs_on+0x37/0xe0 [ 15.150737] ? kasan_bitops_generic+0x92/0x1c0 [ 15.150765] kasan_bitops_generic+0x121/0x1c0 [ 15.150817] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.150842] ? __pfx_read_tsc+0x10/0x10 [ 15.150891] ? ktime_get_ts64+0x86/0x230 [ 15.150922] kunit_try_run_case+0x1a5/0x480 [ 15.150947] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.150972] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.150997] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.151023] ? __kthread_parkme+0x82/0x180 [ 15.151044] ? preempt_count_sub+0x50/0x80 [ 15.151076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.151101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.151146] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.151172] kthread+0x337/0x6f0 [ 15.151192] ? trace_preempt_on+0x20/0xc0 [ 15.151214] ? __pfx_kthread+0x10/0x10 [ 15.151263] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.151285] ? calculate_sigpending+0x7b/0xa0 [ 15.151337] ? __pfx_kthread+0x10/0x10 [ 15.151359] ret_from_fork+0x116/0x1d0 [ 15.151379] ? __pfx_kthread+0x10/0x10 [ 15.151399] ret_from_fork_asm+0x1a/0x30 [ 15.151431] </TASK> [ 15.151441] [ 15.166507] Allocated by task 280: [ 15.166646] kasan_save_stack+0x45/0x70 [ 15.167181] kasan_save_track+0x18/0x40 [ 15.167545] kasan_save_alloc_info+0x3b/0x50 [ 15.168032] __kasan_kmalloc+0xb7/0xc0 [ 15.169298] __kmalloc_cache_noprof+0x189/0x420 [ 15.169471] kasan_bitops_generic+0x92/0x1c0 [ 15.169625] kunit_try_run_case+0x1a5/0x480 [ 15.170664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.171942] kthread+0x337/0x6f0 [ 15.173544] ret_from_fork+0x116/0x1d0 [ 15.173952] ret_from_fork_asm+0x1a/0x30 [ 15.174143] [ 15.174220] The buggy address belongs to the object at ffff8881016acd80 [ 15.174220] which belongs to the cache kmalloc-16 of size 16 [ 15.174580] The buggy address is located 8 bytes inside of [ 15.174580] allocated 9-byte region [ffff8881016acd80, ffff8881016acd89) [ 15.174937] [ 15.175011] The buggy address belongs to the physical page: [ 15.176375] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1016ac [ 15.177232] flags: 0x200000000000000(node=0|zone=2) [ 15.177422] page_type: f5(slab) [ 15.177846] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.178297] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.178788] page dumped because: kasan: bad access detected [ 15.179141] [ 15.179245] Memory state around the buggy address: [ 15.179455] ffff8881016acc80: 00 00 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.180099] ffff8881016acd00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.181041] >ffff8881016acd80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.181922] ^ [ 15.182399] ffff8881016ace00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.183278] ffff8881016ace80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.183923] ================================================================== [ 15.276511] ================================================================== [ 15.276758] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.277524] Read of size 8 at addr ffff8881016acd88 by task kunit_try_catch/280 [ 15.278039] [ 15.278210] CPU: 0 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.278402] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.278436] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.278457] Call Trace: [ 15.278473] <TASK> [ 15.278488] dump_stack_lvl+0x73/0xb0 [ 15.278518] print_report+0xd1/0x610 [ 15.278541] ? __virt_addr_valid+0x1db/0x2d0 [ 15.278565] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.278596] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.278621] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.278651] kasan_report+0x141/0x180 [ 15.278673] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.278713] kasan_check_range+0x10c/0x1c0 [ 15.278738] __kasan_check_read+0x15/0x20 [ 15.279013] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.279045] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.279090] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.279116] ? trace_hardirqs_on+0x37/0xe0 [ 15.279139] ? kasan_bitops_generic+0x92/0x1c0 [ 15.279167] kasan_bitops_generic+0x121/0x1c0 [ 15.279193] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.279220] ? __pfx_read_tsc+0x10/0x10 [ 15.279242] ? ktime_get_ts64+0x86/0x230 [ 15.279267] kunit_try_run_case+0x1a5/0x480 [ 