Date
July 20, 2025, 11:12 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 19.207664] ================================================================== [ 19.207720] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xacc/0xbc0 [ 19.208164] Read of size 8 at addr fff00000c1375bc8 by task kunit_try_catch/261 [ 19.208245] [ 19.208287] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 19.208669] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.208722] Hardware name: linux,dummy-virt (DT) [ 19.208760] Call trace: [ 19.208784] show_stack+0x20/0x38 (C) [ 19.208838] dump_stack_lvl+0x8c/0xd0 [ 19.208944] print_report+0x118/0x5d0 [ 19.209014] kasan_report+0xdc/0x128 [ 19.209064] __asan_report_load8_noabort+0x20/0x30 [ 19.209377] kasan_bitops_test_and_modify.constprop.0+0xacc/0xbc0 [ 19.209552] kasan_bitops_generic+0x11c/0x1c8 [ 19.209985] kunit_try_run_case+0x170/0x3f0 [ 19.210366] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.210491] kthread+0x328/0x630 [ 19.210571] ret_from_fork+0x10/0x20 [ 19.210651] [ 19.210689] Allocated by task 261: [ 19.210732] kasan_save_stack+0x3c/0x68 [ 19.210779] kasan_save_track+0x20/0x40 [ 19.210820] kasan_save_alloc_info+0x40/0x58 [ 19.211054] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.211523] page_type: f5(slab) [ 19.211561] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.211922] >fff00000c1375b80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.212063] fff00000c1375c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.214346] Write of size 8 at addr fff00000c1375bc8 by task kunit_try_catch/261 [ 19.215007] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.215684] print_report+0x118/0x5d0 [ 19.216108] __kasan_check_write+0x20/0x30 [ 19.217348] kasan_save_alloc_info+0x40/0x58 [ 19.218193] kunit_try_run_case+0x170/0x3f0 [ 19.218824] The buggy address belongs to the object at fff00000c1375bc0 [ 19.218824] which belongs to the cache kmalloc-16 of size 16 [ 19.219803] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.219912] page_type: f5(slab) [ 19.220434] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.222092] fff00000c1375c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.224104] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.224501] show_stack+0x20/0x38 (C) [ 19.225733] kthread+0x328/0x630 [ 19.226770] kasan_save_alloc_info+0x40/0x58 [ 19.227288] kasan_bitops_generic+0xa0/0x1c8 [ 19.227959] The buggy address is located 8 bytes inside of [ 19.227959] allocated 9-byte region [fff00000c1375bc0, fff00000c1375bc9) [ 19.228172] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.228329] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.228609] >fff00000c1375b80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.229332] ================================================================== [ 19.198532] ================================================================== [ 19.198586] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0 [ 19.199146] Write of size 8 at addr fff00000c1375bc8 by task kunit_try_catch/261 [ 19.199215] [ 19.199245] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 19.199342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.199612] Hardware name: linux,dummy-virt (DT) [ 19.199678] Call trace: [ 19.199703] show_stack+0x20/0x38 (C) [ 19.199758] dump_stack_lvl+0x8c/0xd0 [ 19.200203] print_report+0x118/0x5d0 [ 19.200368] kasan_report+0xdc/0x128 [ 19.200428] kasan_check_range+0x100/0x1a8 [ 19.200478] __kasan_check_write+0x20/0x30 [ 19.200749] kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0 [ 19.200886] kasan_bitops_generic+0x11c/0x1c8 [ 19.200956] kunit_try_run_case+0x170/0x3f0 [ 19.201009] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.201076] kthread+0x328/0x630 [ 19.201415] ret_from_fork+0x10/0x20 [ 19.201598] [ 19.201652] Allocated by task 261: [ 19.201969] kasan_save_stack+0x3c/0x68 [ 19.202063] kasan_save_track+0x20/0x40 [ 19.202169] kasan_save_alloc_info+0x40/0x58 [ 19.202239] __kasan_kmalloc+0xd4/0xd8 [ 19.202447] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.202689] kasan_bitops_generic+0xa0/0x1c8 [ 19.203099] kunit_try_run_case+0x170/0x3f0 [ 19.203224] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.203356] kthread+0x328/0x630 [ 19.203413] ret_from_fork+0x10/0x20 [ 19.203453] [ 19.203725] The buggy address belongs to the object at fff00000c1375bc0 [ 19.203725] which belongs to the cache kmalloc-16 of size 16 [ 19.203814] The buggy address is located 8 bytes inside of [ 19.203814] allocated 9-byte region [fff00000c1375bc0, fff00000c1375bc9) [ 19.204166] [ 19.204258] The buggy address belongs to the physical page: [ 19.204344] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101375 [ 19.204440] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.204639] page_type: f5(slab) [ 19.204805] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.204904] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.205069] page dumped because: kasan: bad access detected [ 19.205154] [ 19.205212] Memory state around the buggy address: [ 19.205249] fff00000c1375a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.205527] fff00000c1375b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.205612] >fff00000c1375b80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.205765] ^ [ 19.205848] fff00000c1375c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.205926] fff00000c1375c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.206361] ================================================================== [ 19.168982] ================================================================== [ 19.169249] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 19.169358] Write of size 8 at addr fff00000c1375bc8 by task kunit_try_catch/261 [ 19.169412] [ 19.170260] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 19.170422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.170538] Hardware name: linux,dummy-virt (DT) [ 19.170614] Call trace: [ 19.170950] show_stack+0x20/0x38 (C) [ 19.171024] dump_stack_lvl+0x8c/0xd0 [ 19.171154] print_report+0x118/0x5d0 [ 19.171266] kasan_report+0xdc/0x128 [ 19.171565] kasan_check_range+0x100/0x1a8 [ 19.171736] __kasan_check_write+0x20/0x30 [ 19.171830] kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 19.172208] kasan_bitops_generic+0x11c/0x1c8 [ 19.172261] kunit_try_run_case+0x170/0x3f0 [ 19.172596] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.172695] kthread+0x328/0x630 [ 19.173051] ret_from_fork+0x10/0x20 [ 19.173216] [ 19.173284] Allocated by task 261: [ 19.173642] kasan_save_stack+0x3c/0x68 [ 19.173730] kasan_save_track+0x20/0x40 [ 19.173853] kasan_save_alloc_info+0x40/0x58 [ 19.173990] __kasan_kmalloc+0xd4/0xd8 [ 19.174099] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.174144] kasan_bitops_generic+0xa0/0x1c8 [ 19.174206] kunit_try_run_case+0x170/0x3f0 [ 19.174247] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.174564] kthread+0x328/0x630 [ 19.174745] ret_from_fork+0x10/0x20 [ 19.174823] [ 19.174882] The buggy address belongs to the object at fff00000c1375bc0 [ 19.174882] which belongs to the cache kmalloc-16 of size 16 [ 19.175381] The buggy address is located 8 bytes inside of [ 19.175381] allocated 9-byte region [fff00000c1375bc0, fff00000c1375bc9) [ 19.175485] [ 19.175643] The buggy address belongs to the physical page: [ 19.175711] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101375 [ 19.176088] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.176492] page_type: f5(slab) [ 19.176566] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.176684] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.176730] page dumped because: kasan: bad access detected [ 19.176774] [ 19.176797] Memory state around the buggy address: [ 19.176850] fff00000c1375a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.176896] fff00000c1375b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.176942] >fff00000c1375b80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.176990] ^ [ 19.177050] fff00000c1375c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.177110] fff00000c1375c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.177151] ================================================================== [ 19.177409] ================================================================== [ 19.177471] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 19.177525] Read of size 8 at addr fff00000c1375bc8 by task kunit_try_catch/261 [ 19.177590] [ 19.177640] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 19.177723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.177757] Hardware name: linux,dummy-virt (DT) [ 19.177792] Call trace: [ 19.177816] show_stack+0x20/0x38 (C) [ 19.177867] dump_stack_lvl+0x8c/0xd0 [ 19.177922] print_report+0x118/0x5d0 [ 19.177972] kasan_report+0xdc/0x128 [ 19.178019] __asan_report_load8_noabort+0x20/0x30 [ 19.178074] kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 19.178132] kasan_bitops_generic+0x11c/0x1c8 [ 19.178183] kunit_try_run_case+0x170/0x3f0 [ 19.178242] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.178308] kthread+0x328/0x630 [ 19.178352] ret_from_fork+0x10/0x20 [ 19.178409] [ 19.178430] Allocated by task 261: [ 19.178461] kasan_save_stack+0x3c/0x68 [ 19.178510] kasan_save_track+0x20/0x40 [ 19.178549] kasan_save_alloc_info+0x40/0x58 [ 19.178592] __kasan_kmalloc+0xd4/0xd8 [ 19.178659] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.179104] kasan_bitops_generic+0xa0/0x1c8 [ 19.179176] kunit_try_run_case+0x170/0x3f0 [ 19.179218] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.179266] kthread+0x328/0x630 [ 19.179300] ret_from_fork+0x10/0x20 [ 19.179339] [ 19.179360] The buggy address belongs to the object at fff00000c1375bc0 [ 19.179360] which belongs to the cache kmalloc-16 of size 16 [ 19.179422] The buggy address is located 8 bytes inside of [ 19.179422] allocated 9-byte region [fff00000c1375bc0, fff00000c1375bc9) [ 19.180014] [ 19.180395] The buggy address belongs to the physical page: [ 19.180750] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101375 [ 19.180900] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.181025] page_type: f5(slab) [ 19.181076] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.181132] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.181178] page dumped because: kasan: bad access detected [ 19.181575] [ 19.181699] Memory state around the buggy address: [ 19.181785] fff00000c1375a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.181951] fff00000c1375b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.182037] >fff00000c1375b80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.182094] ^ [ 19.182411] fff00000c1375c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.182670] fff00000c1375c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.182857] ================================================================== [ 19.190700] ================================================================== [ 19.190776] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0 [ 19.190958] Read of size 8 at addr fff00000c1375bc8 by task kunit_try_catch/261 [ 19.191031] [ 