Date
June 2, 2025, 2:11 p.m.
| Environment | |
|---|---|
| e850-96 | |
| qemu-x86_64 |
[ 39.800392] ================================================================== [ 39.807345] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 39.815502] Write of size 8 at addr ffff0008037171e8 by task kunit_try_catch/308 [ 39.822880] [ 39.824363] CPU: 4 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT [ 39.824410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.824425] Hardware name: WinLink E850-96 board (DT) [ 39.824443] Call trace: [ 39.824455] show_stack+0x20/0x38 (C) [ 39.824491] dump_stack_lvl+0x8c/0xd0 [ 39.824524] print_report+0x118/0x608 [ 39.824552] kasan_report+0xdc/0x128 [ 39.824581] kasan_check_range+0x100/0x1a8 [ 39.824610] __kasan_check_write+0x20/0x30 [ 39.824645] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 39.824675] kasan_bitops_generic+0x110/0x1c8 [ 39.824701] kunit_try_run_case+0x170/0x3f0 [ 39.824736] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.824773] kthread+0x328/0x630 [ 39.824803] ret_from_fork+0x10/0x20 [ 39.824839] [ 39.896056] Allocated by task 308: [ 39.899442] kasan_save_stack+0x3c/0x68 [ 39.903261] kasan_save_track+0x20/0x40 [ 39.907080] kasan_save_alloc_info+0x40/0x58 [ 39.911333] __kasan_kmalloc+0xd4/0xd8 [ 39.915066] __kmalloc_cache_noprof+0x16c/0x3c0 [ 39.919580] kasan_bitops_generic+0xa0/0x1c8 [ 39.923834] kunit_try_run_case+0x170/0x3f0 [ 39.928000] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.933469] kthread+0x328/0x630 [ 39.936680] ret_from_fork+0x10/0x20 [ 39.940240] [ 39.941715] The buggy address belongs to the object at ffff0008037171e0 [ 39.941715] which belongs to the cache kmalloc-16 of size 16 [ 39.954042] The buggy address is located 8 bytes inside of [ 39.954042] allocated 9-byte region [ffff0008037171e0, ffff0008037171e9) [ 39.966281] [ 39.967756] The buggy address belongs to the physical page: [ 39.973314] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883717 [ 39.981299] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 39.987808] page_type: f5(slab) [ 39.990941] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 39.998665] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 40.006384] page dumped because: kasan: bad access detected [ 40.011939] [ 40.013415] Memory state around the buggy address: [ 40.018195] ffff000803717080: 00 05 fc fc 00 05 fc fc 00 00 fc fc 00 05 fc fc [ 40.025398] ffff000803717100: 00 05 fc fc 00 05 fc fc 00 05 fc fc 00 04 fc fc [ 40.032602] >ffff000803717180: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 01 fc fc [ 40.039804] ^ [ 40.046404] ffff000803717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 40.053609] ffff000803717280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 40.060811] ================================================================== [ 40.068194] ================================================================== [ 40.075224] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 40.083381] Read of size 8 at addr ffff0008037171e8 by task kunit_try_catch/308 [ 40.090671] [ 40.092156] CPU: 4 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT [ 40.092208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.092224] Hardware name: WinLink E850-96 board (DT) [ 40.092244] Call trace: [ 40.092259] show_stack+0x20/0x38 (C) [ 40.092289] dump_stack_lvl+0x8c/0xd0 [ 40.092322] print_report+0x118/0x608 [ 40.092351] kasan_report+0xdc/0x128 [ 40.092381] __asan_report_load8_noabort+0x20/0x30 [ 40.092415] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 40.092447] kasan_bitops_generic+0x110/0x1c8 [ 40.092475] kunit_try_run_case+0x170/0x3f0 [ 40.092511] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.092548] kthread+0x328/0x630 [ 40.092582] ret_from_fork+0x10/0x20 [ 40.092614] [ 40.160462] Allocated by task 308: [ 40.163849] kasan_save_stack+0x3c/0x68 [ 40.167667] kasan_save_track+0x20/0x40 [ 40.171486] kasan_save_alloc_info+0x40/0x58 [ 40.175739] __kasan_kmalloc+0xd4/0xd8 [ 40.179472] __kmalloc_cache_noprof+0x16c/0x3c0 [ 40.183986] kasan_bitops_generic+0xa0/0x1c8 [ 40.188239] kunit_try_run_case+0x170/0x3f0 [ 40.192406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.197874] kthread+0x328/0x630 [ 40.201086] ret_from_fork+0x10/0x20 [ 40.204645] [ 40.206120] The buggy address belongs to the object at ffff0008037171e0 [ 40.206120] which belongs to the cache kmalloc-16 of size 16 [ 40.218448] The buggy address is located 8 bytes inside of [ 40.218448] allocated 9-byte region [ffff0008037171e0, ffff0008037171e9) [ 40.230686] [ 40.232162] The buggy address belongs to the physical page: [ 40.237721] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883717 [ 40.245705] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 40.252215] page_type: f5(slab) [ 40.255349] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 40.263071] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 40.270790] page dumped because: kasan: bad access detected [ 40.276345] [ 40.277821] Memory state around the buggy address: [ 40.282599] ffff000803717080: 00 05 fc fc 00 05 fc fc 00 00 fc fc 00 05 fc fc [ 40.289804] ffff000803717100: 00 05 fc fc 00 05 fc fc 00 05 fc fc 00 04 fc fc [ 40.297008] >ffff000803717180: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 01 fc fc [ 40.304210] ^ [ 40.310810] ffff000803717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 40.318015] ffff000803717280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 40.325216] ================================================================== [ 41.668529] ================================================================== [ 41.675545] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 41.683703] Read of size 8 at addr ffff0008037171e8 by task kunit_try_catch/308 [ 41.690994] [ 41.692476] CPU: 4 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT [ 41.692521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 41.692540] Hardware name: WinLink E850-96 board (DT) [ 41.692558] Call trace: [ 41.692568] show_stack+0x20/0x38 (C) [ 41.692598] dump_stack_lvl+0x8c/0xd0 [ 41.692630] print_report+0x118/0x608 [ 41.692659] kasan_report+0xdc/0x128 [ 41.692689] __asan_report_load8_noabort+0x20/0x30 [ 41.692722] kasan_bitops_modify.constprop.0+0xa20/0xbc0 [ 41.692754] kasan_bitops_generic+0x110/0x1c8 [ 41.692785] kunit_try_run_case+0x170/0x3f0 [ 41.692818] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.692855] kthread+0x328/0x630 [ 41.692890] ret_from_fork+0x10/0x20 [ 41.692924] [ 41.760785] Allocated by task 308: [ 41.764170] kasan_save_stack+0x3c/0x68 [ 41.767990] kasan_save_track+0x20/0x40 [ 41.771809] kasan_save_alloc_info+0x40/0x58 [ 41.776062] __kasan_kmalloc+0xd4/0xd8 [ 41.779795] __kmalloc_cache_noprof+0x16c/0x3c0 [ 41.784309] kasan_bitops_generic+0xa0/0x1c8 [ 41.788562] kunit_try_run_case+0x170/0x3f0 [ 41.792729] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.798198] kthread+0x328/0x630 [ 41.801409] ret_from_fork+0x10/0x20 [ 41.804968] [ 41.806444] The buggy address belongs to the object at ffff0008037171e0 [ 41.806444] which belongs to the cache kmalloc-16 of size 16 [ 41.818771] The buggy address is located 8 bytes inside of [ 41.818771] allocated 9-byte region [ffff0008037171e0, ffff0008037171e9) [ 41.831010] [ 41.832487] The buggy address belongs to the physical page: [ 41.838043] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883717 [ 41.846028] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 41.852539] page_type: f5(slab) [ 41.855671] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 41.863394] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 41.871113] page dumped because: kasan: bad access detected [ 41.876668] [ 41.878144] Memory state around the buggy address: [ 41.882923] ffff000803717080: 00 05 fc fc 00 05 fc fc 00 00 fc fc 00 05 fc fc [ 41.890127] ffff000803717100: 00 05 fc fc 00 05 fc fc 00 05 fc fc 00 04 fc fc [ 41.897332] >ffff000803717180: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 01 fc fc [ 41.904533] ^ [ 41.911133] ffff000803717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 41.918338] ffff000803717280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 41.925540] ================================================================== [ 40.868353] ================================================================== [ 40.875383] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 40.883541] Read of size 8 at addr ffff0008037171e8 by task kunit_try_catch/308 [ 40.890833] [ 40.892315] CPU: 4 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT [ 40.892359] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.892375] Hardware name: WinLink E850-96 board (DT) [ 40.892396] Call trace: [ 40.892409] show_stack+0x20/0x38 (C) [ 40.892440] dump_stack_lvl+0x8c/0xd0 [ 40.892471] print_report+0x118/0x608 [ 40.892499] kasan_report+0xdc/0x128 [ 40.892527] __asan_report_load8_noabort+0x20/0x30 [ 40.892562] kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 40.892595] kasan_bitops_generic+0x110/0x1c8 [ 40.892623] kunit_try_run_case+0x170/0x3f0 [ 40.892657] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.892696] kthread+0x328/0x630 [ 40.892729] ret_from_fork+0x10/0x20 [ 40.892761] [ 40.960623] Allocated by task 308: [ 40.964010] kasan_save_stack+0x3c/0x68 [ 40.967828] kasan_save_track+0x20/0x40 [ 40.971648] kasan_save_alloc_info+0x40/0x58 [ 40.975901] __kasan_kmalloc+0xd4/0xd8 [ 40.979634] __kmalloc_cache_noprof+0x16c/0x3c0 [ 40.984147] kasan_bitops_generic+0xa0/0x1c8 [ 40.988401] kunit_try_run_case+0x170/0x3f0 [ 40.992567] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.998036] kthread+0x328/0x630 [ 41.001248] ret_from_fork+0x10/0x20 [ 41.004807] [ 41.006282] The buggy address belongs to the object at ffff0008037171e0 [ 41.006282] which belongs to the cache kmalloc-16 of size 16 [ 41.018609] The buggy address is located 8 bytes inside of [ 41.018609] allocated 9-byte region [ffff0008037171e0, ffff0008037171e9) [ 41.030848] [ 41.032324] The buggy address belongs to the physical page: [ 41.037879] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883717 [ 41.045867] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 41.052377] page_type: f5(slab) [ 41.055510] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 41.063232] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 41.070952] page dumped because: kasan: bad access detected [ 41.076507] [ 41.077982] Memory state around the buggy address: [ 41.082760] ffff000803717080: 00 05 fc fc 00 05 fc fc 00 00 fc fc 00 05 fc fc [ 41.089966] ffff000803717100: 00 05 fc fc 00 05 fc fc 00 05 fc fc 00 04 fc fc [ 41.097170] >ffff000803717180: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 01 fc fc [ 41.104371] ^ [ 41.110972] ffff000803717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 41.118177] ffff000803717280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 41.125378] ================================================================== [ 39.535879] ================================================================== [ 39.542940] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 39.551096] Read of size 8 at addr ffff0008037171e8 by task kunit_try_catch/308 [ 39.558387] [ 39.559870] CPU: 4 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT [ 39.559918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.559934] Hardware name: WinLink E850-96 board (DT) [ 39.559952] Call trace: [ 39.559965] show_stack+0x20/0x38 (C) [ 39.559996] dump_stack_lvl+0x8c/0xd0 [ 39.560034] print_report+0x118/0x608 [ 39.560066] kasan_report+0xdc/0x128 [ 39.560096] __asan_report_load8_noabort+0x20/0x30 [ 39.560130] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 39.560160] kasan_bitops_generic+0x110/0x1c8 [ 39.560189] kunit_try_run_case+0x170/0x3f0 [ 39.560223] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.560261] kthread+0x328/0x630 [ 39.560293] ret_from_fork+0x10/0x20 [ 39.560327] [ 39.628178] Allocated by task 308: [ 39.631563] kasan_save_stack+0x3c/0x68 [ 39.635383] kasan_save_track+0x20/0x40 [ 39.639202] kasan_save_alloc_info+0x40/0x58 [ 39.643456] __kasan_kmalloc+0xd4/0xd8 [ 39.647188] __kmalloc_cache_noprof+0x16c/0x3c0 [ 39.651702] kasan_bitops_generic+0xa0/0x1c8 [ 39.655956] kunit_try_run_case+0x170/0x3f0 [ 39.660122] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.665591] kthread+0x328/0x630 [ 39.668803] ret_from_fork+0x10/0x20 [ 39.672362] [ 39.673837] The buggy address belongs to the object at ffff0008037171e0 [ 39.673837] which belongs to the cache kmalloc-16 of size 16 [ 39.686165] The buggy address is located 8 bytes inside of [ 39.686165] allocated 9-byte region [ffff0008037171e0, ffff0008037171e9) [ 39.698403] [ 39.699878] The buggy address belongs to the physical page: [ 39.705437] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883717 [ 39.713422] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 39.719930] page_type: f5(slab) [ 39.723066] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 39.730787] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 39.738506] page dumped because: kasan: bad access detected [ 39.744062] [ 39.745537] Memory state around the buggy address: [ 39.750317] ffff000803717080: 00 05 fc fc 00 05 fc fc 00 00 fc fc 00 05 fc fc [ 39.757520] ffff000803717100: 00 05 