15.279292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.279315] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.279340] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.279365] ? __kthread_parkme+0x82/0x180 [ 15.279386] ? preempt_count_sub+0x50/0x80 [ 15.279411] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.279436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.279461] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.279488] kthread+0x337/0x6f0 [ 15.279507] ? trace_preempt_on+0x20/0xc0 [ 15.279530] ? __pfx_kthread+0x10/0x10 [ 15.279552] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.279574] ? calculate_sigpending+0x7b/0xa0 [ 15.279599] ? __pfx_kthread+0x10/0x10 [ 15.279621] ret_from_fork+0x116/0x1d0 [ 15.279655] ? __pfx_kthread+0x10/0x10 [ 15.279676] ret_from_fork_asm+0x1a/0x30 [ 15.279708] </TASK> [ 15.279718] [ 15.291711] Allocated by task 280: [ 15.291889] kasan_save_stack+0x45/0x70 [ 15.292205] kasan_save_track+0x18/0x40 [ 15.292586] kasan_save_alloc_info+0x3b/0x50 [ 15.292978] __kasan_kmalloc+0xb7/0xc0 [ 15.293194] __kmalloc_cache_noprof+0x189/0x420 [ 15.293398] kasan_bitops_generic+0x92/0x1c0 [ 15.293805] kunit_try_run_case+0x1a5/0x480 [ 15.294222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.294536] kthread+0x337/0x6f0 [ 15.294739] ret_from_fork+0x116/0x1d0 [ 15.295137] ret_from_fork_asm+0x1a/0x30 [ 15.295445] [ 15.295534] The buggy address belongs to the object at ffff8881016acd80 [ 15.295534] which belongs to the cache kmalloc-16 of size 16 [ 15.296413] The buggy address is located 8 bytes inside of [ 15.296413] allocated 9-byte region [ffff8881016acd80, ffff8881016acd89) [ 15.297278] [ 15.297370] The buggy address belongs to the physical page: [ 15.297882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1016ac [ 15.298225] flags: 0x200000000000000(node=0|zone=2) [ 15.298624] page_type: f5(slab) [ 15.298859] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.299356] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.299754] page dumped because: kasan: bad access detected [ 15.300142] [ 15.300265] Memory state around the buggy address: [ 15.300448] ffff8881016acc80: 00 00 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.301076] ffff8881016acd00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.301388] >ffff8881016acd80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.301944] ^ [ 15.302151] ffff8881016ace00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.302474] ffff8881016ace80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.302960] ================================================================== [ 15.184966] ================================================================== [ 15.185682] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.186226] Write of size 8 at addr ffff8881016acd88 by task kunit_try_catch/280 [ 15.187208] [ 15.187501] CPU: 0 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.187550] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.187563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.187583] Call Trace: [ 15.187600] <TASK> [ 15.187706] dump_stack_lvl+0x73/0xb0 [ 15.187738] print_report+0xd1/0x610 [ 15.187761] ? __virt_addr_valid+0x1db/0x2d0 [ 15.187786] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.187816] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.187841] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.187871] kasan_report+0x141/0x180 [ 15.187893] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.187928] kasan_check_range+0x10c/0x1c0 [ 15.187953] __kasan_check_write+0x18/0x20 [ 15.187973] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.188003] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.188034] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.188084] ? trace_hardirqs_on+0x37/0xe0 [ 15.188107] ? kasan_bitops_generic+0x92/0x1c0 [ 15.188136] kasan_bitops_generic+0x121/0x1c0 [ 15.188161] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.188187] ? __pfx_read_tsc+0x10/0x10 [ 15.188208] ? ktime_get_ts64+0x86/0x230 [ 15.188233] kunit_try_run_case+0x1a5/0x480 [ 15.188273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.188298] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.188323] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.188348] ? __kthread_parkme+0x82/0x180 [ 15.188368] ? preempt_count_sub+0x50/0x80 [ 15.188393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.188418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.188443] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.188469] kthread+0x337/0x6f0 [ 15.188488] ? trace_preempt_on+0x20/0xc0 [ 15.188511] ? __pfx_kthread+0x10/0x10 [ 15.188533] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.188554] ? calculate_sigpending+0x7b/0xa0 [ 15.188579] ? __pfx_kthread+0x10/0x10 [ 15.188600] ret_from_fork+0x116/0x1d0 [ 15.188620] ? __pfx_kthread+0x10/0x10 [ 15.188706] ret_from_fork_asm+0x1a/0x30 [ 15.188744] </TASK> [ 15.188754] [ 15.203412] Allocated by task 280: [ 15.203600] kasan_save_stack+0x45/0x70 [ 15.204146] kasan_save_track+0x18/0x40 [ 15.204360] kasan_save_alloc_info+0x3b/0x50 [ 15.204580] __kasan_kmalloc+0xb7/0xc0 [ 15.205033] __kmalloc_cache_noprof+0x189/0x420 [ 15.205229] kasan_bitops_generic+0x92/0x1c0 [ 15.205703] kunit_try_run_case+0x1a5/0x480 [ 15.206031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.206471] kthread+0x337/0x6f0 [ 15.206760] ret_from_fork+0x116/0x1d0 [ 15.206948] ret_from_fork_asm+0x1a/0x30 [ 15.207149] [ 15.207476] The buggy address belongs to the object at ffff8881016acd80 [ 15.207476] which belongs to the cache kmalloc-16 of size 16 [ 15.208454] The buggy address is located 8 bytes inside of [ 15.208454] allocated 9-byte region [ffff8881016acd80, ffff8881016acd89) [ 15.209352] [ 15.209464] The buggy address belongs to the physical page: [ 15.209903] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1016ac [ 15.210475] flags: 0x200000000000000(node=0|zone=2) [ 15.210908] page_type: f5(slab) [ 15.211220] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.211590] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.212396] page dumped because: kasan: bad access detected [ 15.212866] [ 15.212969] Memory state around the buggy address: [ 15.213290] ffff8881016acc80: 00 00 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.213660] ffff8881016acd00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.213977] >ffff8881016acd80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.214505] ^ [ 15.214886] ffff8881016ace00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.215390] ffff8881016ace80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.215960] ================================================================== [ 15.216685] ================================================================== [ 15.217458] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.218012] Write of size 8 at addr ffff8881016acd88 by task kunit_try_catch/280 [ 15.218471] [ 15.218778] CPU: 0 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.218965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.218984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.219005] Call Trace: [ 15.219021] <TASK> [ 15.219037] dump_stack_lvl+0x73/0xb0 [ 15.219085] print_report+0xd1/0x610 [ 15.219108] ? __virt_addr_valid+0x1db/0x2d0 [ 15.219147] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.219177] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.219203] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.219233] kasan_report+0x141/0x180 [ 15.219256] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.219291] kasan_check_range+0x10c/0x1c0 [ 15.219315] __kasan_check_write+0x18/0x20 [ 15.219335] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.219366] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.219396] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.219421] ? trace_hardirqs_on+0x37/0xe0 [ 15.219445] ? kasan_bitops_generic+0x92/0x1c0 [ 15.219474] kasan_bitops_generic+0x121/0x1c0 [ 15.219499] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.219526] ? __pfx_read_tsc+0x10/0x10 [ 15.219547] ? ktime_get_ts64+0x86/0x230 [ 15.219572] kunit_try_run_case+0x1a5/0x480 [ 15.219596] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.219619] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.219829] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.219857] ? __kthread_parkme+0x82/0x180 [ 15.219879] ? preempt_count_sub+0x50/0x80 [ 15.219904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.219929] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.219955] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.219982] kthread+0x337/0x6f0 [ 15.220001] ? trace_preempt_on+0x20/0xc0 [ 15.220024] ? __pfx_kthread+0x10/0x10 [ 15.220045] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.220083] ? calculate_sigpending+0x7b/0xa0 [ 15.220107] ? __pfx_kthread+0x10/0x10 [ 15.220137] ret_from_fork+0x116/0x1d0 [ 15.220158] ? __pfx_kthread+0x10/0x10 [ 15.220178] ret_from_fork_asm+0x1a/0x30 [ 15.220209] </TASK> [ 15.220220] [ 15.233349] Allocated by task 280: [ 15.233804] kasan_save_stack+0x45/0x70 [ 15.234149] kasan_save_track+0x18/0x40 [ 15.234434] kasan_save_alloc_info+0x3b/0x50 [ 15.234822] __kasan_kmalloc+0xb7/0xc0 [ 15.235014] __kmalloc_cache_noprof+0x189/0x420 [ 15.235412] kasan_bitops_generic+0x92/0x1c0 [ 15.235808] kunit_try_run_case+0x1a5/0x480 [ 15.236161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.236500] kthread+0x337/0x6f0 [ 15.236907] ret_from_fork+0x116/0x1d0 [ 15.237117] ret_from_fork_asm+0x1a/0x30 [ 15.237475] [ 15.237741] The buggy address belongs to the object at ffff8881016acd80 [ 15.237741] which belongs to the cache kmalloc-16 of size 16 [ 15.238375] The buggy address is located 8 bytes inside of [ 15.238375] allocated 9-byte region [ffff8881016acd80, ffff8881016acd89) [ 15.239307] [ 15.239413] The buggy address belongs to the physical page: [ 15.239901] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1016ac [ 15.240360] flags: 0x200000000000000(node=0|zone=2) [ 15.240611] page_type: f5(slab) [ 15.241148] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.241468] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.242037] page dumped because: kasan: bad access detected [ 15.242383] [ 15.242482] Memory state around the buggy address: [ 15.242967] ffff8881016acc80: 00 00 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.243521] ffff8881016acd00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.243986] >ffff8881016acd80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.244387] ^ [ 15.244549] ffff8881016ace00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.245280] ffff8881016ace80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.245639] ================================================================== [ 15.097802] ================================================================== [ 15.098258] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.098580] Write of size 8 at addr ffff8881016acd88 by task kunit_try_catch/280 [ 15.099251] [ 15.099346] CPU: 0 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.099390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.099402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.099421] Call Trace: [ 15.099435] <TASK> [ 15.099450] dump_stack_lvl+0x73/0xb0 [ 15.099478] print_report+0xd1/0x610 [ 15.099500] ? __virt_addr_valid+0x1db/0x2d0 [ 15.099523] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.099554] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.099579] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.099610] kasan_report+0x141/0x180 [ 15.099632] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.099667] kasan_check_range+0x10c/0x1c0 [ 15.099691] __kasan_check_write+0x18/0x20 [ 15.099711] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.099742] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.099774] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.099799] ? trace_hardirqs_on+0x37/0xe0 [ 15.099901] ? kasan_bitops_generic+0x92/0x1c0 [ 15.099936] kasan_bitops_generic+0x121/0x1c0 [ 15.099962] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.099988] ? __pfx_read_tsc+0x10/0x10 [ 15.100010] ? ktime_get_ts64+0x86/0x230 [ 15.100035] kunit_try_run_case+0x1a5/0x480 [ 15.100072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.100096] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.100121] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.100146] ? __kthread_parkme+0x82/0x180 [ 15.100167] ? preempt_count_sub+0x50/0x80 [ 15.100192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.100217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.100255] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.100282] kthread+0x337/0x6f0 [ 15.100302] ? trace_preempt_on+0x20/0xc0 [ 15.100325] ? __pfx_kthread+0x10/0x10 [ 15.100346] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.100369] ? calculate_sigpending+0x7b/0xa0 [ 15.100393] ? __pfx_kthread+0x10/0x10 [ 15.100415] ret_from_fork+0x116/0x1d0 [ 15.100435] ? __pfx_kthread+0x10/0x10 [ 15.100457] ret_from_fork_asm+0x1a/0x30 [ 15.100488] </TASK> [ 15.100499] [ 15.110718] Allocated by task 280: [ 15.110869] kasan_save_stack+0x45/0x70 [ 15.111291] kasan_save_track+0x18/0x40 [ 15.111479] kasan_save_alloc_info+0x3b/0x50 [ 15.111921] __kasan_kmalloc+0xb7/0xc0 [ 15.112225] __kmalloc_cache_noprof+0x189/0x420 [ 15.112542] kasan_bitops_generic+0x92/0x1c0 [ 15.113092] kunit_try_run_case+0x1a5/0x480 [ 15.113312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.113554] kthread+0x337/0x6f0 [ 15.113697] ret_from_fork+0x116/0x1d0 [ 15.114216] ret_from_fork_asm+0x1a/0x30 [ 15.114513] [ 15.114609] The buggy address belongs to the object at ffff8881016acd80 [ 15.114609] which belongs to the cache kmalloc-16 of size 16 [ 15.115486] The buggy address is located 8 bytes inside of [ 15.115486] allocated 9-byte region [ffff8881016acd80, ffff8881016acd89) [ 15.116199] [ 15.116312] The buggy address belongs to the physical page: [ 15.116631] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1016ac [ 15.117250] flags: 0x200000000000000(node=0|zone=2) [ 15.117587] page_type: f5(slab) [ 15.117971] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.118387] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.118841] page dumped because: kasan: bad access detected [ 15.119037] [ 15.119178] Memory state around the buggy address: [ 15.119463] ffff8881016acc80: 00 00 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.120102] ffff8881016acd00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.120463] >ffff8881016acd80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.120897] ^ [ 15.121347] ffff8881016ace00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.121816] ffff8881016ace80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.122248] ================================================================== [ 15.303673] ================================================================== [ 15.304098] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.304572] Read of size 8 at addr ffff8881016acd88 by task kunit_try_catch/280 [ 15.305073] [ 15.305196] CPU: 0 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.305239] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.305252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.305273] Call Trace: [ 15.305287] <TASK> [ 15.305301] dump_stack_lvl+0x73/0xb0 [ 15.305331] print_report+0xd1/0x610 [ 15.305355] ? __virt_addr_valid+0x1db/0x2d0 [ 15.305394] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.305570] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.305596] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.305627] kasan_report+0x141/0x180 [ 15.305664] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.305700] __asan_report_load8_noabort+0x18/0x20 [ 15.305726] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.305757] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.305788] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.305814] ? trace_hardirqs_on+0x37/0xe0 [ 15.305836] ? kasan_bitops_generic+0x92/0x1c0 [ 15.305865] kasan_bitops_generic+0x121/0x1c0 [ 15.305889] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.305916] ? __pfx_read_tsc+0x10/0x10 [ 15.305937] ? ktime_get_ts64+0x86/0x230 [ 15.305961] kunit_try_run_case+0x1a5/0x480 [ 15.305985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.306010] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.306036] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.306072] ? __kthread_parkme+0x82/0x180 [ 15.306094] ? preempt_count_sub+0x50/0x80 [ 15.306117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.306143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.306169] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.306196] kthread+0x337/0x6f0 [ 15.306216] ? trace_preempt_on+0x20/0xc0 [ 15.306239] ? __pfx_kthread+0x10/0x10 [ 15.306260] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.306282] ? calculate_sigpending+0x7b/0xa0 [ 15.306307] ? __pfx_kthread+0x10/0x10 [ 15.306329] ret_from_fork+0x116/0x1d0 [ 15.306349] ? __pfx_kthread+0x10/0x10 [ 15.306370] ret_from_fork_asm+0x1a/0x30 [ 15.306402] </TASK> [ 15.306411] [ 15.318534] Allocated by task 280: [ 15.319164] kasan_save_stack+0x45/0x70 [ 15.319461] kasan_save_track+0x18/0x40 [ 15.319797] kasan_save_alloc_info+0x3b/0x50 [ 15.320149] __kasan_kmalloc+0xb7/0xc0 [ 15.320333] __kmalloc_cache_noprof+0x189/0x420 [ 15.320719] kasan_bitops_generic+0x92/0x1c0 [ 15.320934] kunit_try_run_case+0x1a5/0x480 [ 15.321164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.321607] kthread+0x337/0x6f0 [ 15.321902] ret_from_fork+0x116/0x1d0 [ 15.322297] ret_from_fork_asm+0x1a/0x30 [ 15.322506] [ 15.322603] The buggy address belongs to the object at ffff8881016acd80 [ 15.322603] which belongs to the cache kmalloc-16 of size 16 [ 15.323329] The