19.191063] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 19.191415] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.191469] Hardware name: linux,dummy-virt (DT) [ 19.191769] Call trace: [ 19.191821] show_stack+0x20/0x38 (C) [ 19.191914] dump_stack_lvl+0x8c/0xd0 [ 19.192000] print_report+0x118/0x5d0 [ 19.192053] kasan_report+0xdc/0x128 [ 19.192158] __asan_report_load8_noabort+0x20/0x30 [ 19.192232] kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0 [ 19.192323] kasan_bitops_generic+0x11c/0x1c8 [ 19.192377] kunit_try_run_case+0x170/0x3f0 [ 19.192445] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.192781] kthread+0x328/0x630 [ 19.192846] ret_from_fork+0x10/0x20 [ 19.192901] [ 19.192961] Allocated by task 261: [ 19.193041] kasan_save_stack+0x3c/0x68 [ 19.193211] kasan_save_track+0x20/0x40 [ 19.193278] kasan_save_alloc_info+0x40/0x58 [ 19.193452] __kasan_kmalloc+0xd4/0xd8 [ 19.193641] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.193783] kasan_bitops_generic+0xa0/0x1c8 [ 19.193899] kunit_try_run_case+0x170/0x3f0 [ 19.193963] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.194296] kthread+0x328/0x630 [ 19.194663] ret_from_fork+0x10/0x20 [ 19.194801] [ 19.194835] The buggy address belongs to the object at fff00000c1375bc0 [ 19.194835] which belongs to the cache kmalloc-16 of size 16 [ 19.195207] The buggy address is located 8 bytes inside of [ 19.195207] allocated 9-byte region [fff00000c1375bc0, fff00000c1375bc9) [ 19.195366] [ 19.195394] The buggy address belongs to the physical page: [ 19.195719] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101375 [ 19.195814] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.196256] page_type: f5(slab) [ 19.196583] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.196722] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.196819] page dumped because: kasan: bad access detected [ 19.196976] [ 19.197009] Memory state around the buggy address: [ 19.197044] fff00000c1375a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.197099] fff00000c1375b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.197407] >fff00000c1375b80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.197550] ^ [ 19.197593] fff00000c1375c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.197908] fff00000c1375c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.198023] ================================================================== [ 19.183540] ================================================================== [ 19.183674] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc0 [ 19.183784] Write of size 8 at addr fff00000c1375bc8 by task kunit_try_catch/261 [ 19.183868] [ 19.183903] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT [ 19.184145] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.184296] Hardware name: linux,dummy-virt (DT) [ 19.184339] Call trace: [ 19.184365] show_stack+0x20/0x38 (C) [ 19.184419] dump_stack_lvl+0x8c/0xd0 [ 19.184467] print_report+0x118/0x5d0 [ 19.184811] kasan_report+0xdc/0x128 [ 19.184953] kasan_check_range+0x100/0x1a8 [ 19.185075] __kasan_check_write+0x20/0x30 [ 19.185173] kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc0 [ 19.185352] kasan_bitops_generic+0x11c/0x1c8 [ 19.185403] kunit_try_run_case+0x170/0x3f0 [ 19.185459] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.185514] kthread+0x328/0x630 [ 19.185557] ret_from_fork+0x10/0x20 [ 19.185606] [ 19.185640] Allocated by task 261: [ 19.185671] kasan_save_stack+0x3c/0x68 [ 19.185715] kasan_save_track+0x20/0x40 [ 19.185756] kasan_save_alloc_info+0x40/0x58 [ 19.185799] __kasan_kmalloc+0xd4/0xd8 [ 19.185838] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.185880] kasan_bitops_generic+0xa0/0x1c8 [ 19.185929] kunit_try_run_case+0x170/0x3f0 [ 19.185970] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.186017] kthread+0x328/0x630 [ 19.186414] ret_from_fork+0x10/0x20 [ 19.186508] [ 19.186631] The buggy address belongs to the object at fff00000c1375bc0 [ 19.186631] which belongs to the cache kmalloc-16 of size 16 [ 19.186725] The buggy address is located 8 bytes inside of [ 19.186725] allocated 9-byte region [fff00000c1375bc0, fff00000c1375bc9) [ 19.186968] [ 19.186992] The buggy address belongs to the physical page: [ 19.187054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101375 [ 19.187419] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.187616] page_type: f5(slab) [ 19.187711] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.187849] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.187896] page dumped because: kasan: bad access detected [ 19.187961] [ 19.188304] Memory state around the buggy address: [ 19.188721] fff00000c1375a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.189035] fff00000c1375b00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.189133] >fff00000c1375b80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.189196] ^ [ 19.189265] fff00000c1375c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.189348] fff00000c1375c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.189661] ==================================================================
[ 15.060037] ================================================================== [ 15.060503] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.061171] Read of size 8 at addr ffff888101b1cc08 by task kunit_try_catch/279 [ 15.061531] [ 15.061654] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 15.061698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.061711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.061730] Call Trace: [ 15.061746] <TASK> [ 15.061761] dump_stack_lvl+0x73/0xb0 [ 15.061788] print_report+0xd1/0x610 [ 15.061809] ? __virt_addr_valid+0x1db/0x2d0 [ 15.061833] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.061860] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.061882] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.061942] kasan_report+0x141/0x180 [ 15.061965] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.062026] kasan_check_range+0x10c/0x1c0 [ 15.062049] __kasan_check_read+0x15/0x20 [ 15.062069] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.062097] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.062125] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.062150] ? trace_hardirqs_on+0x37/0xe0 [ 15.062172] ? kasan_bitops_generic+0x92/0x1c0 [ 15.062261] kasan_bitops_generic+0x121/0x1c0 [ 15.062289] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.062314] ? __pfx_read_tsc+0x10/0x10 [ 15.062348] ? ktime_get_ts64+0x86/0x230 [ 15.062372] kunit_try_run_case+0x1a5/0x480 [ 15.062405] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.062429] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.062453] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.062479] ? __kthread_parkme+0x82/0x180 [ 15.062501] ? preempt_count_sub+0x50/0x80 [ 15.062557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.062582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.062605] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.062640] kthread+0x337/0x6f0 [ 15.062660] ? trace_preempt_on+0x20/0xc0 [ 15.062682] ? __pfx_kthread+0x10/0x10 [ 15.062703] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.062752] ? calculate_sigpending+0x7b/0xa0 [ 15.062777] ? __pfx_kthread+0x10/0x10 [ 15.062823] ret_from_fork+0x116/0x1d0 [ 15.062843] ? __pfx_kthread+0x10/0x10 [ 15.062865] ret_from_fork_asm+0x1a/0x30 [ 15.062897] </TASK> [ 15.062906] [ 15.076428] Allocated by task 279: [ 15.076679] kasan_save_stack+0x45/0x70 [ 15.077105] kasan_save_track+0x18/0x40 [ 15.077323] kasan_save_alloc_info+0x3b/0x50 [ 15.077807] __kasan_kmalloc+0xb7/0xc0 [ 15.078024] __kmalloc_cache_noprof+0x189/0x420 [ 15.078459] kasan_bitops_generic+0x92/0x1c0 [ 15.078889] kunit_try_run_case+0x1a5/0x480 [ 15.079232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.079519] kthread+0x337/0x6f0 [ 15.079948] ret_from_fork+0x116/0x1d0 [ 15.080345] ret_from_fork_asm+0x1a/0x30 [ 15.080774] [ 15.080897] The buggy address belongs to the object at ffff888101b1cc00 [ 15.080897] which belongs to the cache kmalloc-16 of size 16 [ 15.081981] The buggy address is located 8 bytes inside of [ 15.081981] allocated 9-byte region [ffff888101b1cc00, ffff888101b1cc09) [ 15.082683] [ 15.082776] The buggy address belongs to the physical page: [ 15.083412] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b1c [ 15.083931] flags: 0x200000000000000(node=0|zone=2) [ 15.084413] page_type: f5(slab) [ 15.084594] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.085122] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.085607] page dumped because: kasan: bad access detected [ 15.085940] [ 15.086020] Memory state around the buggy address: [ 15.086529] ffff888101b1cb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.087016] ffff888101b1cb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.087544] >ffff888101b1cc00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.088057] ^ [ 15.088248] ffff888101b1cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.088878] ffff888101b1cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.089279] ================================================================== [ 14.988996] ================================================================== [ 14.989257] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.989794] Write of size 8 at addr ffff888101b1cc08 by task kunit_try_catch/279 [ 14.990279] [ 14.990408] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 14.990452] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.990465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.990487] Call Trace: [ 14.990501] <TASK> [ 14.990517] dump_stack_lvl+0x73/0xb0 [ 14.990546] print_report+0xd1/0x610 [ 14.990567] ? __virt_addr_valid+0x1db/0x2d0 [ 14.990612] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.990639] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.990661] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.990689] kasan_report+0x141/0x180 [ 14.990711] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.990744] kasan_check_range+0x10c/0x1c0 [ 14.990767] __kasan_check_write+0x18/0x20 [ 14.990787] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.990814] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.990843] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.990867] ? trace_hardirqs_on+0x37/0xe0 [ 14.990889] ? kasan_bitops_generic+0x92/0x1c0 [ 14.990916] kasan_bitops_generic+0x121/0x1c0 [ 14.990940] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.990967] ? __pfx_read_tsc+0x10/0x10 [ 14.990987] ? ktime_get_ts64+0x86/0x230 [ 14.991065] kunit_try_run_case+0x1a5/0x480 [ 14.991097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.991120] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.991144] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.991168] ? __kthread_parkme+0x82/0x180 [ 14.991188] ? preempt_count_sub+0x50/0x80 [ 14.991213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.991238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.991260] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.991320] kthread+0x337/0x6f0 [ 