Date
June 7, 2025, 10:40 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 27.007496] ================================================================== [ 27.008315] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc8 [ 27.009259] Write of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 27.011576] [ 27.012239] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.012446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.012519] Hardware name: linux,dummy-virt (DT) [ 27.012605] Call trace: [ 27.012666] show_stack+0x20/0x38 (C) [ 27.012801] dump_stack_lvl+0x8c/0xd0 [ 27.013584] print_report+0x118/0x608 [ 27.013726] kasan_report+0xdc/0x128 [ 27.013853] kasan_check_range+0x100/0x1a8 [ 27.014003] __kasan_check_write+0x20/0x30 [ 27.014134] kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc8 [ 27.014292] kasan_bitops_generic+0x11c/0x1c8 [ 27.014417] kunit_try_run_case+0x170/0x3f0 [ 27.014554] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.014690] kthread+0x318/0x620 [ 27.014816] ret_from_fork+0x10/0x20 [ 27.014965] [ 27.028840] Allocated by task 250: [ 27.030320] kasan_save_stack+0x3c/0x68 [ 27.031804] kasan_save_track+0x20/0x40 [ 27.033286] kasan_save_alloc_info+0x40/0x58 [ 27.034470] __kasan_kmalloc+0xd4/0xd8 [ 27.036080] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.036520] kasan_bitops_generic+0xa0/0x1c8 [ 27.037832] kunit_try_run_case+0x170/0x3f0 [ 27.039368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.041309] kthread+0x318/0x620 [ 27.042091] ret_from_fork+0x10/0x20 [ 27.043554] [ 27.044150] The buggy address belongs to the object at fff00000c596b740 [ 27.044150] which belongs to the cache kmalloc-16 of size 16 [ 27.045797] The buggy address is located 8 bytes inside of [ 27.045797] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 27.049136] [ 27.050085] The buggy address belongs to the physical page: [ 27.051345] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 27.051979] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.052521] page_type: f5(slab) [ 27.052870] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.056520] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.058729] page dumped because: kasan: bad access detected [ 27.059992] [ 27.060963] Memory state around the buggy address: [ 27.062639] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 27.064653] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 27.066282] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 27.067874] ^ [ 27.068335] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.069845] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.072358] ================================================================== [ 27.158971] ================================================================== [ 27.159744] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc8 [ 27.160533] Write of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 27.163822] [ 27.164184] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.164384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.164453] Hardware name: linux,dummy-virt (DT) [ 27.164537] Call trace: [ 27.164592] show_stack+0x20/0x38 (C) [ 27.164715] dump_stack_lvl+0x8c/0xd0 [ 27.164829] print_report+0x118/0x608 [ 27.165516] kasan_report+0xdc/0x128 [ 27.165645] kasan_check_range+0x100/0x1a8 [ 27.165762] __kasan_check_write+0x20/0x30 [ 27.165909] kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc8 [ 27.166059] kasan_bitops_generic+0x11c/0x1c8 [ 27.166197] kunit_try_run_case+0x170/0x3f0 [ 27.166331] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.166473] kthread+0x318/0x620 [ 27.166595] ret_from_fork+0x10/0x20 [ 27.166724] [ 27.178431] Allocated by task 250: [ 27.179861] kasan_save_stack+0x3c/0x68 [ 27.181063] kasan_save_track+0x20/0x40 [ 27.181782] kasan_save_alloc_info+0x40/0x58 [ 27.183073] __kasan_kmalloc+0xd4/0xd8 [ 27.184198] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.184644] kasan_bitops_generic+0xa0/0x1c8 [ 27.185866] kunit_try_run_case+0x170/0x3f0 [ 27.186502] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.188187] kthread+0x318/0x620 [ 27.189764] ret_from_fork+0x10/0x20 [ 27.190495] [ 27.190756] The buggy address belongs to the object at fff00000c596b740 [ 27.190756] which belongs to the cache kmalloc-16 of size 16 [ 27.192773] The buggy address is located 8 bytes inside of [ 27.192773] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 27.195101] [ 27.195436] The buggy address belongs to the physical page: [ 27.196823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 27.197926] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.199318] page_type: f5(slab) [ 27.199706] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.201993] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.203258] page dumped because: kasan: bad access detected [ 27.204658] [ 27.205470] Memory state around the buggy address: [ 27.206075] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 27.206633] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 27.207488] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 27.209820] ^ [ 27.211107] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.212635] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.213416] ================================================================== [ 27.344512] ================================================================== [ 27.347579] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xad4/0xbc8 [ 27.349675] Read of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 27.352036] [ 27.352307] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.352513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.352601] Hardware name: linux,dummy-virt (DT) [ 27.352693] Call trace: [ 27.352755] show_stack+0x20/0x38 (C) [ 27.353525] dump_stack_lvl+0x8c/0xd0 [ 27.353661] print_report+0x118/0x608 [ 27.353782] kasan_report+0xdc/0x128 [ 27.353918] __asan_report_load8_noabort+0x20/0x30 [ 27.354047] kasan_bitops_test_and_modify.constprop.0+0xad4/0xbc8 [ 27.354192] kasan_bitops_generic+0x11c/0x1c8 [ 27.354336] kunit_try_run_case+0x170/0x3f0 [ 27.354448] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.354575] kthread+0x318/0x620 [ 27.354688] ret_from_fork+0x10/0x20 [ 27.354804] [ 27.368582] Allocated by task 250: [ 27.369372] kasan_save_stack+0x3c/0x68 [ 27.370023] kasan_save_track+0x20/0x40 [ 27.370538] kasan_save_alloc_info+0x40/0x58 [ 27.371617] __kasan_kmalloc+0xd4/0xd8 [ 27.373030] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.373804] kasan_bitops_generic+0xa0/0x1c8 [ 27.375148] kunit_try_run_case+0x170/0x3f0 [ 27.375584] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.376085] kthread+0x318/0x620 [ 27.376438] ret_from_fork+0x10/0x20 [ 27.376824] [ 27.378181] The buggy address belongs to the object at fff00000c596b740 [ 27.378181] which belongs to the cache kmalloc-16 of size 16 [ 27.383208] The buggy address is located 8 bytes inside of [ 27.383208] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 27.384093] [ 27.384343] The buggy address belongs to the physical page: [ 27.384782] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 27.387468] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.389176] page_type: f5(slab) [ 27.389687] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.397016] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.398145] page dumped because: kasan: bad