buggy address is located 8 bytes inside of [ 15.323329] allocated 9-byte region [ffff8881016acd80, ffff8881016acd89) [ 15.323827] [ 15.324181] The buggy address belongs to the physical page: [ 15.324490] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1016ac [ 15.325032] flags: 0x200000000000000(node=0|zone=2) [ 15.325250] page_type: f5(slab) [ 15.325557] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.326077] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.326561] page dumped because: kasan: bad access detected [ 15.326971] [ 15.327088] Memory state around the buggy address: [ 15.327319] ffff8881016acc80: 00 00 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.327662] ffff8881016acd00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.328237] >ffff8881016acd80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.328619] ^ [ 15.328830] ffff8881016ace00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.329372] ffff8881016ace80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.329737] ================================================================== [ 15.246522] ================================================================== [ 15.247087] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.247482] Write of size 8 at addr ffff8881016acd88 by task kunit_try_catch/280 [ 15.248217] [ 15.248421] CPU: 0 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.248469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.248481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.248502] Call Trace: [ 15.248517] <TASK> [ 15.248620] dump_stack_lvl+0x73/0xb0 [ 15.248841] print_report+0xd1/0x610 [ 15.248865] ? __virt_addr_valid+0x1db/0x2d0 [ 15.248888] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.248919] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.248944] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.248974] kasan_report+0x141/0x180 [ 15.248997] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.249032] kasan_check_range+0x10c/0x1c0 [ 15.249073] __kasan_check_write+0x18/0x20 [ 15.249093] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.249123] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.249156] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.249181] ? trace_hardirqs_on+0x37/0xe0 [ 15.249204] ? kasan_bitops_generic+0x92/0x1c0 [ 15.249233] kasan_bitops_generic+0x121/0x1c0 [ 15.249258] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.249284] ? __pfx_read_tsc+0x10/0x10 [ 15.249306] ? ktime_get_ts64+0x86/0x230 [ 15.249330] kunit_try_run_case+0x1a5/0x480 [ 15.249355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.249379] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.249402] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.249427] ? __kthread_parkme+0x82/0x180 [ 15.249447] ? preempt_count_sub+0x50/0x80 [ 15.249472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.249497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.249522] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.249549] kthread+0x337/0x6f0 [ 15.249568] ? trace_preempt_on+0x20/0xc0 [ 15.249591] ? __pfx_kthread+0x10/0x10 [ 15.249611] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.249633] ? calculate_sigpending+0x7b/0xa0 [ 15.249677] ? __pfx_kthread+0x10/0x10 [ 15.249705] ret_from_fork+0x116/0x1d0 [ 15.249724] ? __pfx_kthread+0x10/0x10 [ 15.249747] ret_from_fork_asm+0x1a/0x30 [ 15.249779] </TASK> [ 15.249790] [ 15.263115] Allocated by task 280: [ 15.263521] kasan_save_stack+0x45/0x70 [ 15.263942] kasan_save_track+0x18/0x40 [ 15.264195] kasan_save_alloc_info+0x3b/0x50 [ 15.264473] __kasan_kmalloc+0xb7/0xc0 [ 15.265150] __kmalloc_cache_noprof+0x189/0x420 [ 15.265381] kasan_bitops_generic+0x92/0x1c0 [ 15.265785] kunit_try_run_case+0x1a5/0x480 [ 15.266148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.266473] kthread+0x337/0x6f0 [ 15.266661] ret_from_fork+0x116/0x1d0 [ 15.267075] ret_from_fork_asm+0x1a/0x30 [ 15.267414] [ 15.267522] The buggy address belongs to the object at ffff8881016acd80 [ 15.267522] which belongs to the cache kmalloc-16 of size 16 [ 15.268526] The buggy address is located 8 bytes inside of [ 15.268526] allocated 9-byte region [ffff8881016acd80, ffff8881016acd89) [ 15.269448] [ 15.269544] The buggy address belongs to the physical page: [ 15.270115] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1016ac [ 15.270574] flags: 0x200000000000000(node=0|zone=2) [ 15.271066] page_type: f5(slab) [ 