fc fc 00 05 fc fc 00 05 fc fc 00 04 fc fc [ 39.764725] >ffff000803717180: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 01 fc fc [ 39.771926] ^ [ 39.778527] ffff000803717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 39.785731] ffff000803717280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 39.792933] ================================================================== [ 39.265705] ================================================================== [ 39.275063] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 39.283220] Write of size 8 at addr ffff0008037171e8 by task kunit_try_catch/308 [ 39.290597] [ 39.292079] CPU: 4 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT [ 39.292137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 39.292155] Hardware name: WinLink E850-96 board (DT) [ 39.292177] Call trace: [ 39.292189] show_stack+0x20/0x38 (C) [ 39.292222] dump_stack_lvl+0x8c/0xd0 [ 39.292259] print_report+0x118/0x608 [ 39.292290] kasan_report+0xdc/0x128 [ 39.292318] kasan_check_range+0x100/0x1a8 [ 39.292351] __kasan_check_write+0x20/0x30 [ 39.292384] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 39.292415] kasan_bitops_generic+0x110/0x1c8 [ 39.292444] kunit_try_run_case+0x170/0x3f0 [ 39.292480] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.292517] kthread+0x328/0x630 [ 39.292552] ret_from_fork+0x10/0x20 [ 39.292589] [ 39.363772] Allocated by task 308: [ 39.367159] kasan_save_stack+0x3c/0x68 [ 39.370977] kasan_save_track+0x20/0x40 [ 39.374796] kasan_save_alloc_info+0x40/0x58 [ 39.379050] __kasan_kmalloc+0xd4/0xd8 [ 39.382783] __kmalloc_cache_noprof+0x16c/0x3c0 [ 39.387298] kasan_bitops_generic+0xa0/0x1c8 [ 39.391550] kunit_try_run_case+0x170/0x3f0 [ 39.395716] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 39.401185] kthread+0x328/0x630 [ 39.404397] ret_from_fork+0x10/0x20 [ 39.407955] [ 39.409434] The buggy address belongs to the object at ffff0008037171e0 [ 39.409434] which belongs to the cache kmalloc-16 of size 16 [ 39.421761] The buggy address is located 8 bytes inside of [ 39.421761] allocated 9-byte region [ffff0008037171e0, ffff0008037171e9) [ 39.433997] [ 39.435476] The buggy address belongs to the physical page: [ 39.441032] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883717 [ 39.449016] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 39.455524] page_type: f5(slab) [ 39.458661] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 39.466382] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 39.474100] page dumped because: kasan: bad access detected [ 39.479656] [ 39.481132] Memory state around the buggy address: [ 39.485914] ffff000803717080: 00 05 fc fc 00 05 fc fc 00 00 fc fc 00 05 fc fc [ 39.493114] ffff000803717100: 00 05 fc fc 00 05 fc fc 00 05 fc fc 00 04 fc fc [ 39.500319] >ffff000803717180: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 01 fc fc [ 39.507520] ^ [ 39.514122] ffff000803717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 39.521326] ffff000803717280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 39.528527] ================================================================== [ 40.332606] ================================================================== [ 40.339630] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 40.347786] Write of size 8 at addr ffff0008037171e8 by task kunit_try_catch/308 [ 40.355164] [ 40.356646] CPU: 4 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT [ 40.356690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.356706] Hardware name: WinLink E850-96 board (DT) [ 40.356726] Call trace: [ 40.356739] show_stack+0x20/0x38 (C) [ 40.356769] dump_stack_lvl+0x8c/0xd0 [ 40.356803] print_report+0x118/0x608 [ 40.356829] kasan_report+0xdc/0x128 [ 40.356856] kasan_check_range+0x100/0x1a8 [ 40.356888] __kasan_check_write+0x20/0x30 [ 40.356918] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 40.356950] kasan_bitops_generic+0x110/0x1c8 [ 40.356978] kunit_try_run_case+0x170/0x3f0 [ 40.357012] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.357050] kthread+0x328/0x630 [ 40.357083] ret_from_fork+0x10/0x20 [ 40.357116] [ 40.428339] Allocated by task 308: [ 40.431725] kasan_save_stack+0x3c/0x68 [ 40.435545] kasan_save_track+0x20/0x40 [ 40.439364] kasan_save_alloc_info+0x40/0x58 [ 40.443617] __kasan_kmalloc+0xd4/0xd8 [ 40.447350] __kmalloc_cache_noprof+0x16c/0x3c0 [ 40.451863] kasan_bitops_generic+0xa0/0x1c8 [ 40.456117] kunit_try_run_case+0x170/0x3f0 [ 40.460284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.465752] kthread+0x328/0x630 [ 40.468964] ret_from_fork+0x10/0x20 [ 40.472523] [ 40.473998] The buggy address belongs to the object at ffff0008037171e0 [ 40.473998] which belongs to the cache kmalloc-16 of size 16 [ 40.486325] The buggy address is located 8 bytes inside of [ 40.486325] allocated 9-byte region [ffff0008037171e0, ffff0008037171e9) [ 40.498564] [ 40.500041] The buggy address belongs to the physical page: [ 40.505596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883717 [ 40.513583] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 40.520093] page_type: f5(slab) [ 40.523226] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 40.530949] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 40.538668] page dumped because: kasan: bad access detected [ 40.544223] [ 40.545699] Memory state around the buggy address: [ 40.550477] ffff000803717080: 00 05 fc fc 00 05 fc fc 00 00 fc fc 00 05 fc fc [ 40.557682] ffff000803717100: 00 05 fc fc 00 05 fc fc 00 05 fc fc 00 04 fc fc [ 40.564886] >ffff000803717180: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 01 fc fc [ 40.572087] ^ [ 40.578688] ffff000803717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 40.585893] ffff000803717280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 40.593094] ================================================================== [ 40.600482] ================================================================== [ 40.607505] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 40.615664] Write of size 8 at addr ffff0008037171e8 by task kunit_try_catch/308 [ 40.623042] [ 40.624522] CPU: 4 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT [ 40.624568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 40.624584] Hardware name: WinLink E850-96 board (DT) [ 40.624602] Call trace: [ 40.624614] show_stack+0x20/0x38 (C) [ 40.624645] dump_stack_lvl+0x8c/0xd0 [ 40.624677] print_report+0x118/0x608 [ 40.624707] kasan_report+0xdc/0x128 [ 40.624737] kasan_check_range+0x100/0x1a8 [ 40.624769] __kasan_check_write+0x20/0x30 [ 40.624801] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 