access detected [ 27.398821] [ 27.400047] Memory state around the buggy address: [ 27.400471] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 27.404344] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 27.405287] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 27.405821] ^ [ 27.408055] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.410098] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.412925] ================================================================== [ 27.216283] ================================================================== [ 27.218070] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa50/0xbc8 [ 27.220442] Read of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 27.222386] [ 27.222725] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.223874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.223969] Hardware name: linux,dummy-virt (DT) [ 27.224055] Call trace: [ 27.224111] show_stack+0x20/0x38 (C) [ 27.224239] dump_stack_lvl+0x8c/0xd0 [ 27.224358] print_report+0x118/0x608 [ 27.224475] kasan_report+0xdc/0x128 [ 27.224593] __asan_report_load8_noabort+0x20/0x30 [ 27.224711] kasan_bitops_test_and_modify.constprop.0+0xa50/0xbc8 [ 27.224847] kasan_bitops_generic+0x11c/0x1c8 [ 27.225231] kunit_try_run_case+0x170/0x3f0 [ 27.225368] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.225507] kthread+0x318/0x620 [ 27.225635] ret_from_fork+0x10/0x20 [ 27.225767] [ 27.237055] Allocated by task 250: [ 27.237527] kasan_save_stack+0x3c/0x68 [ 27.239413] kasan_save_track+0x20/0x40 [ 27.239903] kasan_save_alloc_info+0x40/0x58 [ 27.242104] __kasan_kmalloc+0xd4/0xd8 [ 27.243381] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.244135] kasan_bitops_generic+0xa0/0x1c8 [ 27.244554] kunit_try_run_case+0x170/0x3f0 [ 27.245566] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.247298] kthread+0x318/0x620 [ 27.248515] ret_from_fork+0x10/0x20 [ 27.249475] [ 27.250294] The buggy address belongs to the object at fff00000c596b740 [ 27.250294] which belongs to the cache kmalloc-16 of size 16 [ 27.251374] The buggy address is located 8 bytes inside of [ 27.251374] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 27.252588] [ 27.252845] The buggy address belongs to the physical page: [ 27.257189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 27.259080] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.260529] page_type: f5(slab) [ 27.261427] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.263753] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.265636] page dumped because: kasan: bad access detected [ 27.268114] [ 27.268415] Memory state around the buggy address: [ 27.268851] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 27.270797] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 27.274289] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 27.275663] ^ [ 27.277044] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.277707] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.282329] ================================================================== [ 27.503299] ================================================================== [ 27.504236] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa44/0xbc8 [ 27.506448] Read of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 27.507551] [ 27.509691] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.509916] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.509989] Hardware name: linux,dummy-virt (DT) [ 27.510070] Call trace: [ 27.510126] show_stack+0x20/0x38 (C) [ 27.510266] dump_stack_lvl+0x8c/0xd0 [ 27.510383] print_report+0x118/0x608 [ 27.510505] kasan_report+0xdc/0x128 [ 27.510618] __asan_report_load8_noabort+0x20/0x30 [ 27.510736] kasan_bitops_test_and_modify.constprop.0+0xa44/0xbc8 [ 27.510874] kasan_bitops_generic+0x11c/0x1c8 [ 27.511021] kunit_try_run_case+0x170/0x3f0 [ 27.511143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.511274] kthread+0x318/0x620 [ 27.511389] ret_from_fork+0x10/0x20 [ 27.511510] [ 27.529680] Allocated by task 250: [ 27.530210] kasan_save_stack+0x3c/0x68 [ 27.530760] kasan_save_track+0x20/0x40 [ 27.534281] kasan_save_alloc_info+0x40/0x58 [ 27.535574] __kasan_kmalloc+0xd4/0xd8 [ 27.537315] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.537748] kasan_bitops_generic+0xa0/0x1c8 [ 27.538207] kunit_try_run_case+0x170/0x3f0 [ 27.538581] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.539097] kthread+0x318/0x620 [ 27.539455] ret_from_fork+0x10/0x20 [ 27.539822] [ 27.543971] The buggy address belongs to the object at fff00000c596b740 [ 27.543971] which belongs to the cache kmalloc-16 of size 16 [ 27.548323] The buggy address is located 8 bytes inside of [ 27.548323] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 27.549655] [ 27.550658] The buggy address belongs to the physical page: [ 27.552123] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 27.553149] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.553681] page_type: f5(slab) [ 27.555088] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.555764] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.556345] page dumped because: kasan: bad access detected [ 27.556798] [ 27.557058] Memory state around the buggy address: [ 27.557472] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 27.559347] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 27.561694] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 27.562534] ^ [ 27.564491] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.565517] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.567629] ================================================================== [ 27.416415] ================================================================== [ 27.417016] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x334/0xbc8 [ 27.417676] Write of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 27.422579] [ 27.422852] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.423078] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.423150] Hardware name: linux,dummy-virt (DT) [ 27.423228] Call trace: [ 27.423285] show_stack+0x20/0x38 (C) [ 27.423412] dump_stack_lvl+0x8c/0xd0 [ 27.423529] print_report+0x118/0x608 [ 27.423645] kasan_report+0xdc/0x128 [ 27.423760] kasan_check_range+0x100/0x1a8 [ 27.423875] __kasan_check_write+0x20/0x30 [ 27.425453] kasan_bitops_test_and_modify.constprop.0+0x334/0xbc8 [ 27.425601] kasan_bitops_generic+0x11c/0x1c8 [ 27.425733] kunit_try_run_case+0x170/0x3f0 [ 27.425852] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.426008] kthread+0x318/0x620 [ 27.426122] ret_from_fork+0x10/0x20 [ 27.426254] [ 27.445477] Allocated by task 250: [ 27.445866] kasan_save_stack+0x3c/0x68 [ 27.446368] kasan_save_track+0x20/0x40 [ 27.446755] kasan_save_alloc_info+0x40/0x58 [ 27.449401] __kasan_kmalloc+0xd4/0xd8 [ 27.452336] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.453642] kasan_bitops_generic+0xa0/0x1c8 [ 27.454961] kunit_try_run_case+0x170/0x3f0 [ 27.457440] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.458859] kthread+0x318/0x620 [ 27.462778] ret_from_fork+0x10/0x20 [ 27.463423] [ 27.463748] The buggy address belongs to the object at fff00000c596b740 [ 27.463748] which belongs to the cache kmalloc-16 of size 16 [ 27.466963] The buggy address is located 8 bytes inside of [ 27.466963] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 27.469870] [ 