15.271323] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.271874] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.272197] page dumped because: kasan: bad access detected [ 15.272530] [ 15.272627] Memory state around the buggy address: [ 15.273208] ffff8881016acc80: 00 00 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.273495] ffff8881016acd00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.274036] >ffff8881016acd80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.274528] ^ [ 15.274730] ffff8881016ace00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.275389] ffff8881016ace80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.275933] ================================================================== [ 15.122873] ================================================================== [ 15.123497] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.124220] Write of size 8 at addr ffff8881016acd88 by task kunit_try_catch/280 [ 15.124599] [ 15.124952] CPU: 0 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.125000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.125012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.125033] Call Trace: [ 15.125048] <TASK> [ 15.125077] dump_stack_lvl+0x73/0xb0 [ 15.125109] print_report+0xd1/0x610 [ 15.125302] ? __virt_addr_valid+0x1db/0x2d0 [ 15.125328] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.125359] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.125382] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.125413] kasan_report+0x141/0x180 [ 15.125436] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.125470] kasan_check_range+0x10c/0x1c0 [ 15.125495] __kasan_check_write+0x18/0x20 [ 15.125516] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.125546] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.125578] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.125602] ? trace_hardirqs_on+0x37/0xe0 [ 15.125625] ? kasan_bitops_generic+0x92/0x1c0 [ 15.125702] kasan_bitops_generic+0x121/0x1c0 [ 15.125736] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.125764] ? __pfx_read_tsc+0x10/0x10 [ 15.125788] ? ktime_get_ts64+0x86/0x230 [ 15.125815] kunit_try_run_case+0x1a5/0x480 [ 15.125839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.125863] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.125888] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.125915] ? __kthread_parkme+0x82/0x180 [ 15.125936] ? preempt_count_sub+0x50/0x80 [ 15.125960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.125986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.126011] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.126037] kthread+0x337/0x6f0 [ 15.126066] ? trace_preempt_on+0x20/0xc0 [ 15.126089] ? __pfx_kthread+0x10/0x10 [ 15.126117] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.126140] ? calculate_sigpending+0x7b/0xa0 [ 15.126166] ? __pfx_kthread+0x10/0x10 [ 15.126188] ret_from_fork+0x116/0x1d0 [ 15.126209] ? __pfx_kthread+0x10/0x10 [ 15.126231] ret_from_fork_asm+0x1a/0x30 [ 15.126263] </TASK> [ 15.126274] [ 15.138490] Allocated by task 280: [ 15.138748] kasan_save_stack+0x45/0x70 [ 15.139067] kasan_save_track+0x18/0x40 [ 15.139275] kasan_save_alloc_info+0x3b/0x50 [ 15.139429] __kasan_kmalloc+0xb7/0xc0 [ 15.139564] __kmalloc_cache_noprof+0x189/0x420 [ 15.139923] kasan_bitops_generic+0x92/0x1c0 [ 15.140376] kunit_try_run_case+0x1a5/0x480 [ 15.140652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.140933] kthread+0x337/0x6f0 [ 15.141066] ret_from_fork+0x116/0x1d0 [ 15.141303] ret_from_fork_asm+0x1a/0x30 [ 15.141591] [ 15.141754] The buggy address belongs to the object at ffff8881016acd80 [ 15.141754] which belongs to the cache kmalloc-16 of size 16 [ 15.142260] The buggy address is located 8 bytes inside of [ 15.142260] allocated 9-byte region [ffff8881016acd80, ffff8881016acd89) [ 15.142961] [ 15.143043] The buggy address belongs to the physical page: [ 15.143352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1016ac [ 15.143854] flags: 0x200000000000000(node=0|zone=2) [ 15.144156] page_type: f5(slab) [ 15.144306] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.144718] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.145081] page dumped because: kasan: bad access detected [ 15.145365] [ 15.145491] Memory state around the buggy address: [ 15.145707] ffff8881016acc80: 00 00 