40.624831] kasan_bitops_generic+0x110/0x1c8 [ 40.624858] kunit_try_run_case+0x170/0x3f0 [ 40.624893] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.624930] kthread+0x328/0x630 [ 40.624963] ret_from_fork+0x10/0x20 [ 40.624996] [ 40.696217] Allocated by task 308: [ 40.699605] kasan_save_stack+0x3c/0x68 [ 40.703422] kasan_save_track+0x20/0x40 [ 40.707242] kasan_save_alloc_info+0x40/0x58 [ 40.711495] __kasan_kmalloc+0xd4/0xd8 [ 40.715228] __kmalloc_cache_noprof+0x16c/0x3c0 [ 40.719741] kasan_bitops_generic+0xa0/0x1c8 [ 40.723995] kunit_try_run_case+0x170/0x3f0 [ 40.728161] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 40.733630] kthread+0x328/0x630 [ 40.736842] ret_from_fork+0x10/0x20 [ 40.740401] [ 40.741877] The buggy address belongs to the object at ffff0008037171e0 [ 40.741877] which belongs to the cache kmalloc-16 of size 16 [ 40.754203] The buggy address is located 8 bytes inside of [ 40.754203] allocated 9-byte region [ffff0008037171e0, ffff0008037171e9) [ 40.766442] [ 40.767918] The buggy address belongs to the physical page: [ 40.773474] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883717 [ 40.781461] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 40.787971] page_type: f5(slab) [ 40.791105] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 40.798827] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 40.806546] page dumped because: kasan: bad access detected [ 40.812101] [ 40.813577] Memory state around the buggy address: [ 40.818356] ffff000803717080: 00 05 fc fc 00 05 fc fc 00 00 fc fc 00 05 fc fc [ 40.825559] ffff000803717100: 00 05 fc fc 00 05 fc fc 00 05 fc fc 00 04 fc fc [ 40.832764] >ffff000803717180: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 01 fc fc [ 40.839966] ^ [ 40.846566] ffff000803717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 40.853771] ffff000803717280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 40.860972] ================================================================== [ 41.400660] ================================================================== [ 41.407667] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 41.415825] Write of size 8 at addr ffff0008037171e8 by task kunit_try_catch/308 [ 41.423203] [ 41.424686] CPU: 4 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT [ 41.424732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 41.424751] Hardware name: WinLink E850-96 board (DT) [ 41.424767] Call trace: [ 41.424779] show_stack+0x20/0x38 (C) [ 41.424810] dump_stack_lvl+0x8c/0xd0 [ 41.424842] print_report+0x118/0x608 [ 41.424872] kasan_report+0xdc/0x128 [ 41.424901] kasan_check_range+0x100/0x1a8 [ 41.424931] __kasan_check_write+0x20/0x30 [ 41.424964] kasan_bitops_modify.constprop.0+0x3b0/0xbc0 [ 41.424995] kasan_bitops_generic+0x110/0x1c8 [ 41.425024] kunit_try_run_case+0x170/0x3f0 [ 41.425056] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.425093] kthread+0x328/0x630 [ 41.425125] ret_from_fork+0x10/0x20 [ 41.425156] [ 41.496379] Allocated by task 308: [ 41.499765] kasan_save_stack+0x3c/0x68 [ 41.503584] kasan_save_track+0x20/0x40 [ 41.507404] kasan_save_alloc_info+0x40/0x58 [ 41.511657] __kasan_kmalloc+0xd4/0xd8 [ 41.515389] __kmalloc_cache_noprof+0x16c/0x3c0 [ 41.519903] kasan_bitops_generic+0xa0/0x1c8 [ 41.524156] kunit_try_run_case+0x170/0x3f0 [ 41.528323] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.533792] kthread+0x328/0x630 [ 41.537004] ret_from_fork+0x10/0x20 [ 41.540562] [ 41.542038] The buggy address belongs to the object at ffff0008037171e0 [ 41.542038] which belongs to the cache kmalloc-16 of size 16 [ 41.554365] The buggy address is located 8 bytes inside of [ 41.554365] allocated 9-byte region [ffff0008037171e0, ffff0008037171e9) [ 41.566604] [ 41.568080] The buggy address belongs to the physical page: [ 41.573636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883717 [ 41.581623] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 41.588133] page_type: f5(slab) [ 41.591266] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 41.598989] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 41.606708] page dumped because: kasan: bad access detected [ 41.612263] [ 41.613738] Memory state around the buggy address: [ 41.618517] ffff000803717080: 00 05 fc fc 00 05 fc fc 00 00 fc fc 00 05 fc fc [ 41.625721] ffff000803717100: 00 05 fc fc 00 05 fc fc 00 05 fc fc 00 04 fc fc [ 41.632926] >ffff000803717180: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 01 fc fc [ 41.640127] ^ [ 41.646728] ffff000803717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 41.653932] ffff000803717280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 41.661134] ================================================================== [ 41.132712] ================================================================== [ 41.139789] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 41.147947] Write of size 8 at addr ffff0008037171e8 by task kunit_try_catch/308 [ 41.155325] [ 41.156806] CPU: 4 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT [ 41.156849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 41.156867] Hardware name: WinLink E850-96 board (DT) [ 41.156887] Call trace: [ 41.156898] show_stack+0x20/0x38 (C) [ 41.156930] dump_stack_lvl+0x8c/0xd0 [ 41.156964] print_report+0x118/0x608 [ 41.156993] kasan_report+0xdc/0x128 [ 41.157021] kasan_check_range+0x100/0x1a8 [ 41.157053] __kasan_check_write+0x20/0x30 [ 41.157084] kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 41.157117] kasan_bitops_generic+0x110/0x1c8 [ 41.157145] kunit_try_run_case+0x170/0x3f0 [ 41.157178] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.157216] kthread+0x328/0x630 [ 41.157247] ret_from_fork+0x10/0x20 [ 41.157277] [ 41.228501] Allocated by task 308: [ 41.231887] kasan_save_stack+0x3c/0x68 [ 41.235706] kasan_save_track+0x20/0x40 [ 41.239526] kasan_save_alloc_info+0x40/0x58 [ 41.243779] __kasan_kmalloc+0xd4/0xd8 [ 41.247511] __kmalloc_cache_noprof+0x16c/0x3c0 [ 41.252025] kasan_bitops_generic+0xa0/0x1c8 [ 41.256279] kunit_try_run_case+0x170/0x3f0 [ 41.260445] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 41.265914] kthread+0x328/0x630 [ 41.269126] ret_from_fork+0x10/0x20 [ 41.272685] [ 41.274160] The buggy address belongs to the object at ffff0008037171e0 [ 41.274160] which belongs to the cache kmalloc-16 of size 16 [ 41.286487] The buggy address is located 8 bytes inside of [ 41.286487] allocated 9-byte region [ffff0008037171e0, ffff0008037171e9) [ 41.298726] [ 41.300202] The buggy address belongs to the physical page: [ 41.305758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x883717 [ 41.313745] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 41.320253] page_type: f5(slab) [ 41.323388] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 41.331111] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 41.338829] page dumped because: kasan: bad access detected [ 41.344385] [ 41.345860] Memory state around the buggy address: [ 41.350640] ffff000803717080: 00 05 fc fc 00 05 fc fc 00 00 fc fc 00 05 fc fc [ 41.357843] ffff000803717100: 00 05 fc fc 00 05 fc fc 00 05 fc fc 00 04 fc fc [ 41.365048] >ffff000803717180: 00 04 fc fc 00 04 fc fc fa fb fc fc 00 01 fc fc [ 41.372249] ^ [ 41.378850] ffff000803717200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 41.386055] ffff000803717280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 41.393256] ==================================================================