27.471941] The buggy address belongs to the physical page: [ 27.472413] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 27.473591] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.474807] page_type: f5(slab) [ 27.476558] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.481352] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.482194] page dumped because: kasan: bad access detected [ 27.483591] [ 27.484111] Memory state around the buggy address: [ 27.486521] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 27.488361] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 27.490674] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 27.491409] ^ [ 27.492947] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.493760] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.497147] ================================================================== [ 27.575396] ================================================================== [ 27.576225] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa8c/0xbc8 [ 27.581010] Read of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 27.581754] [ 27.585222] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.585425] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.585491] Hardware name: linux,dummy-virt (DT) [ 27.585570] Call trace: [ 27.585624] show_stack+0x20/0x38 (C) [ 27.585753] dump_stack_lvl+0x8c/0xd0 [ 27.585874] print_report+0x118/0x608 [ 27.586020] kasan_report+0xdc/0x128 [ 27.586134] __asan_report_load8_noabort+0x20/0x30 [ 27.586266] kasan_bitops_test_and_modify.constprop.0+0xa8c/0xbc8 [ 27.586401] kasan_bitops_generic+0x11c/0x1c8 [ 27.586519] kunit_try_run_case+0x170/0x3f0 [ 27.586639] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.586768] kthread+0x318/0x620 [ 27.586904] ret_from_fork+0x10/0x20 [ 27.587030] [ 27.603530] Allocated by task 250: [ 27.606739] kasan_save_stack+0x3c/0x68 [ 27.607536] kasan_save_track+0x20/0x40 [ 27.608940] kasan_save_alloc_info+0x40/0x58 [ 27.609498] __kasan_kmalloc+0xd4/0xd8 [ 27.612712] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.615839] kasan_bitops_generic+0xa0/0x1c8 [ 27.616621] kunit_try_run_case+0x170/0x3f0 [ 27.619550] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.620769] kthread+0x318/0x620 [ 27.621318] ret_from_fork+0x10/0x20 [ 27.621734] [ 27.625397] The buggy address belongs to the object at fff00000c596b740 [ 27.625397] which belongs to the cache kmalloc-16 of size 16 [ 27.629746] The buggy address is located 8 bytes inside of [ 27.629746] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 27.630712] [ 27.634014] The buggy address belongs to the physical page: [ 27.634699] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 27.641605] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.642515] page_type: f5(slab) [ 27.644087] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.646778] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.650872] page dumped because: kasan: bad access detected [ 27.651474] [ 27.651713] Memory state around the buggy address: [ 27.652143] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 27.652738] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 27.656375] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 27.656930] ^ [ 27.657400] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.658979] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.661277] ================================================================== [ 27.286379] ================================================================== [ 27.287570] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc8 [ 27.288709] Write of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 27.293159] [ 27.293496] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.293690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.293753] Hardware name: linux,dummy-virt (DT) [ 27.293826] Call trace: [ 27.293877] show_stack+0x20/0x38 (C) [ 27.294649] dump_stack_lvl+0x8c/0xd0 [ 27.294770] print_report+0x118/0x608 [ 27.294930] kasan_report+0xdc/0x128 [ 27.295067] kasan_check_range+0x100/0x1a8 [ 27.295197] __kasan_check_write+0x20/0x30 [ 27.295321] kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc8 [ 27.295455] kasan_bitops_generic+0x11c/0x1c8 [ 27.295581] kunit_try_run_case+0x170/0x3f0 [ 27.295700] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.295840] kthread+0x318/0x620 [ 27.295978] ret_from_fork+0x10/0x20 [ 27.296102] [ 27.311944] Allocated by task 250: [ 27.312399] kasan_save_stack+0x3c/0x68 [ 27.312811] kasan_save_track+0x20/0x40 [ 27.313847] kasan_save_alloc_info+0x40/0x58 [ 27.315375] __kasan_kmalloc+0xd4/0xd8 [ 27.316186] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.316768] kasan_bitops_generic+0xa0/0x1c8 [ 27.317972] kunit_try_run_case+0x170/0x3f0 [ 27.318364] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.318799] kthread+0x318/0x620 [ 27.319208] ret_from_fork+0x10/0x20 [ 27.319564] [ 27.321138] The buggy address belongs to the object at fff00000c596b740 [ 27.321138] which belongs to the cache kmalloc-16 of size 16 [ 27.321966] The buggy address is located 8 bytes inside of [ 27.321966] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 27.322755] [ 27.325359] The buggy address belongs to the physical page: [ 27.325775] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 27.328226] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.329120] page_type: f5(slab) [ 27.329506] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.330133] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.330776] page dumped because: kasan: bad access detected [ 27.334562] [ 27.335068] Memory state around the buggy address: [ 27.336312] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 27.336843] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 27.338176] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 27.339860] ^ [ 27.340344] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.340862] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.342669] ================================================================== [ 27.075528] ================================================================== [ 27.077975] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa08/0xbc8 [ 27.080664] Read of size 8 at addr fff00000c596b748 by task kunit_try_catch/250 [ 27.081255] [ 27.081517] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.081709] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.081775] Hardware name: linux,dummy-virt (DT) [ 27.081853] Call trace: [ 27.084959] show_stack+0x20/0x38 (C) [ 27.085102] dump_stack_lvl+0x8c/0xd0 [ 27.085228] print_report+0x118/0x608 [ 27.085367] kasan_report+0xdc/0x128 [ 27.085500] __asan_report_load8_noabort+0x20/0x30 [ 27.085631] kasan_bitops_test_and_modify.constprop.0+0xa08/0xbc8 [ 27.085781] kasan_bitops_generic+0x11c/0x1c8 [ 27.085938] kunit_try_run_case+0x170/0x3f0 [ 27.086066] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.086216] kthread+0x318/0x620 [ 27.086335] ret_from_fork+0x10/0x20 [ 27.086454] [ 27.102439] Allocated by task 250: [ 27.102824] kasan_save_stack+0x3c/0x68 [ 27.104555] kasan_save_track+0x20/0x40 [ 27.107135] kasan_save_alloc_info+0x40/0x58 [ 27.109009] __kasan_kmalloc+0xd4/0xd8 [ 27.110167] __kmalloc_cache_noprof+0x16c/0x3c0 [ 27.111733] kasan_bitops_generic+0xa0/0x1c8 [ 27.113006] kunit_try_run_case+0x170/0x3f0 [ 27.113443] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 