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.146285] ffff8881016acd00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.146646] >ffff8881016acd80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.146948] ^ [ 15.147172] ffff8881016ace00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.147495] ffff8881016ace80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.147926] ================================================================== [ 15.076480] ================================================================== [ 15.076880] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.077312] Write of size 8 at addr ffff8881016acd88 by task kunit_try_catch/280 [ 15.077631] [ 15.077779] CPU: 0 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.077845] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.077858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.077878] Call Trace: [ 15.077893] <TASK> [ 15.077907] dump_stack_lvl+0x73/0xb0 [ 15.077937] print_report+0xd1/0x610 [ 15.077959] ? __virt_addr_valid+0x1db/0x2d0 [ 15.078003] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.078033] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.078073] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.078103] kasan_report+0x141/0x180 [ 15.078126] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.078162] kasan_check_range+0x10c/0x1c0 [ 15.078186] __kasan_check_write+0x18/0x20 [ 15.078207] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.078238] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.078269] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.078294] ? trace_hardirqs_on+0x37/0xe0 [ 15.078316] ? kasan_bitops_generic+0x92/0x1c0 [ 15.078365] kasan_bitops_generic+0x121/0x1c0 [ 15.078389] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.078416] ? __pfx_read_tsc+0x10/0x10 [ 15.078438] ? ktime_get_ts64+0x86/0x230 [ 15.078462] kunit_try_run_case+0x1a5/0x480 [ 15.078487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.078510] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.078535] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.078560] ? __kthread_parkme+0x82/0x180 [ 15.078581] ? preempt_count_sub+0x50/0x80 [ 15.078604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.078630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.078814] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.078843] kthread+0x337/0x6f0 [ 15.078864] ? trace_preempt_on+0x20/0xc0 [ 15.078888] ? __pfx_kthread+0x10/0x10 [ 15.078909] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.078932] ? calculate_sigpending+0x7b/0xa0 [ 15.078956] ? __pfx_kthread+0x10/0x10 [ 15.078978] ret_from_fork+0x116/0x1d0 [ 15.079027] ? __pfx_kthread+0x10/0x10 [ 15.079049] ret_from_fork_asm+0x1a/0x30 [ 15.079093] </TASK> [ 15.079103] [ 15.088425] Allocated by task 280: [ 15.088567] kasan_save_stack+0x45/0x70 [ 15.088771] kasan_save_track+0x18/0x40 [ 15.088982] kasan_save_alloc_info+0x3b/0x50 [ 15.089285] __kasan_kmalloc+0xb7/0xc0 [ 15.089534] __kmalloc_cache_noprof+0x189/0x420 [ 15.089797] kasan_bitops_generic+0x92/0x1c0 [ 15.090127] kunit_try_run_case+0x1a5/0x480 [ 15.090292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.090557] kthread+0x337/0x6f0 [ 15.090945] ret_from_fork+0x116/0x1d0 [ 15.091184] ret_from_fork_asm+0x1a/0x30 [ 15.091330] [ 15.091402] The buggy address belongs to the object at ffff8881016acd80 [ 15.091402] which belongs to the cache kmalloc-16 of size 16 [ 15.091948] The buggy address is located 8 bytes inside of [ 15.091948] allocated 9-byte region [ffff8881016acd80, ffff8881016acd89) [ 15.092392] [ 15.092465] The buggy address belongs to the physical page: [ 15.093068] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1016ac [ 15.093432] flags: 0x200000000000000(node=0|zone=2) [ 15.093644] page_type: f5(slab) [ 15.093766] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.094108] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.094540] page dumped because: kasan: bad access detected [ 15.095065] [ 15.095249] Memory state around the buggy address: [ 15.095475] ffff8881016acc80: 00 00 fc fc 00 04 fc fc 00 04 fc fc fa fb fc fc [ 15.095833] ffff8881016acd00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.096168] >ffff8881016acd80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.096479] ^ [ 15.096637] ffff8881016ace00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.096966] ffff8881016ace80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.097374] ==================================================================