[ 19.178598] ================================================================== [ 19.179139] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 19.179780] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.180386] [ 19.180575] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.180678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.180703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.180744] Call Trace: [ 19.180792] <TASK> [ 19.180833] dump_stack_lvl+0x73/0xb0 [ 19.180887] print_report+0xd1/0x650 [ 19.180915] ? __virt_addr_valid+0x1db/0x2d0 [ 19.180943] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 19.180969] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.181006] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 19.181045] kasan_report+0x141/0x180 [ 19.181086] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 19.181179] kasan_check_range+0x10c/0x1c0 [ 19.181232] __kasan_check_write+0x18/0x20 [ 19.181271] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 19.181337] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.181388] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.181432] ? trace_hardirqs_on+0x37/0xe0 [ 19.181483] ? kasan_bitops_generic+0x92/0x1c0 [ 19.181546] kasan_bitops_generic+0x116/0x1c0 [ 19.181592] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.181658] ? __pfx_read_tsc+0x10/0x10 [ 19.181700] ? ktime_get_ts64+0x86/0x230 [ 19.181762] kunit_try_run_case+0x1a5/0x480 [ 19.181817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.181865] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.181925] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.181991] ? __kthread_parkme+0x82/0x180 [ 19.182040] ? preempt_count_sub+0x50/0x80 [ 19.182098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.182192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.182261] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.182309] kthread+0x337/0x6f0 [ 19.182350] ? trace_preempt_on+0x20/0xc0 [ 19.182407] ? __pfx_kthread+0x10/0x10 [ 19.182453] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.182517] ? calculate_sigpending+0x7b/0xa0 [ 19.182560] ? __pfx_kthread+0x10/0x10 [ 19.182585] ret_from_fork+0x41/0x80 [ 19.182611] ? __pfx_kthread+0x10/0x10 [ 19.182631] ret_from_fork_asm+0x1a/0x30 [ 19.182668] </TASK> [ 19.182685] [ 19.194882] Allocated by task 282: [ 19.195261] kasan_save_stack+0x45/0x70 [ 19.195726] kasan_save_track+0x18/0x40 [ 19.195999] kasan_save_alloc_info+0x3b/0x50 [ 19.196427] __kasan_kmalloc+0xb7/0xc0 [ 19.196713] __kmalloc_cache_noprof+0x189/0x420 [ 19.196952] kasan_bitops_generic+0x92/0x1c0 [ 19.197228] kunit_try_run_case+0x1a5/0x480 [ 19.197633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.198084] kthread+0x337/0x6f0 [ 19.198395] ret_from_fork+0x41/0x80 [ 19.198703] ret_from_fork_asm+0x1a/0x30 [ 19.199099] [ 19.199313] The buggy address belongs to the object at ffff888101d9a440 [ 19.199313] which belongs to the cache kmalloc-16 of size 16 [ 19.199848] The buggy address is located 8 bytes inside of [ 19.199848] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.200796] [ 19.200993] The buggy address belongs to the physical page: [ 19.201354] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.201817] flags: 0x200000000000000(node=0|zone=2) [ 19.202320] page_type: f5(slab) [ 19.202643] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.203048] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.203558] page dumped because: kasan: bad access detected [ 19.203940] [ 19.204158] Memory state around the buggy address: [ 19.204472] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.206825] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.207331] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.207959] ^ [ 19.208820] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.209346] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.209962] ================================================================== [ 19.138517] ================================================================== [ 19.139174] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 19.140156] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.140522] [ 19.140781] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.140895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.140928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.140980] Call Trace: [ 19.141013] <TASK> [ 19.141056] dump_stack_lvl+0x73/0xb0 [ 19.141473] print_report+0xd1/0x650 [ 19.141506] ? __virt_addr_valid+0x1db/0x2d0 [ 19.141537] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 19.141562] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.141587] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 19.141613] kasan_report+0x141/0x180 [ 19.141638] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 19.141668] kasan_check_range+0x10c/0x1c0 [ 19.141691] __kasan_check_write+0x18/0x20 [ 19.141713] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 19.141737] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.141784] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.141812] ? trace_hardirqs_on+0x37/0xe0 [ 19.141837] ? kasan_bitops_generic+0x92/0x1c0 [ 19.141864] kasan_bitops_generic+0x116/0x1c0 [ 19.141886] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.141910] ? __pfx_read_tsc+0x10/0x10 [ 19.141934] ? ktime_get_ts64+0x86/0x230 [ 19.141963] kunit_try_run_case+0x1a5/0x480 [ 19.141992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.142014] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.142041] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.142066] ? __kthread_parkme+0x82/0x180 [ 19.142089] ? preempt_count_sub+0x50/0x80 [ 19.142143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.142172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.142197] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.142222] kthread+0x337/0x6f0 [ 19.142241] ? trace_preempt_on+0x20/0xc0 [ 19.142266] ? __pfx_kthread+0x10/0x10 [ 19.142286] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.142310] ? calculate_sigpending+0x7b/0xa0 [ 19.142335] ? __pfx_kthread+0x10/0x10 [ 19.142355] ret_from_fork+0x41/0x80 [ 19.142380] ? __pfx_kthread+0x10/0x10 [ 19.142400] ret_from_fork_asm+0x1a/0x30 [ 19.142436] </TASK> [ 19.142451] [ 19.162677] Allocated by task 282: [ 19.163097] kasan_save_stack+0x45/0x70 [ 19.163423] kasan_save_track+0x18/0x40 [ 19.163839] kasan_save_alloc_info+0x3b/0x50 [ 19.164321] __kasan_kmalloc+0xb7/0xc0 [ 19.164688] __kmalloc_cache_noprof+0x189/0x420 [ 19.165160] kasan_bitops_generic+0x92/0x1c0 [ 19.165545] kunit_try_run_case+0x1a5/0x480 [ 19.166039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.166561] kthread+0x337/0x6f0 [ 19.166821] ret_from_fork+0x41/0x80 [ 19.167164] ret_from_fork_asm+0x1a/0x30 [ 19.167469] [ 19.167677] The buggy address belongs to the object at ffff888101d9a440 [ 19.167677] which belongs to the cache kmalloc-16 of size 16 [ 19.168510] The buggy address is located 8 bytes inside of [ 19.168510] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.169642] [ 19.169937] The buggy address belongs to the physical page: [ 19.170491] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.170881] flags: 0x200000000000000(node=0|zone=2) [ 19.171189] page_type: f5(slab) [ 19.171421] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.172083] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.172431] page dumped because: kasan: bad access detected [ 19.172792] [ 19.172971] Memory state around the buggy address: [ 19.173443] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.173905] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.174411] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.174906] ^ [ 19.175355] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.175766] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.176256] ================================================================== [ 19.309732] ================================================================== [ 19.310169] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 19.310532] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.312296] [ 19.312568] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.312690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.312717] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.312772] Call Trace: [ 19.312812] <TASK> [ 19.312846] dump_stack_lvl+0x73/0xb0 [ 19.312914] print_report+0xd1/0x650 [ 19.312952] ? __virt_addr_valid+0x1db/0x2d0 [ 19.312990] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 19.313026] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.313063] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 19.313100] kasan_report+0x141/0x180 [ 19.313139] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 19.313237] kasan_check_range+0x10c/0x1c0 [ 19.313291] __kasan_check_write+0x18/0x20 [ 19.313338] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 19.313391] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.313440] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.313490] ? trace_hardirqs_on+0x37/0xe0 [ 19.313543] ? kasan_bitops_generic+0x92/0x1c0 [ 19.313598] kasan_bitops_generic+0x116/0x1c0 [ 19.313636] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.313662] ? __pfx_read_tsc+0x10/0x10 [ 19.313687] ? ktime_get_ts64+0x86/0x230 [ 19.313715] kunit_try_run_case+0x1a5/0x480 [ 19.313744] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.313799] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.313827] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.313853] ? __kthread_parkme+0x82/0x180 [ 19.313878] ? preempt_count_sub+0x50/0x80 [ 19.313905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.313931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.313956] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.313980] kthread+0x337/0x6f0 [ 19.313999] ? trace_preempt_on+0x20/0xc0 [ 19.314023] ? __pfx_kthread+0x10/0x10 [ 19.314043] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.314065] ? calculate_sigpending+0x7b/0xa0 [ 19.314089] ? __pfx_kthread+0x10/0x10 [ 19.314147] ret_from_fork+0x41/0x80 [ 19.314178] ? __pfx_kthread+0x10/0x10 [ 19.314199] ret_from_fork_asm+0x1a/0x30 [ 19.314236] </TASK> [ 19.314251] [ 19.328691] Allocated by task 282: [ 19.329058] kasan_save_stack+0x45/0x70 [ 19.329446] kasan_save_track+0x18/0x40 [ 19.329802] kasan_save_alloc_info+0x3b/0x50 [ 19.330314] __kasan_kmalloc+0xb7/0xc0 [ 19.330714] __kmalloc_cache_noprof+0x189/0x420 [ 19.331172] kasan_bitops_generic+0x92/0x1c0 [ 19.331678] kunit_try_run_case+0x1a5/0x480 [ 19.332162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.332616] kthread+0x337/0x6f0 [ 19.332920] ret_from_fork+0x41/0x80 [ 19.333237] ret_from_fork_asm+0x1a/0x30 [ 19.333566] [ 19.333816] The buggy address belongs to the object at ffff888101d9a440 [ 19.333816] which belongs to the cache kmalloc-16 of size 16 [ 19.334611] The buggy address is located 8 bytes inside of [ 19.334611] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.335322] [ 19.335596] The buggy address belongs to the physical page: [ 19.336085] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.336450] flags: 0x200000000000000(node=0|zone=2) [ 19.336875] page_type: f5(slab) [ 19.337226] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.337629] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.338299] page dumped because: kasan: bad access detected [ 19.338566] [ 19.338781] Memory state around the buggy address: [ 19.339135] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.339734] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.340076] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.340664] ^ [ 19.341074] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.341489] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.342031] ================================================================== [ 19.372816] ================================================================== [ 19.373542] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 19.374260] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.374856] [ 19.375083] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.375243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.375271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.375325] Call Trace: [ 19.375380] <TASK> [ 19.375426] dump_stack_lvl+0x73/0xb0 [ 19.375501] print_report+0xd1/0x650 [ 19.375561] ? __virt_addr_valid+0x1db/0x2d0 [ 19.375638] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 19.375690] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.375738] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 19.375800] kasan_report+0x141/0x180 [ 19.375860] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 19.375939] kasan_check_range+0x10c/0x1c0 [ 19.375984] __kasan_check_write+0x18/0x20 [ 19.376031] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 19.376084] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.376178] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.376226] ? trace_hardirqs_on+0x37/0xe0 [ 19.376277] ? kasan_bitops_generic+0x92/0x1c0 [ 19.376340] kasan_bitops_generic+0x116/0x1c0 [ 19.376406] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.376453] ? __pfx_read_tsc+0x10/0x10 [ 19.376496] ? ktime_get_ts64+0x86/0x230 [ 19.376553] kunit_try_run_case+0x1a5/0x480 [ 19.376615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.376677] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.376733] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.376793] ? __kthread_parkme+0x82/0x180 [ 19.376852] ? preempt_count_sub+0x50/0x80 [ 19.376926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.376982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.377036] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.377090] kthread+0x337/0x6f0 [ 19.377177] ? trace_preempt_on+0x20/0xc0 [ 19.377240] ? __pfx_kthread+0x10/0x10 [ 19.377299] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.377327] ? calculate_sigpending+0x7b/0xa0 [ 19.377354] ? __pfx_kthread+0x10/0x10 [ 19.377390] ret_from_fork+0x41/0x80 [ 19.377435] ? __pfx_kthread+0x10/0x10 [ 19.377467] ret_from_fork_asm+0x1a/0x30 [ 19.377529] </TASK> [ 19.377555] [ 19.388377] Allocated by task 282: [ 19.388773] kasan_save_stack+0x45/0x70 [ 19.389192] kasan_save_track+0x18/0x40 [ 19.389515] kasan_save_alloc_info+0x3b/0x50 [ 19.389809] __kasan_kmalloc+0xb7/0xc0 [ 19.390016] __kmalloc_cache_noprof+0x189/0x420 [ 19.390282] kasan_bitops_generic+0x92/0x1c0 [ 19.390672] kunit_try_run_case+0x1a5/0x480 [ 19.391078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.391541] kthread+0x337/0x6f0 [ 19.391888] ret_from_fork+0x41/0x80 [ 19.392277] ret_from_fork_asm+0x1a/0x30 [ 19.392577] [ 19.392710] The buggy address belongs to the object at ffff888101d9a440 [ 19.392710] which belongs to the cache kmalloc-16 of size 16 [ 19.393193] The buggy address is located 8 bytes inside of [ 19.393193] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.393621] [ 19.393763] The buggy address belongs to the physical page: [ 19.394248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.394897] flags: 0x200000000000000(node=0|zone=2) [ 19.395359] page_type: f5(slab) [ 19.395711] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.396357] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.396980] page dumped because: kasan: bad access detected [ 19.397461] [ 19.397671] Memory state around the buggy address: [ 19.397972] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.398427] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.398877] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.399365] ^ [ 19.399635] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.400161] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.400728] ================================================================== [ 19.243555] ================================================================== [ 19.244068] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 19.244728] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.246237] [ 19.246526] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.246639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.246669] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.246714] Call Trace: [ 19.246768] <TASK> [ 19.246814] dump_stack_lvl+0x73/0xb0 [ 19.246899] print_report+0xd1/0x650 [ 19.246956] ? __virt_addr_valid+0x1db/0x2d0 [ 19.247013] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 19.247066] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.247550] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 19.247646] kasan_report+0x141/0x180 [ 19.247692] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 19.247739] kasan_check_range+0x10c/0x1c0 [ 19.247789] __kasan_check_write+0x18/0x20 [ 19.247822] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 19.247858] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.247896] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.247932] ? trace_hardirqs_on+0x37/0xe0 [ 19.247968] ? kasan_bitops_generic+0x92/0x1c0 [ 19.248010] kasan_bitops_generic+0x116/0x1c0 [ 19.248047] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.248086] ? __pfx_read_tsc+0x10/0x10 [ 19.248124] ? ktime_get_ts64+0x86/0x230 [ 19.248170] kunit_try_run_case+0x1a5/0x480 [ 19.248207] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.248232] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.248260] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.248285] ? __kthread_parkme+0x82/0x180 [ 19.248309] ? preempt_count_sub+0x50/0x80 [ 19.248337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.248363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.248388] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.248412] kthread+0x337/0x6f0 [ 19.248431] ? trace_preempt_on+0x20/0xc0 [ 19.248455] ? __pfx_kthread+0x10/0x10 [ 19.248476] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.248498] ? calculate_sigpending+0x7b/0xa0 [ 19.248523] ? __pfx_kthread+0x10/0x10 [ 19.248543] ret_from_fork+0x41/0x80 [ 19.248566] ? __pfx_kthread+0x10/0x10 [ 19.248585] ret_from_fork_asm+0x1a/0x30 [ 19.248622] </TASK> [ 19.248637] [ 19.262894] Allocated by task 282: [ 19.263486] kasan_save_stack+0x45/0x70 [ 19.263945] kasan_save_track+0x18/0x40 [ 19.264413] kasan_save_alloc_info+0x3b/0x50 [ 19.264909] __kasan_kmalloc+0xb7/0xc0 [ 19.265293] __kmalloc_cache_noprof+0x189/0x420 [ 19.265529] kasan_bitops_generic+0x92/0x1c0 [ 19.265695] kunit_try_run_case+0x1a5/0x480 [ 19.265944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.266862] kthread+0x337/0x6f0 [ 19.267461] ret_from_fork+0x41/0x80 [ 19.267695] ret_from_fork_asm+0x1a/0x30 [ 19.267909] [ 19.268028] The buggy address belongs to the object at ffff888101d9a440 [ 19.268028] which belongs to the cache kmalloc-16 of size 16 [ 19.269449] The buggy address is located 8 bytes inside of [ 19.269449] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.270486] [ 19.270642] The buggy address belongs to the physical page: [ 19.271093] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.271914] flags: 