27.114795] kthread+0x318/0x620 [ 27.116029] ret_from_fork+0x10/0x20 [ 27.117174] [ 27.118173] The buggy address belongs to the object at fff00000c596b740 [ 27.118173] which belongs to the cache kmalloc-16 of size 16 [ 27.121459] The buggy address is located 8 bytes inside of [ 27.121459] allocated 9-byte region [fff00000c596b740, fff00000c596b749) [ 27.124385] [ 27.125138] The buggy address belongs to the physical page: [ 27.126430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10596b [ 27.127068] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 27.127617] page_type: f5(slab) [ 27.129451] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 27.131756] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 27.133488] page dumped because: kasan: bad access detected [ 27.135260] [ 27.136324] Memory state around the buggy address: [ 27.137917] fff00000c596b600: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 27.139840] fff00000c596b680: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 27.141539] >fff00000c596b700: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 27.142116] ^ [ 27.142597] fff00000c596b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.145216] fff00000c596b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.147078] ==================================================================
[ 20.730660] ================================================================== [ 20.731709] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 20.732495] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.733020] [ 20.733172] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.733227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.733243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.733268] Call Trace: [ 20.733293] <TASK> [ 20.733326] dump_stack_lvl+0x73/0xb0 [ 20.733367] print_report+0xd1/0x650 [ 20.733397] ? __virt_addr_valid+0x1db/0x2d0 [ 20.733427] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 20.733461] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.733495] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 20.733528] kasan_report+0x140/0x180 [ 20.733556] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 20.733595] kasan_check_range+0x10c/0x1c0 [ 20.733625] __kasan_check_write+0x18/0x20 [ 20.733653] kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 20.733686] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.733720] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.733749] ? trace_hardirqs_on+0x37/0xe0 [ 20.733777] ? kasan_bitops_generic+0x93/0x1c0 [ 20.733810] kasan_bitops_generic+0x122/0x1c0 [ 20.733839] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.733899] ? __pfx_read_tsc+0x10/0x10 [ 20.733948] ? ktime_get_ts64+0x86/0x230 [ 20.734011] kunit_try_run_case+0x1a6/0x480 [ 20.734070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.734126] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.734186] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.734248] ? __kthread_parkme+0x82/0x160 [ 20.734305] ? preempt_count_sub+0x50/0x80 [ 20.734368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.734423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.734484] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.734548] kthread+0x324/0x6e0 [ 20.734605] ? trace_preempt_on+0x20/0xc0 [ 20.734664] ? __pfx_kthread+0x10/0x10 [ 20.734724] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.734783] ? calculate_sigpending+0x7b/0xa0 [ 20.734839] ? __pfx_kthread+0x10/0x10 [ 20.734913] ret_from_fork+0x41/0x80 [ 20.734959] ? __pfx_kthread+0x10/0x10 [ 20.735000] ret_from_fork_asm+0x1a/0x30 [ 20.735044] </TASK> [ 20.735057] [ 20.752002] Allocated by task 269: [ 20.752224] kasan_save_stack+0x45/0x70 [ 20.752835] kasan_save_track+0x18/0x40 [ 20.753177] kasan_save_alloc_info+0x3b/0x50 [ 20.753566] __kasan_kmalloc+0xb7/0xc0 [ 20.754254] __kmalloc_cache_noprof+0x18a/0x420 [ 20.754562] kasan_bitops_generic+0x93/0x1c0 [ 20.755173] kunit_try_run_case+0x1a6/0x480 [ 20.755719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.756083] kthread+0x324/0x6e0 [ 20.756323] ret_from_fork+0x41/0x80 [ 20.756566] ret_from_fork_asm+0x1a/0x30 [ 20.756824] [ 20.756964] The buggy address belongs to the object at ffff8881024b01a0 [ 20.756964] which belongs to the cache kmalloc-16 of size 16 [ 20.757761] The buggy address is located 8 bytes inside of [ 20.757761] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.759288] [ 20.759533] The buggy address belongs to the physical page: [ 20.760030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.760667] flags: 0x200000000000000(node=0|zone=2) [ 20.761514] page_type: f5(slab) [ 20.761885] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.762495] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.763133] page dumped because: kasan: bad access detected [ 20.763638] [ 20.763784] Memory state around the buggy address: [ 20.764230] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.764845] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.765419] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.766445] ^ [ 20.766979] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.767334] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.768020] ================================================================== [ 20.656902] ================================================================== [ 20.657752] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 20.658453] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.658889] [ 20.659115] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.659219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.659253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.659332] Call Trace: [ 20.659379] <TASK> [ 20.659416] dump_stack_lvl+0x73/0xb0 [ 20.659487] print_report+0xd1/0x650 [ 20.659545] ? __virt_addr_valid+0x1db/0x2d0 [ 20.659605] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 20.659673] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.659751] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 20.659822] kasan_report+0x140/0x180 [ 20.659894] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 20.659973] kasan_check_range+0x10c/0x1c0 [ 20.660024] __kasan_check_write+0x18/0x20 [ 20.660071] kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 20.660136] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.660199] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.660252] ? trace_hardirqs_on+0x37/0xe0 [ 20.660343] ? kasan_bitops_generic+0x93/0x1c0 [ 20.660412] kasan_bitops_generic+0x122/0x1c0 [ 20.660474] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.660540] ? __pfx_read_tsc+0x10/0x10 [ 20.660595] ? ktime_get_ts64+0x86/0x230 [ 20.660652] kunit_try_run_case+0x1a6/0x480 [ 20.660715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.660771] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.660833] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.660909] ? __kthread_parkme+0x82/0x160 [ 20.660964] ? preempt_count_sub+0x50/0x80 [ 20.661022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.661081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.661152] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.661221] kthread+0x324/0x6e0 [ 20.661275] ? trace_preempt_on+0x20/0xc0 [ 20.661376] ? __pfx_kthread+0x10/0x10 [ 20.661434] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.661495] ? calculate_sigpending+0x7b/0xa0 [ 20.661551] ? __pfx_kthread+0x10/0x10 [ 20.661614] ret_from_fork+0x41/0x80 [ 20.661666] ? __pfx_kthread+0x10/0x10 [ 20.661722] ret_from_fork_asm+0x1a/0x30 [ 20.661793] </TASK> [ 20.661811] [ 20.677994] Allocated by task 269: [ 20.678439] kasan_save_stack+0x45/0x70 [ 20.678790] kasan_save_track+0x18/0x40 [ 20.679145] kasan_save_alloc_info+0x3b/0x50 [ 20.679541] __kasan_kmalloc+0xb7/0xc0 [ 20.679793] __kmalloc_cache_noprof+0x18a/0x420 [ 20.680330] kasan_bitops_generic+0x93/0x1c0 [ 20.680768] kunit_try_run_case+0x1a6/0x480 [ 20.681218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.681685] kthread+0x324/0x6e0 [ 20.682110] ret_from_fork+0x41/0x80 [ 20.682543] ret_from_fork_asm+0x1a/0x30 [ 20.682803] [ 20.682961] The buggy address belongs to the object at ffff8881024b01a0 [ 20.682961] which belongs to the cache kmalloc-16 of size 16 [ 20.684007] The buggy address is located 8 bytes inside of [ 20.684007] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.684784] [ 20.685009] The buggy address belongs to the physical page: [ 20.685586] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.686238] flags: 0x200000000000000(node=0|zone=2) [ 20.686635] page_type: f5(slab) [ 20.687024] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.687759] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.688151] page dumped because: kasan: bad access detected [ 20.688719] [ 20.688970] Memory state around the buggy address: [ 20.689431] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.689955] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.690620] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.691171] ^ [ 20.691662] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.692198] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.692721] ================================================================== [ 20.808025] ================================================================== [ 20.808645] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 20.809289] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.809731] [ 20.809980] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.810082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.810112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.810165] Call Trace: [ 20.810207] <TASK> [ 20.810250] dump_stack_lvl+0x73/0xb0 [ 20.810318] print_report+0xd1/0x650 [ 20.810375] ? __virt_addr_valid+0x1db/0x2d0 [ 20.810428] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 20.810493] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.810557] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 20.810620] kasan_report+0x140/0x180 [ 20.810678] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 20.810756] kasan_check_range+0x10c/0x1c0 [ 20.810821] __kasan_check_write+0x18/0x20 [ 20.810898] kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 20.810969] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.811041] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.811100] ? trace_hardirqs_on+0x37/0xe0 [ 20.811153] ? kasan_bitops_generic+0x93/0x1c0 [ 20.811225] kasan_bitops_generic+0x122/0x1c0 [ 20.811285] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.811343] ? __pfx_read_tsc+0x10/0x10 [ 20.811398] ? ktime_get_ts64+0x86/0x230 [ 20.811458] kunit_try_run_case+0x1a6/0x480 [ 20.811516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.811564] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.811621] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.811692] ? __kthread_parkme+0x82/0x160 [ 20.811754] ? preempt_count_sub+0x50/0x80 [ 20.811812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.811845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.811901] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.811934] kthread+0x324/0x6e0 [ 20.811961] ? trace_preempt_on+0x20/0xc0 [ 20.812003] ? __pfx_kthread+0x10/0x10 [ 20.812031] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.812064] ? calculate_sigpending+0x7b/0xa0 [ 20.812098] ? __pfx_kthread+0x10/0x10 [ 20.812126] ret_from_fork+0x41/0x80 [ 20.812159] ? __pfx_kthread+0x10/0x10 [ 20.812189] ret_from_fork_asm+0x1a/0x30 [ 20.812237] </TASK> [ 20.812254] [ 20.824997] Allocated by task 269: [ 20.825361] kasan_save_stack+0x45/0x70 [ 20.825623] kasan_save_track+0x18/0x40 [ 20.825883] kasan_save_alloc_info+0x3b/0x50 [ 20.826147] __kasan_kmalloc+0xb7/0xc0 [ 20.826533] __kmalloc_cache_noprof+0x18a/0x420 [ 20.827147] kasan_bitops_generic+0x93/0x1c0 [ 20.827784] kunit_try_run_case+0x1a6/0x480 [ 20.828234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.828717] kthread+0x324/0x6e0 [ 20.829073] ret_from_fork+0x41/0x80 [ 20.829304] ret_from_fork_asm+0x1a/0x30 [ 20.829694] [ 20.829916] The buggy address belongs to the object at ffff8881024b01a0 [ 20.829916] which belongs to the cache kmalloc-16 of size 16 [ 20.831247] The buggy address is located 8 bytes inside of [ 20.831247] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.831970] [ 20.832211] The buggy address belongs to the physical page: [ 20.832682] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.833095] flags: 0x200000000000000(node=0|zone=2) [ 20.833416] page_type: f5(slab) [ 20.833765] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.834448] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.835098] page dumped because: kasan: bad access detected [ 20.835383] [ 20.835526] Memory state around the buggy address: [ 20.835786] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.836378] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.836910] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.837467] ^ [ 20.837727] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.838215] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.839027] ================================================================== [ 20.874328] ================================================================== [ 20.875131] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 20.876271] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.877751] [ 20.877980] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.878088] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.878120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.878173] Call Trace: [ 20.878215] <TASK> [ 20.878254] dump_stack_lvl+0x73/0xb0 [ 20.878325] print_report+0xd1/0x650 [ 20.878382] ? __virt_addr_valid+0x1db/0x2d0 [ 20.878443] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 20.878511] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.878580] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 20.878651] kasan_report+0x140/0x180 [ 20.878711] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 20.878794] kasan_check_range+0x10c/0x1c0 [ 20.878876] __kasan_check_write+0x18/0x20 [ 20.878936] kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 20.879000] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.879072] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.879134] ? trace_hardirqs_on+0x37/0xe0 [ 20.879188] ? kasan_bitops_generic+0x93/0x1c0 [ 20.879257] kasan_bitops_generic+0x122/0x1c0 [ 20.879315] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.879381] ? __pfx_read_tsc+0x10/0x10 [ 20.879436] ? ktime_get_ts64+0x86/0x230 [ 20.879503] kunit_try_run_case+0x1a6/0x480 [ 