14.991341] ? trace_preempt_on+0x20/0xc0 [ 14.991363] ? __pfx_kthread+0x10/0x10 [ 14.991421] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.991457] ? calculate_sigpending+0x7b/0xa0 [ 14.991495] ? __pfx_kthread+0x10/0x10 [ 14.991516] ret_from_fork+0x116/0x1d0 [ 14.991549] ? __pfx_kthread+0x10/0x10 [ 14.991601] ret_from_fork_asm+0x1a/0x30 [ 14.991657] </TASK> [ 14.991667] [ 15.001871] Allocated by task 279: [ 15.002121] kasan_save_stack+0x45/0x70 [ 15.002327] kasan_save_track+0x18/0x40 [ 15.002532] kasan_save_alloc_info+0x3b/0x50 [ 15.002769] __kasan_kmalloc+0xb7/0xc0 [ 15.002956] __kmalloc_cache_noprof+0x189/0x420 [ 15.003287] kasan_bitops_generic+0x92/0x1c0 [ 15.003531] kunit_try_run_case+0x1a5/0x480 [ 15.003806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.004349] kthread+0x337/0x6f0 [ 15.004535] ret_from_fork+0x116/0x1d0 [ 15.004736] ret_from_fork_asm+0x1a/0x30 [ 15.004887] [ 15.004962] The buggy address belongs to the object at ffff888101b1cc00 [ 15.004962] which belongs to the cache kmalloc-16 of size 16 [ 15.005324] The buggy address is located 8 bytes inside of [ 15.005324] allocated 9-byte region [ffff888101b1cc00, ffff888101b1cc09) [ 15.005862] [ 15.005968] The buggy address belongs to the physical page: [ 15.006229] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b1c [ 15.006704] flags: 0x200000000000000(node=0|zone=2) [ 15.006915] page_type: f5(slab) [ 15.007134] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.007424] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.007841] page dumped because: kasan: bad access detected [ 15.008243] [ 15.008372] Memory state around the buggy address: [ 15.008695] ffff888101b1cb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.009113] ffff888101b1cb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.009612] >ffff888101b1cc00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.009994] ^ [ 15.010534] ffff888101b1cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.010937] ffff888101b1cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.011367] ================================================================== [ 15.036582] ================================================================== [ 15.036971] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.037457] Write of size 8 at addr ffff888101b1cc08 by task kunit_try_catch/279 [ 15.037831] [ 15.037943] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 15.037989] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.038001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.038024] Call Trace: [ 15.038037] <TASK> [ 15.038054] dump_stack_lvl+0x73/0xb0 [ 15.038157] print_report+0xd1/0x610 [ 15.038198] ? __virt_addr_valid+0x1db/0x2d0 [ 15.038222] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.038250] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.038301] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.038329] kasan_report+0x141/0x180 [ 15.038379] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.038428] kasan_check_range+0x10c/0x1c0 [ 15.038452] __kasan_check_write+0x18/0x20 [ 15.038471] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.038499] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.038527] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.038579] ? trace_hardirqs_on+0x37/0xe0 [ 15.038612] ? kasan_bitops_generic+0x92/0x1c0 [ 15.038652] kasan_bitops_generic+0x121/0x1c0 [ 15.038677] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.038730] ? __pfx_read_tsc+0x10/0x10 [ 15.038751] ? ktime_get_ts64+0x86/0x230 [ 15.038777] kunit_try_run_case+0x1a5/0x480 [ 15.038813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.038836] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.038860] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.038884] ? __kthread_parkme+0x82/0x180 [ 15.038930] ? preempt_count_sub+0x50/0x80 [ 15.038955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.038979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.039030] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.039064] kthread+0x337/0x6f0 [ 15.039084] ? trace_preempt_on+0x20/0xc0 [ 15.039106] ? __pfx_kthread+0x10/0x10 [ 15.039174] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.039195] ? calculate_sigpending+0x7b/0xa0 [ 15.039221] ? __pfx_kthread+0x10/0x10 [ 15.039266] ret_from_fork+0x116/0x1d0 [ 15.039295] ? __pfx_kthread+0x10/0x10 [ 15.039316] ret_from_fork_asm+0x1a/0x30 [ 15.039359] </TASK> [ 15.039370] [ 15.049622] Allocated by task 279: [ 15.049844] kasan_save_stack+0x45/0x70 [ 15.050063] kasan_save_track+0x18/0x40 [ 15.050331] kasan_save_alloc_info+0x3b/0x50 [ 15.050652] __kasan_kmalloc+0xb7/0xc0 [ 15.050828] __kmalloc_cache_noprof+0x189/0x420 [ 15.051082] kasan_bitops_generic+0x92/0x1c0 [ 15.051295] kunit_try_run_case+0x1a5/0x480 [ 15.051583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.051828] kthread+0x337/0x6f0 [ 15.052025] ret_from_fork+0x116/0x1d0 [ 15.052200] ret_from_fork_asm+0x1a/0x30 [ 15.052360] [ 15.052467] The buggy address belongs to the object at ffff888101b1cc00 [ 15.052467] which belongs to the cache kmalloc-16 of size 16 [ 15.053089] The buggy address is located 8 bytes inside of [ 15.053089] allocated 9-byte region [ffff888101b1cc00, ffff888101b1cc09) [ 15.053513] [ 15.053590] The buggy address belongs to the physical page: [ 15.054227] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b1c [ 15.054956] flags: 0x200000000000000(node=0|zone=2) [ 15.055301] page_type: f5(slab) [ 15.055493] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.055877] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.056307] page dumped because: kasan: bad access detected [ 15.056662] [ 15.056807] Memory state around the buggy address: [ 15.057056] ffff888101b1cb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.057522] ffff888101b1cb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.058021] >ffff888101b1cc00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.058485] ^ [ 15.058686] ffff888101b1cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.059282] ffff888101b1cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.059564] ================================================================== [ 14.968640] ================================================================== [ 14.968983] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.969519] Write of size 8 at addr ffff888101b1cc08 by task kunit_try_catch/279 [ 14.969781] [ 14.969871] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 14.969913] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.969925] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.969947] Call Trace: [ 14.969960] <TASK> [ 14.969976] dump_stack_lvl+0x73/0xb0 [ 14.970003] print_report+0xd1/0x610 [ 14.970025] ? __virt_addr_valid+0x1db/0x2d0 [ 14.970048] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.970075] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.970121] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.970148] kasan_report+0x141/0x180 [ 14.970172] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.970215] kasan_check_range+0x10c/0x1c0 [ 14.970238] __kasan_check_write+0x18/0x20 [ 14.970269] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.970296] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.970325] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.970349] ? trace_hardirqs_on+0x37/0xe0 [ 14.970370] ? kasan_bitops_generic+0x92/0x1c0 [ 14.970407] kasan_bitops_generic+0x121/0x1c0 [ 14.970431] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.970456] ? __pfx_read_tsc+0x10/0x10 [ 14.970477] ? ktime_get_ts64+0x86/0x230 [ 14.970501] kunit_try_run_case+0x1a5/0x480 [ 14.970525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.970548] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.970588] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.970612] ? __kthread_parkme+0x82/0x180 [ 14.970632] ? preempt_count_sub+0x50/0x80 [ 14.970657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.970682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.970705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.970728] kthread+0x337/0x6f0 [ 14.970748] ? trace_preempt_on+0x20/0xc0 [ 14.970770] ? __pfx_kthread+0x10/0x10 [ 14.970792] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.970813] ? calculate_sigpending+0x7b/0xa0 [ 14.970837] ? __pfx_kthread+0x10/0x10 [ 14.970858] ret_from_fork+0x116/0x1d0 [ 14.970877] ? __pfx_kthread+0x10/0x10 [ 14.970897] ret_from_fork_asm+0x1a/0x30 [ 14.970929] </TASK> [ 14.970940] [ 14.980308] Allocated by task 279: [ 14.980524] kasan_save_stack+0x45/0x70 [ 14.980756] kasan_save_track+0x18/0x40 [ 14.980947] kasan_save_alloc_info+0x3b/0x50 [ 14.981165] __kasan_kmalloc+0xb7/0xc0 [ 14.981350] __kmalloc_cache_noprof+0x189/0x420 [ 14.981566] kasan_bitops_generic+0x92/0x1c0 [ 14.981719] kunit_try_run_case+0x1a5/0x480 [ 14.981866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.982043] kthread+0x337/0x6f0 [ 14.982213] ret_from_fork+0x116/0x1d0 [ 14.982430] ret_from_fork_asm+0x1a/0x30 [ 14.982651] [ 14.982750] The buggy address belongs to the object at ffff888101b1cc00 [ 14.982750] which belongs to the cache kmalloc-16 of size 16 [ 14.983608] The buggy address is located 8 bytes inside of [ 14.983608] allocated 9-byte region [ffff888101b1cc00, ffff888101b1cc09) [ 14.984181] [ 14.984291] The buggy address belongs to the physical page: [ 14.984557] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b1c [ 14.984912] flags: 0x200000000000000(node=0|zone=2) [ 14.985248] page_type: f5(slab) [ 14.985425] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.985780] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.986130] page dumped because: kasan: bad access detected [ 14.986405] [ 14.986500] Memory state around the buggy address: [ 14.986734] ffff888101b1cb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.987040] ffff888101b1cb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.987340] >ffff888101b1cc00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.987679] ^ [ 14.987883] ffff888101b1cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.988246] ffff888101b1cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.988610] ================================================================== [ 14.929254] ================================================================== [ 14.929608] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.930065] Write of size 8 at addr ffff888101b1cc08 by task kunit_try_catch/279 [ 14.930421] [ 14.930545] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 14.930612] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.930625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.930647] Call Trace: [ 14.930663] <TASK> [ 14.930680] dump_stack_lvl+0x73/0xb0 [ 14.930708] print_report+0xd1/0x610 [ 14.930740] ? __virt_addr_valid+0x1db/0x2d0 [ 14.930763] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.930791] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.930823] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.930851] kasan_report+0x141/0x180 [ 14.930874] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.930915] kasan_check_range+0x10c/0x1c0 [ 14.930938] __kasan_check_write+0x18/0x20 [ 14.930957] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.930995] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.931051] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.931075] ? trace_hardirqs_on+0x37/0xe0 [ 14.931098] ? kasan_bitops_generic+0x92/0x1c0 [ 14.931125] kasan_bitops_generic+0x121/0x1c0 [ 14.931159] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.931184] ? __pfx_read_tsc+0x10/0x10 [ 14.931204] ? ktime_get_ts64+0x86/0x230 [ 14.931241] kunit_try_run_case+0x1a5/0x480 [ 14.931266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.931288] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.931312] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.931344] ? __kthread_parkme+0x82/0x180 [ 14.931365] ? preempt_count_sub+0x50/0x80 [ 14.931389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.931432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.931455] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.931490] kthread+0x337/0x6f0 [ 14.931509] ? trace_preempt_on+0x20/0xc0 [ 14.931540] ? __pfx_kthread+0x10/0x10 [ 14.931560] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.931605] ? calculate_sigpending+0x7b/0xa0 [ 14.931630] ? __pfx_kthread+0x10/0x10 [ 14.931652] ret_from_fork+0x116/0x1d0 [ 14.931690] ? __pfx_kthread+0x10/0x10 [ 14.931711] ret_from_fork_asm+0x1a/0x30 [ 14.931744] </TASK> [ 14.931764] [ 14.940384] Allocated by task 279: [ 14.940536] kasan_save_stack+0x45/0x70 [ 14.940737] kasan_save_track+0x18/0x40 [ 14.940922] kasan_save_alloc_info+0x3b/0x50 [ 14.941149] __kasan_kmalloc+0xb7/0xc0 [ 14.941353] __kmalloc_cache_noprof+0x189/0x420 [ 14.941561] kasan_bitops_generic+0x92/0x1c0 [ 14.941802] kunit_try_run_case+0x1a5/0x480 [ 14.942029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.942328] kthread+0x337/0x6f0 [ 14.942512] ret_from_fork+0x116/0x1d0 [ 14.942739] ret_from_fork_asm+0x1a/0x30 [ 14.942934] [ 14.943008] The buggy address belongs to the object at ffff888101b1cc00 [ 14.943008] which belongs to the cache kmalloc-16 of size 16 [ 14.943629] The buggy address is located 8 bytes inside of [ 14.943629] allocated 9-byte region [ffff888101b1cc00, ffff888101b1cc09) [ 14.943987] [ 14.944060] The buggy address belongs to the physical page: [ 14.944237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b1c [ 14.944538] flags: 0x200000000000000(node=0|zone=2) [ 14.944834] page_type: f5(slab) [ 14.945030] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.945439] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.945878] page dumped because: kasan: bad access detected [ 14.946131] [ 14.946223] Memory state around the buggy address: [ 14.946384] ffff888101b1cb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.946675] ffff888101b1cb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.947043] >ffff888101b1cc00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.947364] ^ [ 14.947537] ffff888101b1cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.947871] ffff888101b1cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.948325] ================================================================== [ 14.908968] ================================================================== [ 14.909576] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.909964] Write of size 8 at addr ffff888101b1cc08 by task kunit_try_catch/279 [ 14.910842] [ 14.911091] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 14.911147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.911160] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.911182] Call Trace: [ 14.911199] <TASK> [ 14.911215] dump_stack_lvl+0x73/0xb0 [ 14.911245] print_report+0xd1/0x610 [ 14.911268] ? __virt_addr_valid+0x1db/0x2d0 [ 14.911291] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.911319] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.911341] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.911369] kasan_report+0x141/0x180 [ 14.911391] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.911433] kasan_check_range+0x10c/0x1c0 [ 14.911457] __kasan_check_write+0x18/0x20 [ 14.911476] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.911504] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.911532] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.911556] ? trace_hardirqs_on+0x37/0xe0 [ 14.911579] ? kasan_bitops_generic+0x92/0x1c0 [ 14.911607] kasan_bitops_generic+0x121/0x1c0 [ 14.911630] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.911655] ? __pfx_read_tsc+0x10/0x10 [ 14.911677] ? ktime_get_ts64+0x86/0x230 [ 14.911704] kunit_try_run_case+0x1a5/0x480 [ 14.911729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.911762] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.911787] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.911810] ? __kthread_parkme+0x82/0x180 [ 14.911842] ? preempt_count_sub+0x50/0x80 [ 14.911866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.911891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.911914] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.911937] kthread+0x337/0x6f0 [ 14.911957] ? trace_preempt_on+0x20/0xc0 [ 14.911980] ? __pfx_kthread+0x10/0x10 [ 14.912001] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.912022] ? calculate_sigpending+0x7b/0xa0 [ 14.912047] ? __pfx_kthread+0x10/0x10 [ 14.912069] ret_from_fork+0x116/0x1d0 [ 14.912087] ? __pfx_kthread+0x10/0x10 [ 14.912109] ret_from_fork_asm+0x1a/0x30 [ 14.912142] </TASK> [ 14.912152] [ 14.920970] Allocated by task 279: [ 14.921257] kasan_save_stack+0x45/0x70 [ 14.921413] kasan_save_track+0x18/0x40 [ 14.921554] kasan_save_alloc_info+0x3b/0x50 [ 14.921716] __kasan_kmalloc+0xb7/0xc0 [ 14.921860] __kmalloc_cache_noprof+0x189/0x420 [ 14.922346] kasan_bitops_generic+0x92/0x1c0 [ 14.922779] kunit_try_run_case+0x1a5/0x480 [ 14.922990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.923354] kthread+0x337/0x6f0 [ 14.923513] ret_from_fork+0x116/0x1d0 [ 14.923711] ret_from_fork_asm+0x1a/0x30 [ 14.923927] [ 14.924007] The buggy address belongs to the object at ffff888101b1cc00 [ 14.924007] which belongs to the cache kmalloc-16 of size 16 [ 14.924487] The buggy address is located 8 bytes inside of [ 14.924487] allocated 9-byte region [ffff888101b1cc00, ffff888101b1cc09) [ 14.925032] [ 14.925106] The buggy address belongs to the physical page: [ 14.925280] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b1c [ 14.925552] flags: 0x200000000000000(node=0|zone=2) [ 14.925725] page_type: f5(slab) [ 14.925849] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.926329] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.926671] page dumped because: kasan: bad access detected [ 14.926921] [ 14.927014] Memory state around the buggy address: [ 14.927234] ffff888101b1cb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.927576] ffff888101b1cb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.927888] >ffff888101b1cc00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.928101] ^ [ 14.928224] ffff888101b1cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.928475] ffff888101b1cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.928756] ================================================================== [ 14.948874] ================================================================== [ 14.949278] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.949737] Write of size 8 at addr ffff888101b1cc08 by task kunit_try_catch/279 [ 14.950126] [ 14.950235] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 14.950291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.950302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.950324] Call Trace: [ 14.950349] <TASK> [ 14.950365] dump_stack_lvl+0x73/0xb0 [ 14.950402] print_report+0xd1/0x610 [ 14.950424] ? __virt_addr_valid+0x1db/0x2d0 [ 14.950449] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.950476] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.950498] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.950526] kasan_report+0x141/0x180 [ 14.950548] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.950599] kasan_check_range+0x10c/0x1c0 [ 14.950624] __kasan_check_write+0x18/0x20 [ 14.950642] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.950670] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.950698] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.950723] ? trace_hardirqs_on+0x37/0xe0 [ 14.950747] ? kasan_bitops_generic+0x92/0x1c0 [ 14.950774] kasan_bitops_generic+0x121/0x1c0 [ 14.950799] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.950824] ? __pfx_read_tsc+0x10/0x10 [ 14.950854] ? ktime_get_ts64+0x86/0x230 [ 14.950881] kunit_try_run_case+0x1a5/0x480 [ 14.950906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.950939] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 14.950964] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.950987] ? __kthread_parkme+0x82/0x180 [ 14.951024] ? preempt_count_sub+0x50/0x80 [ 14.951049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.951073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.951097] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.951119] kthread+0x337/0x6f0 [ 14.951140] ? trace_preempt_on+0x20/0xc0 [ 14.951162] ? __pfx_kthread+0x10/0x10 [ 14.951183] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.951204] ? calculate_sigpending+0x7b/0xa0 [ 14.951228] ? __pfx_kthread+0x10/0x10 [ 14.951250] ret_from_fork+0x116/0x1d0 [ 14.951269] ? __pfx_kthread+0x10/0x10 [ 14.951290] ret_from_fork_asm+0x1a/0x30 [ 14.951323] </TASK> [ 14.951335] [ 14.959733] Allocated by task 279: [ 14.959861] kasan_save_stack+0x45/0x70 [ 14.960003] kasan_save_track+0x18/0x40 [ 14.960140] kasan_save_alloc_info+0x3b/0x50 [ 14.960303] __kasan_kmalloc+0xb7/0xc0 [ 14.960706] __kmalloc_cache_noprof+0x189/0x420 [ 14.960937] kasan_bitops_generic+0x92/0x1c0 [ 14.961155] kunit_try_run_case+0x1a5/0x480 [ 14.961361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.961620] kthread+0x337/0x6f0 [ 14.961792] ret_from_fork+0x116/0x1d0 [ 14.961977] ret_from_fork_asm+0x1a/0x30 [ 14.962170] [ 14.962265] The buggy address belongs to the object at ffff888101b1cc00 [ 14.962265] which belongs to the cache kmalloc-16 of size 16 [ 14.962858] The buggy address is located 8 bytes inside of [ 14.962858] allocated 9-byte region [ffff888101b1cc00, ffff888101b1cc09) [ 14.963215] [ 14.963289] The buggy address belongs to the physical page: [ 14.963649] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b1c [ 14.964017] flags: 0x200000000000000(node=0|zone=2) [ 14.964491] page_type: f5(slab) [ 14.964691] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.965055] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.965371] page dumped because: kasan: bad access detected [ 14.965781] [ 14.965921] Memory state around the buggy address: [ 14.966220] ffff888101b1cb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.966509] ffff888101b1cb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.966820] >ffff888101b1cc00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.967230] ^ [ 