20.879569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.879626] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.879704] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.879769] ? __kthread_parkme+0x82/0x160 [ 20.879831] ? preempt_count_sub+0x50/0x80 [ 20.879912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.879973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.880042] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.880110] kthread+0x324/0x6e0 [ 20.880167] ? trace_preempt_on+0x20/0xc0 [ 20.880226] ? __pfx_kthread+0x10/0x10 [ 20.880284] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.880335] ? calculate_sigpending+0x7b/0xa0 [ 20.880383] ? __pfx_kthread+0x10/0x10 [ 20.880438] ret_from_fork+0x41/0x80 [ 20.880489] ? __pfx_kthread+0x10/0x10 [ 20.880544] ret_from_fork_asm+0x1a/0x30 [ 20.880626] </TASK> [ 20.880654] [ 20.894175] Allocated by task 269: [ 20.894488] kasan_save_stack+0x45/0x70 [ 20.894937] kasan_save_track+0x18/0x40 [ 20.896879] kasan_save_alloc_info+0x3b/0x50 [ 20.897372] __kasan_kmalloc+0xb7/0xc0 [ 20.897774] __kmalloc_cache_noprof+0x18a/0x420 [ 20.898100] kasan_bitops_generic+0x93/0x1c0 [ 20.898355] kunit_try_run_case+0x1a6/0x480 [ 20.898786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.900894] kthread+0x324/0x6e0 [ 20.901275] ret_from_fork+0x41/0x80 [ 20.901645] ret_from_fork_asm+0x1a/0x30 [ 20.901946] [ 20.902092] The buggy address belongs to the object at ffff8881024b01a0 [ 20.902092] which belongs to the cache kmalloc-16 of size 16 [ 20.904158] The buggy address is located 8 bytes inside of [ 20.904158] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.904693] [ 20.904777] The buggy address belongs to the physical page: [ 20.904996] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.906009] flags: 0x200000000000000(node=0|zone=2) [ 20.906553] page_type: f5(slab) [ 20.906999] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.907786] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.908715] page dumped because: kasan: bad access detected [ 20.909002] [ 20.909166] Memory state around the buggy address: [ 20.909592] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.910397] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.911066] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.911594] ^ [ 20.911951] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.912455] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.912880] ================================================================== [ 20.914148] ================================================================== [ 20.914821] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 20.915599] Read of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.916238] [ 20.916543] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.916648] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.916680] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.916756] Call Trace: [ 20.916799] <TASK> [ 20.916871] dump_stack_lvl+0x73/0xb0 [ 20.916945] print_report+0xd1/0x650 [ 20.917001] ? __virt_addr_valid+0x1db/0x2d0 [ 20.917060] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 20.917159] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.917227] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 20.917304] kasan_report+0x140/0x180 [ 20.917364] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 20.917498] kasan_check_range+0x10c/0x1c0 [ 20.917584] __kasan_check_read+0x15/0x20 [ 20.917645] kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 20.917708] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.917777] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.917841] ? trace_hardirqs_on+0x37/0xe0 [ 20.917920] ? kasan_bitops_generic+0x93/0x1c0 [ 20.917964] kasan_bitops_generic+0x122/0x1c0 [ 20.917997] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.918029] ? __pfx_read_tsc+0x10/0x10 [ 20.918058] ? ktime_get_ts64+0x86/0x230 [ 20.918092] kunit_try_run_case+0x1a6/0x480 [ 20.918121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.918149] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.918180] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.918212] ? __kthread_parkme+0x82/0x160 [ 20.918241] ? preempt_count_sub+0x50/0x80 [ 20.918272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.918322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.918359] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.918393] kthread+0x324/0x6e0 [ 20.918419] ? trace_preempt_on+0x20/0xc0 [ 20.918447] ? __pfx_kthread+0x10/0x10 [ 20.918475] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.918503] ? calculate_sigpending+0x7b/0xa0 [ 20.918530] ? __pfx_kthread+0x10/0x10 [ 20.918559] ret_from_fork+0x41/0x80 [ 20.918582] ? __pfx_kthread+0x10/0x10 [ 20.918610] ret_from_fork_asm+0x1a/0x30 [ 20.918650] </TASK> [ 20.918663] [ 20.932390] Allocated by task 269: [ 20.932729] kasan_save_stack+0x45/0x70 [ 20.933018] kasan_save_track+0x18/0x40 [ 20.933480] kasan_save_alloc_info+0x3b/0x50 [ 20.933950] __kasan_kmalloc+0xb7/0xc0 [ 20.934424] __kmalloc_cache_noprof+0x18a/0x420 [ 20.934882] kasan_bitops_generic+0x93/0x1c0 [ 20.935220] kunit_try_run_case+0x1a6/0x480 [ 20.935516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.936111] kthread+0x324/0x6e0 [ 20.936687] ret_from_fork+0x41/0x80 [ 20.937238] ret_from_fork_asm+0x1a/0x30 [ 20.937896] [ 20.938117] The buggy address belongs to the object at ffff8881024b01a0 [ 20.938117] which belongs to the cache kmalloc-16 of size 16 [ 20.938669] The buggy address is located 8 bytes inside of [ 20.938669] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.939705] [ 20.939944] The buggy address belongs to the physical page: [ 20.940353] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.941033] flags: 0x200000000000000(node=0|zone=2) [ 20.941610] page_type: f5(slab) [ 20.941970] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.942585] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.942999] page dumped because: kasan: bad access detected [ 20.943643] [ 20.943869] Memory state around the buggy address: [ 20.944429] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.945187] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.945696] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.946041] ^ [ 20.946328] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.946897] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.947809] ================================================================== [ 20.840226] ================================================================== [ 20.840770] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 20.841846] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.842300] [ 20.842476] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.842579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.842613] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.842664] Call Trace: [ 20.842709] <TASK> [ 20.842749] dump_stack_lvl+0x73/0xb0 [ 20.842818] print_report+0xd1/0x650 [ 20.842891] ? __virt_addr_valid+0x1db/0x2d0 [ 20.842948] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 20.843016] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.843082] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 20.843153] kasan_report+0x140/0x180 [ 20.843212] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 20.843289] kasan_check_range+0x10c/0x1c0 [ 20.843347] __kasan_check_write+0x18/0x20 [ 20.843407] kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 20.843474] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.843548] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.843610] ? trace_hardirqs_on+0x37/0xe0 [ 20.843670] ? kasan_bitops_generic+0x93/0x1c0 [ 20.843751] kasan_bitops_generic+0x122/0x1c0 [ 20.843814] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.843894] ? __pfx_read_tsc+0x10/0x10 [ 20.843952] ? ktime_get_ts64+0x86/0x230 [ 20.844019] kunit_try_run_case+0x1a6/0x480 [ 20.844081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.844137] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.844210] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.844259] ? __kthread_parkme+0x82/0x160 [ 20.844309] ? preempt_count_sub+0x50/0x80 [ 20.844366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.844425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.844488] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.844548] kthread+0x324/0x6e0 [ 20.844604] ? trace_preempt_on+0x20/0xc0 [ 20.844661] ? __pfx_kthread+0x10/0x10 [ 20.844717] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.844778] ? calculate_sigpending+0x7b/0xa0 [ 20.844834] ? __pfx_kthread+0x10/0x10 [ 20.844911] ret_from_fork+0x41/0x80 [ 20.844960] ? __pfx_kthread+0x10/0x10 [ 20.845019] ret_from_fork_asm+0x1a/0x30 [ 20.845101] </TASK> [ 20.845131] [ 20.859063] Allocated by task 269: [ 20.859373] kasan_save_stack+0x45/0x70 [ 20.859691] kasan_save_track+0x18/0x40 [ 20.860030] kasan_save_alloc_info+0x3b/0x50 [ 20.860414] __kasan_kmalloc+0xb7/0xc0 [ 20.860807] __kmalloc_cache_noprof+0x18a/0x420 [ 20.861120] kasan_bitops_generic+0x93/0x1c0 [ 20.861666] kunit_try_run_case+0x1a6/0x480 [ 20.862028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.862443] kthread+0x324/0x6e0 [ 20.862798] ret_from_fork+0x41/0x80 [ 20.863131] ret_from_fork_asm+0x1a/0x30 [ 20.863632] [ 20.863868] The buggy address belongs to the object at ffff8881024b01a0 [ 20.863868] which belongs to the cache kmalloc-16 of size 16 [ 20.864639] The buggy address is located 8 bytes inside of [ 20.864639] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.865558] [ 20.865708] The buggy address belongs to the physical page: [ 20.866236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.866778] flags: 0x200000000000000(node=0|zone=2) [ 20.867074] page_type: f5(slab) [ 20.867331] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.867693] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.868261] page dumped because: kasan: bad access detected [ 20.868817] [ 20.869045] Memory state around the buggy address: [ 20.869471] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.870505] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.871137] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.871905] ^ [ 20.872177] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.872991] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.873320] ================================================================== [ 20.949460] ================================================================== [ 20.950159] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 20.951053] Read of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.951667] [ 20.951891] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.952001] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.952034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.952082] Call Trace: [ 20.952125] <TASK> [ 20.952167] dump_stack_lvl+0x73/0xb0 [ 20.952237] print_report+0xd1/0x650 [ 20.952333] ? __virt_addr_valid+0x1db/0x2d0 [ 20.952398] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 20.952465] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.952541] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 20.952627] kasan_report+0x140/0x180 [ 20.952692] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 20.952774] __asan_report_load8_noabort+0x18/0x20 [ 20.952838] kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 20.952919] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.952969] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.953002] ? trace_hardirqs_on+0x37/0xe0 [ 20.953034] ? kasan_bitops_generic+0x93/0x1c0 [ 20.953068] kasan_bitops_generic+0x122/0x1c0 [ 20.953098] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.953130] ? __pfx_read_tsc+0x10/0x10 [ 20.953159] ? ktime_get_ts64+0x86/0x230 [ 20.953190] kunit_try_run_case+0x1a6/0x480 [ 20.953220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.953248] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.953278] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.953334] ? __kthread_parkme+0x82/0x160 [ 20.953365] ? preempt_count_sub+0x50/0x80 [ 20.953398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.953426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.953459] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.953492] kthread+0x324/0x6e0 [ 20.953519] ? trace_preempt_on+0x20/0xc0 [ 20.953546] ? __pfx_kthread+0x10/0x10 [ 20.953575] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.953602] ? calculate_sigpending+0x7b/0xa0 [ 20.953631] ? __pfx_kthread+0x10/0x10 [ 20.953660] ret_from_fork+0x41/0x80 [ 20.953684] ? __pfx_kthread+0x10/0x10 [ 20.953712] ret_from_fork_asm+0x1a/0x30 [ 20.953752] </TASK> [ 20.953765] [ 20.970609] Allocated by task 269: [ 20.970969] kasan_save_stack+0x45/0x70 [ 20.971515] kasan_save_track+0x18/0x40 [ 20.971976] kasan_save_alloc_info+0x3b/0x50 [ 20.972499] __kasan_kmalloc+0xb7/0xc0 [ 20.972932] __kmalloc_cache_noprof+0x18a/0x420 [ 20.973377] kasan_bitops_generic+0x93/0x1c0 [ 20.973694] kunit_try_run_case+0x1a6/0x480 [ 20.974043] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.974388] kthread+0x324/0x6e0 [ 20.974707] ret_from_fork+0x41/0x80 [ 20.975052] ret_from_fork_asm+0x1a/0x30 [ 20.975343] [ 20.975487] The buggy address belongs to the object at ffff8881024b01a0 [ 20.975487] which belongs to the cache kmalloc-16 of size 16 [ 20.976596] The buggy address is located 8 bytes inside of [ 20.976596] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.977437] [ 20.977710] The buggy address belongs to the physical page: [ 20.978093] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.978510] flags: 0x200000000000000(node=0|zone=2) [ 20.979040] page_type: f5(slab) [ 20.979506] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.980233] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.980913] page dumped because: kasan: bad access detected [ 20.981474] [ 20.981703] Memory state around the buggy address: [ 20.982152] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.982798] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.983354] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.983795] ^ [ 20.984289] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.984841] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.985225] ================================================================== [ 20.770514] ================================================================== [ 20.770993] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 20.771780] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.772412] [ 20.773021] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.773243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.773266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.773306] Call Trace: [ 20.773346] <TASK> [ 20.773376] dump_stack_lvl+0x73/0xb0 [ 20.773417] print_report+0xd1/0x650 [ 20.773446] ? __virt_addr_valid+0x1db/0x2d0 [ 20.773476] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 20.773510] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.773543] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 20.773577] kasan_report+0x140/0x180 [ 20.773605] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 20.773644] kasan_check_range+0x10c/0x1c0 [ 20.773673] __kasan_check_write+0x18/0x20 [ 20.773702] kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 20.773736] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.773770] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.773801] ? trace_hardirqs_on+0x37/0xe0 [ 20.773829] ? kasan_bitops_generic+0x93/0x1c0 [ 20.773882] kasan_bitops_generic+0x122/0x1c0 [ 20.773913] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.773943] ? __pfx_read_tsc+0x10/0x10 [ 20.773970] ? ktime_get_ts64+0x86/0x230 [ 20.774003] kunit_try_run_case+0x1a6/0x480 [ 20.774032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.774059] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.774089] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.774118] ? __kthread_parkme+0x82/0x160 [ 20.774147] ? preempt_count_sub+0x50/0x80 [ 20.774178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.774206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.774239] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.774270] kthread+0x324/0x6e0 [ 20.774301] ? trace_preempt_on+0x20/0xc0 [ 20.774340] ? __pfx_kthread+0x10/0x10 [ 20.774368] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.774396] ? calculate_sigpending+0x7b/0xa0 [ 20.774423] ? __pfx_kthread+0x10/0x10 [ 20.774452] ret_from_fork+0x41/0x80 [ 20.774475] ? __pfx_kthread+0x10/0x10 [ 20.774502] ret_from_fork_asm+0x1a/0x30 [ 20.774542] </TASK> [ 20.774555] [ 20.791911] Allocated by task 269: [ 20.792185] kasan_save_stack+0x45/0x70 [ 20.792628] kasan_save_track+0x18/0x40 [ 20.793035] kasan_save_alloc_info+0x3b/0x50 [ 20.793839] __kasan_kmalloc+0xb7/0xc0 [ 20.794153] __kmalloc_cache_noprof+0x18a/0x420 [ 20.794761] kasan_bitops_generic+0x93/0x1c0 [ 20.795264] kunit_try_run_case+0x1a6/0x480 [ 20.795841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.796223] kthread+0x324/0x6e0 [ 20.796837] ret_from_fork+0x41/0x80 [ 20.797145] ret_from_fork_asm+0x1a/0x30 [ 20.797450] [ 20.797971] The buggy address belongs to the object at ffff8881024b01a0 [ 20.797971] which belongs to the cache kmalloc-16 of size 16 [ 20.798690] The buggy address is located 8 bytes inside of [ 20.798690] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.799912] [ 20.800447] The buggy address belongs to the physical page: [ 20.800976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.801197] flags: 0x200000000000000(node=0|zone=2) [ 20.801409] page_type: f5(slab) [ 20.801728] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.802273] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.802718] page dumped because: kasan: bad access detected [ 20.803273] [ 20.803493] Memory state around the buggy address: [ 20.803914] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.804411] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.804783] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.805434] ^ [ 20.805753] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.806207] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.806850] ================================================================== [ 20.694012] ================================================================== [ 20.694657] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 20.695267] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.695823] [ 20.696071] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.696175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.696210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.696255] Call Trace: [ 20.696335] <TASK> [ 20.696399] dump_stack_lvl+0x73/0xb0 [ 20.696492] print_report+0xd1/0x650 [ 20.696545] ? __virt_addr_valid+0x1db/0x2d0 [ 20.696594] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 20.696645] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.696693] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 20.696743] kasan_report+0x140/0x180 [ 20.696785] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 20.696848] kasan_check_range+0x10c/0x1c0 [ 20.696925] __kasan_check_write+0x18/0x20 [ 20.696984] kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 20.697055] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.697189] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.697240] ? trace_hardirqs_on+0x37/0xe0 [ 20.697334] ? kasan_bitops_generic+0x93/0x1c0 [ 20.697436] kasan_bitops_generic+0x122/0x1c0 [ 20.697500] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.697559] ? __pfx_read_tsc+0x10/0x10 [ 20.697615] ? ktime_get_ts64+0x86/0x230 [ 20.697673] kunit_try_run_case+0x1a6/0x480 [ 20.697760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.697816] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.697917] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.697981] ? __kthread_parkme+0x82/0x160 [ 20.698041] ? preempt_count_sub+0x50/0x80 [ 20.698104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.698168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.698232] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.698350] kthread+0x324/0x6e0 [ 20.698413] ? trace_preempt_on+0x20/0xc0 [ 20.698469] ? __pfx_kthread+0x10/0x10 [ 20.698549] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.698607] ? calculate_sigpending+0x7b/0xa0 [ 20.698665] ? __pfx_kthread+0x10/0x10 [ 20.698724] ret_from_fork+0x41/0x80 [ 20.698795] ? __pfx_kthread+0x10/0x10 [ 20.698849] ret_from_fork_asm+0x1a/0x30 [ 20.698946] </TASK> [ 20.698976] [ 20.712529] Allocated by task 269: [ 20.712975] kasan_save_stack+0x45/0x70 [ 20.713446] kasan_save_track+0x18/0x40 [ 20.713874] kasan_save_alloc_info+0x3b/0x50 [ 20.714326] __kasan_kmalloc+0xb7/0xc0 [ 20.714793] __kmalloc_cache_noprof+0x18a/0x420 [ 20.715456] kasan_bitops_generic+0x93/0x1c0 [ 20.716087] kunit_try_run_case+0x1a6/0x480 [ 20.716450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.716746] kthread+0x324/0x6e0 [ 20.717462] ret_from_fork+0x41/0x80 [ 20.717929] ret_from_fork_asm+0x1a/0x30 [ 20.718187] [ 20.718361] The buggy address belongs to the object at ffff8881024b01a0 [ 20.718361] which belongs to the cache kmalloc-16 of size 16 [ 20.719456] The buggy address is located 8 bytes inside of [ 20.719456] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.720598] [ 20.720904] The buggy address belongs to the physical page: [ 20.721430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.722172] flags: 0x200000000000000(node=0|zone=2) [ 20.722723] page_type: f5(slab) [ 20.722971] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.723829] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.724570] page dumped because: kasan: bad access detected [ 20.724881] [ 20.725073] Memory state around the buggy address: [ 20.725703] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.726240] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.726894] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.727413] ^ [ 20.728004] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.728546] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.729192] ==================================================================