14.967458] ffff888101b1cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.967787] ffff888101b1cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.968171] ================================================================== [ 15.011806] ================================================================== [ 15.012377] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.012859] Write of size 8 at addr ffff888101b1cc08 by task kunit_try_catch/279 [ 15.013300] [ 15.013429] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 15.013505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.013518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.013551] Call Trace: [ 15.013566] <TASK> [ 15.013599] dump_stack_lvl+0x73/0xb0 [ 15.013629] print_report+0xd1/0x610 [ 15.013651] ? __virt_addr_valid+0x1db/0x2d0 [ 15.013673] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.013700] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.013751] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.013780] kasan_report+0x141/0x180 [ 15.013802] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.013845] kasan_check_range+0x10c/0x1c0 [ 15.013870] __kasan_check_write+0x18/0x20 [ 15.013888] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.013917] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.013945] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.013968] ? trace_hardirqs_on+0x37/0xe0 [ 15.013990] ? kasan_bitops_generic+0x92/0x1c0 [ 15.014096] kasan_bitops_generic+0x121/0x1c0 [ 15.014137] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.014163] ? __pfx_read_tsc+0x10/0x10 [ 15.014205] ? ktime_get_ts64+0x86/0x230 [ 15.014241] kunit_try_run_case+0x1a5/0x480 [ 15.014266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.014300] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.014325] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.014373] ? __kthread_parkme+0x82/0x180 [ 15.014409] ? preempt_count_sub+0x50/0x80 [ 15.014436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.014460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.014484] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.014507] kthread+0x337/0x6f0 [ 15.014552] ? trace_preempt_on+0x20/0xc0 [ 15.014622] ? __pfx_kthread+0x10/0x10 [ 15.014645] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.014667] ? calculate_sigpending+0x7b/0xa0 [ 15.014703] ? __pfx_kthread+0x10/0x10 [ 15.014725] ret_from_fork+0x116/0x1d0 [ 15.014744] ? __pfx_kthread+0x10/0x10 [ 15.014764] ret_from_fork_asm+0x1a/0x30 [ 15.014815] </TASK> [ 15.014834] [ 15.025315] Allocated by task 279: [ 15.025562] kasan_save_stack+0x45/0x70 [ 15.025777] kasan_save_track+0x18/0x40 [ 15.026003] kasan_save_alloc_info+0x3b/0x50 [ 15.026293] __kasan_kmalloc+0xb7/0xc0 [ 15.026569] __kmalloc_cache_noprof+0x189/0x420 [ 15.026751] kasan_bitops_generic+0x92/0x1c0 [ 15.027084] kunit_try_run_case+0x1a5/0x480 [ 15.027309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.027834] kthread+0x337/0x6f0 [ 15.028015] ret_from_fork+0x116/0x1d0 [ 15.028714] ret_from_fork_asm+0x1a/0x30 [ 15.029036] [ 15.029140] The buggy address belongs to the object at ffff888101b1cc00 [ 15.029140] which belongs to the cache kmalloc-16 of size 16 [ 15.030157] The buggy address is located 8 bytes inside of [ 15.030157] allocated 9-byte region [ffff888101b1cc00, ffff888101b1cc09) [ 15.030822] [ 15.030956] The buggy address belongs to the physical page: [ 15.031352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b1c [ 15.031777] flags: 0x200000000000000(node=0|zone=2) [ 15.032019] page_type: f5(slab) [ 15.032272] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.032749] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.033090] page dumped because: kasan: bad access detected [ 15.033539] [ 15.033661] Memory state around the buggy address: [ 15.033927] ffff888101b1cb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.034367] ffff888101b1cb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.034734] >ffff888101b1cc00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.035018] ^ [ 15.035242] ffff888101b1cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.035607] ffff888101b1cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.035972] ================================================================== [ 15.090260] ================================================================== [ 15.091210] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.091574] Read of size 8 at addr ffff888101b1cc08 by task kunit_try_catch/279 [ 15.091946] [ 15.092046] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 15.092092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.092106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.092159] Call Trace: [ 15.092198] <TASK> [ 15.092216] dump_stack_lvl+0x73/0xb0 [ 15.092271] print_report+0xd1/0x610 [ 15.092295] ? __virt_addr_valid+0x1db/0x2d0 [ 15.092318] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.092345] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.092367] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.092406] kasan_report+0x141/0x180 [ 15.092429] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.092462] __asan_report_load8_noabort+0x18/0x20 [ 15.092487] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.092514] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.092544] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.092567] ? trace_hardirqs_on+0x37/0xe0 [ 15.092589] ? kasan_bitops_generic+0x92/0x1c0 [ 15.092618] kasan_bitops_generic+0x121/0x1c0 [ 15.092641] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.092670] ? __pfx_read_tsc+0x10/0x10 [ 15.092691] ? ktime_get_ts64+0x86/0x230 [ 15.092717] kunit_try_run_case+0x1a5/0x480 [ 15.092743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.092765] ? _raw_spin_lock_irqsave+0xf9/0x100 [ 15.092789] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.092813] ? __kthread_parkme+0x82/0x180 [ 15.092833] ? preempt_count_sub+0x50/0x80 [ 15.092858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.092882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.092905] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.092928] kthread+0x337/0x6f0 [ 15.092948] ? trace_preempt_on+0x20/0xc0 [ 15.092971] ? __pfx_kthread+0x10/0x10 [ 15.092992] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.093013] ? calculate_sigpending+0x7b/0xa0 [ 15.093061] ? __pfx_kthread+0x10/0x10 [ 15.093083] ret_from_fork+0x116/0x1d0 [ 15.093102] ? __pfx_kthread+0x10/0x10 [ 15.093123] ret_from_fork_asm+0x1a/0x30 [ 15.093155] </TASK> [ 15.093166] [ 15.102270] Allocated by task 279: [ 15.102421] kasan_save_stack+0x45/0x70 [ 15.102567] kasan_save_track+0x18/0x40 [ 15.102757] kasan_save_alloc_info+0x3b/0x50 [ 15.103018] __kasan_kmalloc+0xb7/0xc0 [ 15.103208] __kmalloc_cache_noprof+0x189/0x420 [ 15.103439] kasan_bitops_generic+0x92/0x1c0 [ 15.103893] kunit_try_run_case+0x1a5/0x480 [ 15.104160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.104456] kthread+0x337/0x6f0 [ 15.104642] ret_from_fork+0x116/0x1d0 [ 15.104784] ret_from_fork_asm+0x1a/0x30 [ 15.104926] [ 15.104998] The buggy address belongs to the object at ffff888101b1cc00 [ 15.104998] which belongs to the cache kmalloc-16 of size 16 [ 15.105547] The buggy address is located 8 bytes inside of [ 15.105547] allocated 9-byte region [ffff888101b1cc00, ffff888101b1cc09) [ 15.106246] [ 15.106351] The buggy address belongs to the physical page: [ 15.106618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b1c [ 15.107012] flags: 0x200000000000000(node=0|zone=2) [ 15.107261] page_type: f5(slab) [ 15.107436] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.107773] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.108147] page dumped because: kasan: bad access detected [ 15.108470] [ 15.108564] Memory state around the buggy address: [ 15.108780] ffff888101b1cb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.109000] ffff888101b1cb80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.109216] >ffff888101b1cc00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.109442] ^ [ 15.109565] ffff888101b1cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.109893] ffff888101b1cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.110232] ==================================================================
[ 15.105367] ================================================================== [ 15.106279] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.106695] Write of size 8 at addr ffff88810210ec88 by task kunit_try_catch/279 [ 15.106974] [ 15.107075] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 15.107119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.107131] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.107174] Call Trace: [ 15.107193] <TASK> [ 15.107208] dump_stack_lvl+0x73/0xb0 [ 15.107247] print_report+0xd1/0x610 [ 15.107268] ? __virt_addr_valid+0x1db/0x2d0 [ 15.107291] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.107317] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.107357] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.107384] kasan_report+0x141/0x180 [ 15.107405] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.107436] kasan_check_range+0x10c/0x1c0 [ 15.107460] __kasan_check_write+0x18/0x20 [ 15.107479] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.107505] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.107533] ? ret_from_fork_asm+0x1a/0x30 [ 15.107554] ? kthread+0x337/0x6f0 [ 15.107579] kasan_bitops_generic+0x121/0x1c0 [ 15.107601] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.107623] ? trace_hardirqs_on+0x37/0xe0 [ 15.107646] ? __pfx_read_tsc+0x10/0x10 [ 15.107668] ? ktime_get_ts64+0x86/0x230 [ 15.107689] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.107716] kunit_try_run_case+0x1a5/0x480 [ 15.107740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.107766] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.107790] ? __kthread_parkme+0x82/0x180 [ 15.107809] ? preempt_count_sub+0x50/0x80 [ 15.107832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.107857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.107880] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.107904] kthread+0x337/0x6f0 [ 15.107923] ? trace_preempt_on+0x20/0xc0 [ 15.107944] ? __pfx_kthread+0x10/0x10 [ 15.107964] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.107985] ? calculate_sigpending+0x7b/0xa0 [ 15.108009] ? __pfx_kthread+0x10/0x10 [ 15.108030] ret_from_fork+0x116/0x1d0 [ 15.108049] ? __pfx_kthread+0x10/0x10 [ 15.108069] ret_from_fork_asm+0x1a/0x30 [ 15.108099] </TASK> [ 15.108109] [ 15.118842] Allocated by task 279: [ 15.118979] kasan_save_stack+0x45/0x70 [ 15.119233] kasan_save_track+0x18/0x40 [ 15.119509] kasan_save_alloc_info+0x3b/0x50 [ 15.119724] __kasan_kmalloc+0xb7/0xc0 [ 15.119892] __kmalloc_cache_noprof+0x189/0x420 [ 15.120096] kasan_bitops_generic+0x92/0x1c0 [ 15.120278] kunit_try_run_case+0x1a5/0x480 [ 15.120463] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.120716] kthread+0x337/0x6f0 [ 15.120937] ret_from_fork+0x116/0x1d0 [ 15.121103] ret_from_fork_asm+0x1a/0x30 [ 15.121277] [ 15.121421] The buggy address belongs to the object at ffff88810210ec80 [ 15.121421] which belongs to the cache kmalloc-16 of size 16 [ 15.121886] The buggy address is located 8 bytes inside of [ 15.121886] allocated 9-byte region [ffff88810210ec80, ffff88810210ec89) [ 15.122263] [ 15.122337] The buggy address belongs to the physical page: [ 15.122512] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10210e [ 15.122877] flags: 0x200000000000000(node=0|zone=2) [ 15.123111] page_type: f5(slab) [ 15.123315] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.123667] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.123991] page dumped because: kasan: bad access detected [ 15.124178] [ 15.124249] Memory state around the buggy address: [ 15.124472] ffff88810210eb80: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.124785] ffff88810210ec00: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 15.125000] >ffff88810210ec80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.125247] ^ [ 15.125397] ffff88810210ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.125722] ffff88810210ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.126038] ================================================================== [ 15.144489] ================================================================== [ 15.144863] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.145285] Write of size 8 at addr ffff88810210ec88 by task kunit_try_catch/279 [ 15.145637] [ 15.145749] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 15.145793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.145805] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.145827] Call Trace: [ 15.145843] <TASK> [ 15.145859] dump_stack_lvl+0x73/0xb0 [ 15.145885] print_report+0xd1/0x610 [ 15.145907] ? __virt_addr_valid+0x1db/0x2d0 [ 15.145929] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.145955] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.145977] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.146004] kasan_report+0x141/0x180 [ 15.146026] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.146056] kasan_check_range+0x10c/0x1c0 [ 15.146080] __kasan_check_write+0x18/0x20 [ 15.146098] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.146125] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.146164] ? ret_from_fork_asm+0x1a/0x30 [ 15.146185] ? kthread+0x337/0x6f0 [ 15.146210] kasan_bitops_generic+0x121/0x1c0 [ 15.146233] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.146255] ? trace_hardirqs_on+0x37/0xe0 [ 15.146279] ? __pfx_read_tsc+0x10/0x10 [ 15.146319] ? ktime_get_ts64+0x86/0x230 [ 15.146340] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.146365] kunit_try_run_case+0x1a5/0x480 [ 15.146389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.146413] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.146439] ? __kthread_parkme+0x82/0x180 [ 15.146458] ? preempt_count_sub+0x50/0x80 [ 15.146482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.146506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.146529] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.146552] kthread+0x337/0x6f0 [ 15.146572] ? trace_preempt_on+0x20/0xc0 [ 15.146593] ? __pfx_kthread+0x10/0x10 [ 15.146614] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.146635] ? calculate_sigpending+0x7b/0xa0 [ 15.146659] ? __pfx_kthread+0x10/0x10 [ 15.146680] ret_from_fork+0x116/0x1d0 [ 15.146697] ? __pfx_kthread+0x10/0x10 [ 15.146718] ret_from_fork_asm+0x1a/0x30 [ 15.146747] </TASK> [ 15.146758] [ 15.154946] Allocated by task 279: [ 15.155134] kasan_save_stack+0x45/0x70 [ 15.155933] kasan_save_track+0x18/0x40 [ 15.156131] kasan_save_alloc_info+0x3b/0x50 [ 15.156563] __kasan_kmalloc+0xb7/0xc0 [ 15.156928] __kmalloc_cache_noprof+0x189/0x420 [ 15.157157] kasan_bitops_generic+0x92/0x1c0 [ 15.157567] kunit_try_run_case+0x1a5/0x480 [ 15.158006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.158280] kthread+0x337/0x6f0 [ 15.158656] ret_from_fork+0x116/0x1d0 [ 15.158848] ret_from_fork_asm+0x1a/0x30 [ 15.159026] [ 15.159116] The buggy address belongs to the object at ffff88810210ec80 [ 15.159116] which belongs to the cache kmalloc-16 of size 16 [ 15.159547] The buggy address is located 8 bytes inside of [ 15.159547] allocated 9-byte region [ffff88810210ec80, ffff88810210ec89) [ 15.160077] [ 15.160186] The buggy address belongs to the physical page: [ 15.160439] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10210e [ 15.160720] flags: 0x200000000000000(node=0|zone=2) [ 15.160961] page_type: f5(slab) [ 15.161126] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.161410] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.161747] page dumped because: kasan: bad access detected [ 15.161946] [ 15.162019] Memory state around the buggy address: [ 15.162256] ffff88810210eb80: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.162610] ffff88810210ec00: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 15.162836] >ffff88810210ec80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.163112] ^ [ 15.163314] ffff88810210ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.163616] ffff88810210ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.163886] ================================================================== [ 15.183351] ================================================================== [ 15.183666] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.184060] Read of size 8 at addr ffff88810210ec88 by task kunit_try_catch/279 [ 15.184397] [ 15.184504] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 15.184547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.184559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.184580] Call Trace: [ 15.184594] <TASK> [ 15.184608] dump_stack_lvl+0x73/0xb0 [ 15.184634] print_report+0xd1/0x610 [ 15.184656] ? __virt_addr_valid+0x1db/0x2d0 [ 15.184677] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.184703] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.184725] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.184752] kasan_report+0x141/0x180 [ 15.184773] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.184805] __asan_report_load8_noabort+0x18/0x20 [ 15.184829] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.184856] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.184886] ? ret_from_fork_asm+0x1a/0x30 [ 15.184908] ? kthread+0x337/0x6f0 [ 15.184932] kasan_bitops_generic+0x121/0x1c0 [ 15.184955] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.184978] ? trace_hardirqs_on+0x37/0xe0 [ 15.185000] ? __pfx_read_tsc+0x10/0x10 [ 15.185021] ? ktime_get_ts64+0x86/0x230 [ 15.185040] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.185066] kunit_try_run_case+0x1a5/0x480 [ 15.185090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.185114] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.185138] ? __kthread_parkme+0x82/0x180 [ 15.185172] ? preempt_count_sub+0x50/0x80 [ 15.185195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.185219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.185242] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.185265] kthread+0x337/0x6f0 [ 15.185284] ? trace_preempt_on+0x20/0xc0 [ 15.185325] ? __pfx_kthread+0x10/0x10 [ 15.185346] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.185367] ? calculate_sigpending+0x7b/0xa0 [ 15.185391] ? __pfx_kthread+0x10/0x10 [ 15.185412] ret_from_fork+0x116/0x1d0 [ 15.185430] ? __pfx_kthread+0x10/0x10 [ 15.185451] ret_from_fork_asm+0x1a/0x30 [ 15.185483] </TASK> [ 15.185493] [ 15.193052] Allocated by task 279: [ 15.193232] kasan_save_stack+0x45/0x70 [ 15.193438] kasan_save_track+0x18/0x40 [ 15.193597] kasan_save_alloc_info+0x3b/0x50 [ 15.193806] __kasan_kmalloc+0xb7/0xc0 [ 15.193969] __kmalloc_cache_noprof+0x189/0x420 [ 15.194177] kasan_bitops_generic+0x92/0x1c0 [ 15.194396] kunit_try_run_case+0x1a5/0x480 [ 15.194580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.194796] kthread+0x337/0x6f0 [ 15.194949] ret_from_fork+0x116/0x1d0 [ 15.195137] ret_from_fork_asm+0x1a/0x30 [ 15.195338] [ 15.195438] The buggy address belongs to the object at ffff88810210ec80 [ 15.195438] which belongs to the cache kmalloc-16 of size 16 [ 15.195901] The buggy address is located 8 bytes inside of [ 15.195901] allocated 9-byte region [ffff88810210ec80, ffff88810210ec89) [ 15.196395] [ 15.196470] The buggy address belongs to the physical page: [ 15.196681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10210e [ 15.196927] flags: 0x200000000000000(node=0|zone=2) [ 15.197092] page_type: f5(slab) [ 15.197252] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.197624] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.197960] page dumped because: kasan: bad access detected [ 15.198217] [ 15.198311] Memory state around the buggy address: [ 15.198474] ffff88810210eb80: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.198765] ffff88810210ec00: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 15.199082] >ffff88810210ec80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.199439] ^ [ 15.199611] ffff88810210ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.199901] ffff88810210ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.200179] ================================================================== [ 15.061254] ================================================================== [ 15.061764] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.062209] Write of size 8 at addr ffff88810210ec88 by task kunit_try_catch/279 [ 15.062702] [ 15.062987] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 15.063036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.063048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.063090] Call Trace: [ 15.063109] <TASK> [ 15.063126] dump_stack_lvl+0x73/0xb0 [ 15.063167] print_report+0xd1/0x610 [ 15.063190] ? __virt_addr_valid+0x1db/0x2d0 [ 15.063215] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.063245] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.063268] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.063298] kasan_report+0x141/0x180 [ 15.063332] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.063365] kasan_check_range+0x10c/0x1c0 [ 15.063390] __kasan_check_write+0x18/0x20 [ 15.063409] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.063436] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.063466] ? ret_from_fork_asm+0x1a/0x30 [ 15.063488] ? kthread+0x337/0x6f0 [ 15.063513] kasan_bitops_generic+0x121/0x1c0 [ 15.063536] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.063559] ? trace_hardirqs_on+0x37/0xe0 [ 15.063583] ? __pfx_read_tsc+0x10/0x10 [ 15.063604] ? ktime_get_ts64+0x86/0x230 [ 15.063624] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.063651] kunit_try_run_case+0x1a5/0x480 [ 15.063675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.063699] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.063723] ? __kthread_parkme+0x82/0x180 [ 15.063744] ? preempt_count_sub+0x50/0x80 [ 15.063767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.063791] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.063814] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.063837] kthread+0x337/0x6f0 [ 15.063856] ? trace_preempt_on+0x20/0xc0 [ 15.063877] ? __pfx_kthread+0x10/0x10 [ 15.063898] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.063919] ? calculate_sigpending+0x7b/0xa0 [ 15.063943] ? __pfx_kthread+0x10/0x10 [ 15.063964] ret_from_fork+0x116/0x1d0 [ 15.063982] ? __pfx_kthread+0x10/0x10 [ 15.064002] ret_from_fork_asm+0x1a/0x30 [ 15.064032] </TASK> [ 15.064042] [ 15.072999] Allocated by task 279: [ 15.073125] kasan_save_stack+0x45/0x70 [ 15.073328] kasan_save_track+0x18/0x40 [ 15.073542] kasan_save_alloc_info+0x3b/0x50 [ 15.073790] __kasan_kmalloc+0xb7/0xc0 [ 15.073960] __kmalloc_cache_noprof+0x189/0x420 [ 15.074192] kasan_bitops_generic+0x92/0x1c0 [ 15.074419] kunit_try_run_case+0x1a5/0x480 [ 15.074613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.074856] kthread+0x337/0x6f0 [ 15.074986] ret_from_fork+0x116/0x1d0 [ 15.075201] ret_from_fork_asm+0x1a/0x30 [ 15.075410] [ 15.075521] The buggy address belongs to the object at ffff88810210ec80 [ 15.075521] which belongs to the cache kmalloc-16 of size 16 [ 15.075973] The buggy address is located 8 bytes inside of [ 15.075973] allocated 9-byte region [ffff88810210ec80, ffff88810210ec89) [ 15.076529] [ 15.076644] The buggy address belongs to the physical page: [ 15.076882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10210e [ 15.077217] flags: 0x200000000000000(node=0|zone=2) [ 15.077500] page_type: f5(slab) [ 15.077657] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.077958] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.078287] page dumped because: kasan: bad access detected [ 15.078592] [ 15.078698] Memory state around the buggy address: [ 15.078916] ffff88810210eb80: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.079223] ffff88810210ec00: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 15.079549] >ffff88810210ec80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.079895] ^ [ 15.080090] ffff88810210ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.080411] ffff88810210ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.080816] ================================================================== [ 15.039746] ================================================================== [ 15.040119] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.040588] Write of size 8 at addr ffff88810210ec88 by task kunit_try_catch/279 [ 15.040878] [ 15.040989] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 15.041051] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.041063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.041085] Call Trace: [ 15.041119] <TASK> [ 15.041134] dump_stack_lvl+0x73/0xb0 [ 15.041172] print_report+0xd1/0x610 [ 15.041194] ? __virt_addr_valid+0x1db/0x2d0 [ 15.041216] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.041241] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.041264] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.041291] kasan_report+0x141/0x180 [ 15.041331] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.041363] kasan_check_range+0x10c/0x1c0 [ 15.041386] __kasan_check_write+0x18/0x20 [ 15.041405] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.041444] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.041472] ? ret_from_fork_asm+0x1a/0x30 [ 15.041494] ? kthread+0x337/0x6f0 [ 15.041518] kasan_bitops_generic+0x121/0x1c0 [ 15.041541] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.041564] ? trace_hardirqs_on+0x37/0xe0 [ 15.041587] ? __pfx_read_tsc+0x10/0x10 [ 15.041608] ? ktime_get_ts64+0x86/0x230 [ 15.041629] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.041673] kunit_try_run_case+0x1a5/0x480 [ 15.041697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.041721] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.041746] ? __kthread_parkme+0x82/0x180 [ 15.041766] ? preempt_count_sub+0x50/0x80 [ 15.041789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.041813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.041850] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.041875] kthread+0x337/0x6f0 [ 15.041894] ? trace_preempt_on+0x20/0xc0 [ 15.041929] ? __pfx_kthread+0x10/0x10 [ 15.041950] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.041984] ? calculate_sigpending+0x7b/0xa0 [ 15.042007] ? __pfx_kthread+0x10/0x10 [ 15.042028] ret_from_fork+0x116/0x1d0 [ 15.042060] ? __pfx_kthread+0x10/0x10 [ 15.042093] ret_from_fork_asm+0x1a/0x30 [ 15.042123] </TASK> [ 15.042133] [ 15.050952] Allocated by task 279: [ 15.051176] kasan_save_stack+0x45/0x70 [ 15.051420] kasan_save_track+0x18/0x40 [ 15.051559] kasan_save_alloc_info+0x3b/0x50 [ 15.051791] __kasan_kmalloc+0xb7/0xc0 [ 15.051982] __kmalloc_cache_noprof+0x189/0x420 [ 15.052189] kasan_bitops_generic+0x92/0x1c0 [ 15.052482] kunit_try_run_case+0x1a5/0x480 [ 15.052685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.052923] kthread+0x337/0x6f0 [ 15.053110] ret_from_fork+0x116/0x1d0 [ 15.053300] ret_from_fork_asm+0x1a/0x30 [ 15.053509] [ 15.053649] The buggy address belongs to the object at ffff88810210ec80 [ 15.053649] which belongs to the cache kmalloc-16 of size 16 [ 15.054117] The buggy address is located 8 bytes inside of [ 15.054117] allocated 9-byte region [ffff88810210ec80, ffff88810210ec89) [ 15.054682] [ 15.054799] The buggy address belongs to the physical page: [ 15.055095] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10210e [ 15.055477] flags: 0x200000000000000(node=0|zone=2) [ 15.055721] page_type: f5(slab) [ 15.055889] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.056241] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.056759] page dumped because: kasan: bad access detected [ 15.056930] [ 15.056999] Memory state around the buggy address: [ 15.057164] ffff88810210eb80: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.057381] ffff88810210ec00: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 15.057709] >ffff88810210ec80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.058044] ^ [ 15.058259] ffff88810210ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.059125] ffff88810210ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.060079] ================================================================== [ 15.126798] ================================================================== [ 15.127135] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.127488] Write of size 8 at addr ffff88810210ec88 by task kunit_try_catch/279 [ 15.127806] [ 15.127920] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 15.127966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.127979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.128001] Call Trace: [ 15.128020] <TASK> [ 15.128037] dump_stack_lvl+0x73/0xb0 [ 15.128066] print_report+0xd1/0x610 [ 15.128088] ? __virt_addr_valid+0x1db/0x2d0 [ 15.128110] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.128137] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.128169] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.128195] kasan_report+0x141/0x180 [ 15.128217] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.128249] kasan_check_range+0x10c/0x1c0 [ 15.128272] __kasan_check_write+0x18/0x20 [ 15.128290] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.128343] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.128370] ? ret_from_fork_asm+0x1a/0x30 [ 15.128393] ? kthread+0x337/0x6f0 [ 15.128417] kasan_bitops_generic+0x121/0x1c0 [ 15.128441] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.128463] ? trace_hardirqs_on+0x37/0xe0 [ 15.128487] ? __pfx_read_tsc+0x10/0x10 [ 15.128508] ? ktime_get_ts64+0x86/0x230 [ 15.128530] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.128556] kunit_try_run_case+0x1a5/0x480 [ 15.128580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.128604] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.128629] ? __kthread_parkme+0x82/0x180 [ 15.128649] ? preempt_count_sub+0x50/0x80 [ 15.128673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.128696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.128720] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.128745] kthread+0x337/0x6f0 [ 15.128764] ? trace_preempt_on+0x20/0xc0 [ 15.128785] ? __pfx_kthread+0x10/0x10 [ 15.128806] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.128827] ? calculate_sigpending+0x7b/0xa0 [ 15.128850] ? __pfx_kthread+0x10/0x10 [ 15.128871] ret_from_fork+0x116/0x1d0 [ 15.128889] ? __pfx_kthread+0x10/0x10 [ 15.128909] ret_from_fork_asm+0x1a/0x30 [ 15.128938] </TASK> [ 15.128949] [ 15.136762] Allocated by task 279: [ 15.136897] kasan_save_stack+0x45/0x70 [ 15.137046] kasan_save_track+0x18/0x40 [ 15.137246] kasan_save_alloc_info+0x3b/0x50 [ 15.137486] __kasan_kmalloc+0xb7/0xc0 [ 15.137678] __kmalloc_cache_noprof+0x189/0x420 [ 15.137890] kasan_bitops_generic+0x92/0x1c0 [ 15.138094] kunit_try_run_case+0x1a5/0x480 [ 15.138333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.138548] kthread+0x337/0x6f0 [ 15.138705] ret_from_fork+0x116/0x1d0 [ 15.138891] ret_from_fork_asm+0x1a/0x30 [ 15.139083] [ 15.139176] The buggy address belongs to the object at ffff88810210ec80 [ 15.139176] which belongs to the cache kmalloc-16 of size 16 [ 15.139687] The buggy address is located 8 bytes inside of [ 15.139687] allocated 9-byte region [ffff88810210ec80, ffff88810210ec89) [ 15.140116] [ 15.140199] The buggy address belongs to the physical page: [ 15.140404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10210e [ 15.140649] flags: 0x200000000000000(node=0|zone=2) [ 15.140816] page_type: f5(slab) [ 15.140939] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.141270] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.141628] page dumped because: kasan: bad access detected [ 15.141880] [ 15.141974] Memory state around the buggy address: [ 15.142210] ffff88810210eb80: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.142554] ffff88810210ec00: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 15.142876] >ffff88810210ec80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.143209] ^ [ 15.143412] ffff88810210ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.143707] ffff88810210ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.143947] ================================================================== [ 15.165648] ================================================================== [ 15.166049] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.166449] Read of size 8 at addr ffff88810210ec88 by task kunit_try_catch/279 [ 15.166736] [ 15.166850] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 15.166895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.166906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.166928] Call Trace: [ 15.166941] <TASK> [ 15.166955] dump_stack_lvl+0x73/0xb0 [ 15.166983] print_report+0xd1/0x610 [ 15.167004] ? __virt_addr_valid+0x1db/0x2d0 [ 15.167026] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.167052] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.167074] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.167101] kasan_report+0x141/0x180 [ 15.167123] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.167163] kasan_check_range+0x10c/0x1c0 [ 15.167187] __kasan_check_read+0x15/0x20 [ 15.167206] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.167233] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.167261] ? ret_from_fork_asm+0x1a/0x30 [ 15.167283] ? kthread+0x337/0x6f0 [ 15.167327] kasan_bitops_generic+0x121/0x1c0 [ 15.167350] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.167373] ? trace_hardirqs_on+0x37/0xe0 [ 15.167399] ? __pfx_read_tsc+0x10/0x10 [ 15.167420] ? ktime_get_ts64+0x86/0x230 [ 15.167442] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.167467] kunit_try_run_case+0x1a5/0x480 [ 15.167492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.167516] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.167540] ? __kthread_parkme+0x82/0x180 [ 15.167561] ? preempt_count_sub+0x50/0x80 [ 15.167585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.167609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.167632] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.167656] kthread+0x337/0x6f0 [ 15.167674] ? trace_preempt_on+0x20/0xc0 [ 15.167696] ? __pfx_kthread+0x10/0x10 [ 15.167716] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.167737] ? calculate_sigpending+0x7b/0xa0 [ 15.167761] ? __pfx_kthread+0x10/0x10 [ 15.167782] ret_from_fork+0x116/0x1d0 [ 15.167800] ? __pfx_kthread+0x10/0x10 [ 15.167821] ret_from_fork_asm+0x1a/0x30 [ 15.167850] </TASK> [ 15.167860] [ 15.175772] Allocated by task 279: [ 15.175921] kasan_save_stack+0x45/0x70 [ 15.176119] kasan_save_track+0x18/0x40 [ 15.176311] kasan_save_alloc_info+0x3b/0x50 [ 15.176517] __kasan_kmalloc+0xb7/0xc0 [ 15.176680] __kmalloc_cache_noprof+0x189/0x420 [ 15.176896] kasan_bitops_generic+0x92/0x1c0 [ 15.177076] kunit_try_run_case+0x1a5/0x480 [ 15.177282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.177498] kthread+0x337/0x6f0 [ 15.177672] ret_from_fork+0x116/0x1d0 [ 15.177841] ret_from_fork_asm+0x1a/0x30 [ 15.177982] [ 15.178054] The buggy address belongs to the object at ffff88810210ec80 [ 15.178054] which belongs to the cache kmalloc-16 of size 16 [ 15.178446] The buggy address is located 8 bytes inside of [ 15.178446] allocated 9-byte region [ffff88810210ec80, ffff88810210ec89) [ 15.178942] [ 15.179036] The buggy address belongs to the physical page: [ 15.179315] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10210e [ 15.179664] flags: 0x200000000000000(node=0|zone=2) [ 15.179830] page_type: f5(slab) [ 15.179952] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.180213] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.180587] page dumped because: kasan: bad access detected [ 15.180841] [ 15.180938] Memory state around the buggy address: [ 15.181171] ffff88810210eb80: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.181515] ffff88810210ec00: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 15.181826] >ffff88810210ec80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.182089] ^ [ 15.182263] ffff88810210ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.182519] ffff88810210ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.182835] ================================================================== [ 15.017513] ================================================================== [ 15.017843] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.018237] Write of size 8 at addr ffff88810210ec88 by task kunit_try_catch/279 [ 15.018638] [ 15.018770] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 15.018826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.018838] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.018859] Call Trace: [ 15.018874] <TASK> [ 15.018888] dump_stack_lvl+0x73/0xb0 [ 15.018915] print_report+0xd1/0x610 [ 15.018936] ? __virt_addr_valid+0x1db/0x2d0 [ 15.018959] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.018986] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.019007] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.019052] kasan_report+0x141/0x180 [ 15.019086] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.019118] kasan_check_range+0x10c/0x1c0 [ 15.019140] __kasan_check_write+0x18/0x20 [ 15.019171] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.019198] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.019226] ? ret_from_fork_asm+0x1a/0x30 [ 15.019247] ? kthread+0x337/0x6f0 [ 15.019270] kasan_bitops_generic+0x121/0x1c0 [ 15.019294] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.019317] ? trace_hardirqs_on+0x37/0xe0 [ 15.019340] ? __pfx_read_tsc+0x10/0x10 [ 15.019361] ? ktime_get_ts64+0x86/0x230 [ 15.019381] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.019407] kunit_try_run_case+0x1a5/0x480 [ 15.019431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.019456] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.019479] ? __kthread_parkme+0x82/0x180 [ 15.019498] ? preempt_count_sub+0x50/0x80 [ 15.019521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.019545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.019588] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.019612] kthread+0x337/0x6f0 [ 15.019631] ? trace_preempt_on+0x20/0xc0 [ 15.019652] ? __pfx_kthread+0x10/0x10 [ 15.019673] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.019694] ? calculate_sigpending+0x7b/0xa0 [ 15.019717] ? __pfx_kthread+0x10/0x10 [ 15.019739] ret_from_fork+0x116/0x1d0 [ 15.019756] ? __pfx_kthread+0x10/0x10 [ 15.019777] ret_from_fork_asm+0x1a/0x30 [ 15.019806] </TASK> [ 15.019816] [ 15.028904] Allocated by task 279: [ 15.029606] kasan_save_stack+0x45/0x70 [ 15.029833] kasan_save_track+0x18/0x40 [ 15.029996] kasan_save_alloc_info+0x3b/0x50 [ 15.030216] __kasan_kmalloc+0xb7/0xc0 [ 15.030401] __kmalloc_cache_noprof+0x189/0x420 [ 15.030882] kasan_bitops_generic+0x92/0x1c0 [ 15.031226] kunit_try_run_case+0x1a5/0x480 [ 15.031582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.031879] kthread+0x337/0x6f0 [ 15.032064] ret_from_fork+0x116/0x1d0 [ 15.032380] ret_from_fork_asm+0x1a/0x30 [ 15.032733] [ 15.032845] The buggy address belongs to the object at ffff88810210ec80 [ 15.032845] which belongs to the cache kmalloc-16 of size 16 [ 15.033616] The buggy address is located 8 bytes inside of [ 15.033616] allocated 9-byte region [ffff88810210ec80, ffff88810210ec89) [ 15.034257] [ 15.034346] The buggy address belongs to the physical page: [ 15.034797] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10210e [ 15.035133] flags: 0x200000000000000(node=0|zone=2) [ 15.035523] page_type: f5(slab) [ 15.035723] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.036184] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.036762] page dumped because: kasan: bad access detected [ 15.037029] [ 15.037279] Memory state around the buggy address: [ 15.037493] ffff88810210eb80: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.037788] ffff88810210ec00: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 15.038089] >ffff88810210ec80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.038394] ^ [ 15.038585] ffff88810210ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.038860] ffff88810210ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.039172] ================================================================== [ 15.081495] ================================================================== [ 15.082047] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.082363] Write of size 8 at addr ffff88810210ec88 by task kunit_try_catch/279 [ 15.082694] [ 15.082799] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc7 #1 PREEMPT(voluntary) [ 15.082841] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.082853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.082874] Call Trace: [ 15.082914] <TASK> [ 15.082928] dump_stack_lvl+0x73/0xb0 [ 15.082954] print_report+0xd1/0x610 [ 15.082975] ? __virt_addr_valid+0x1db/0x2d0 [ 15.082997] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.083023] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.083045] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.083089] kasan_report+0x141/0x180 [ 15.083111] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.083152] kasan_check_range+0x10c/0x1c0 [ 15.083176] __kasan_check_write+0x18/0x20 [ 15.083195] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.083221] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.083249] ? ret_from_fork_asm+0x1a/0x30 [ 15.083272] ? kthread+0x337/0x6f0 [ 15.083313] kasan_bitops_generic+0x121/0x1c0 [ 15.083337] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.083359] ? trace_hardirqs_on+0x37/0xe0 [ 15.083382] ? __pfx_read_tsc+0x10/0x10 [ 15.083402] ? ktime_get_ts64+0x86/0x230 [ 15.083425] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.083451] kunit_try_run_case+0x1a5/0x480 [ 15.083475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.083499] ? queued_spin_lock_slowpath+0x116/0xb40 [ 15.083523] ? __kthread_parkme+0x82/0x180 [ 15.083559] ? preempt_count_sub+0x50/0x80 [ 15.083582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.083619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.083642] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.083679] kthread+0x337/0x6f0 [ 15.083711] ? trace_preempt_on+0x20/0xc0 [ 15.083732] ? __pfx_kthread+0x10/0x10 [ 15.083766] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.083799] ? calculate_sigpending+0x7b/0xa0 [ 15.083836] ? __pfx_kthread+0x10/0x10 [ 15.083857] ret_from_fork+0x116/0x1d0 [ 15.083889] ? __pfx_kthread+0x10/0x10 [ 15.083922] ret_from_fork_asm+0x1a/0x30 [ 15.083951] </TASK> [ 15.083961] [ 15.094015] Allocated by task 279: [ 15.094403] kasan_save_stack+0x45/0x70 [ 15.094784] kasan_save_track+0x18/0x40 [ 15.095151] kasan_save_alloc_info+0x3b/0x50 [ 15.095564] __kasan_kmalloc+0xb7/0xc0 [ 15.095923] __kmalloc_cache_noprof+0x189/0x420 [ 15.096379] kasan_bitops_generic+0x92/0x1c0 [ 15.096720] kunit_try_run_case+0x1a5/0x480 [ 15.096992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.097182] kthread+0x337/0x6f0 [ 15.097306] ret_from_fork+0x116/0x1d0 [ 15.097660] ret_from_fork_asm+0x1a/0x30 [ 15.098041] [ 15.098209] The buggy address belongs to the object at ffff88810210ec80 [ 15.098209] which belongs to the cache kmalloc-16 of size 16 [ 15.099443] The buggy address is located 8 bytes inside of [ 15.099443] allocated 9-byte region [ffff88810210ec80, ffff88810210ec89) [ 15.100441] [ 15.100517] The buggy address belongs to the physical page: [ 15.100694] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10210e [ 15.100939] flags: 0x200000000000000(node=0|zone=2) [ 15.101104] page_type: f5(slab) [ 15.101356] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.102049] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.102557] page dumped because: kasan: bad access detected [ 15.102734] [ 15.102805] Memory state around the buggy address: [ 15.102963] ffff88810210eb80: 00 02 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.103198] ffff88810210ec00: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 15.103544] >ffff88810210ec80: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.103860] ^ [ 15.104034] ffff88810210ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.104404] ffff88810210ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.104693] ==================================================================