0x200000000000000(node=0|zone=2) [ 19.272418] page_type: f5(slab) [ 19.272608] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.272930] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.274063] page dumped because: kasan: bad access detected [ 19.274384] [ 19.274504] Memory state around the buggy address: [ 19.274823] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.275643] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.276459] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.276825] ^ [ 19.277286] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.278234] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.278600] ================================================================== [ 19.343645] ================================================================== [ 19.344418] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 19.344957] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.345496] [ 19.345693] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.345840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.345867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.345920] Call Trace: [ 19.345971] <TASK> [ 19.346007] dump_stack_lvl+0x73/0xb0 [ 19.346066] print_report+0xd1/0x650 [ 19.346139] ? __virt_addr_valid+0x1db/0x2d0 [ 19.346191] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 19.346239] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.346290] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 19.346337] kasan_report+0x141/0x180 [ 19.346384] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 19.346448] kasan_check_range+0x10c/0x1c0 [ 19.346495] __kasan_check_write+0x18/0x20 [ 19.346543] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 19.346596] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.346652] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.346688] ? trace_hardirqs_on+0x37/0xe0 [ 19.346768] ? kasan_bitops_generic+0x92/0x1c0 [ 19.346811] kasan_bitops_generic+0x116/0x1c0 [ 19.346844] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.346879] ? __pfx_read_tsc+0x10/0x10 [ 19.346914] ? ktime_get_ts64+0x86/0x230 [ 19.346960] kunit_try_run_case+0x1a5/0x480 [ 19.347012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.347054] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.347141] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.347197] ? __kthread_parkme+0x82/0x180 [ 19.347249] ? preempt_count_sub+0x50/0x80 [ 19.347309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.347365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.347417] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.347468] kthread+0x337/0x6f0 [ 19.347509] ? trace_preempt_on+0x20/0xc0 [ 19.347562] ? __pfx_kthread+0x10/0x10 [ 19.347598] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.347650] ? calculate_sigpending+0x7b/0xa0 [ 19.347688] ? __pfx_kthread+0x10/0x10 [ 19.347711] ret_from_fork+0x41/0x80 [ 19.347735] ? __pfx_kthread+0x10/0x10 [ 19.347782] ret_from_fork_asm+0x1a/0x30 [ 19.347821] </TASK> [ 19.347837] [ 19.359367] Allocated by task 282: [ 19.359781] kasan_save_stack+0x45/0x70 [ 19.360156] kasan_save_track+0x18/0x40 [ 19.360370] kasan_save_alloc_info+0x3b/0x50 [ 19.360702] __kasan_kmalloc+0xb7/0xc0 [ 19.361071] __kmalloc_cache_noprof+0x189/0x420 [ 19.361505] kasan_bitops_generic+0x92/0x1c0 [ 19.361887] kunit_try_run_case+0x1a5/0x480 [ 19.362211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.362610] kthread+0x337/0x6f0 [ 19.362938] ret_from_fork+0x41/0x80 [ 19.363324] ret_from_fork_asm+0x1a/0x30 [ 19.363587] [ 19.363733] The buggy address belongs to the object at ffff888101d9a440 [ 19.363733] which belongs to the cache kmalloc-16 of size 16 [ 19.364231] The buggy address is located 8 bytes inside of [ 19.364231] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.364655] [ 19.364813] The buggy address belongs to the physical page: [ 19.365372] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.366064] flags: 0x200000000000000(node=0|zone=2) [ 19.366518] page_type: f5(slab) [ 19.366841] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.367488] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.368151] page dumped because: kasan: bad access detected [ 19.368503] [ 19.368711] Memory state around the buggy address: [ 19.369012] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.369525] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.369969] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.370417] ^ [ 19.370862] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.371314] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.371599] ================================================================== [ 19.211716] ================================================================== [ 19.212483] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 19.213304] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.213995] [ 19.214293] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.214408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.214438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.214482] Call Trace: [ 19.214532] <TASK> [ 19.214590] dump_stack_lvl+0x73/0xb0 [ 19.214664] print_report+0xd1/0x650 [ 19.214716] ? __virt_addr_valid+0x1db/0x2d0 [ 19.214775] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 19.214833] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.214902] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 19.214948] kasan_report+0x141/0x180 [ 19.214994] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 19.215054] kasan_check_range+0x10c/0x1c0 [ 19.215140] __kasan_check_write+0x18/0x20 [ 19.215205] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 19.215253] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.215291] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.215319] ? trace_hardirqs_on+0x37/0xe0 [ 19.215345] ? kasan_bitops_generic+0x92/0x1c0 [ 19.215372] kasan_bitops_generic+0x116/0x1c0 [ 19.215397] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.215435] ? __pfx_read_tsc+0x10/0x10 [ 19.215473] ? ktime_get_ts64+0x86/0x230 [ 19.215506] kunit_try_run_case+0x1a5/0x480 [ 19.215535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.215558] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.215585] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.215610] ? __kthread_parkme+0x82/0x180 [ 19.215654] ? preempt_count_sub+0x50/0x80 [ 19.215683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.215710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.215734] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.215782] kthread+0x337/0x6f0 [ 19.215805] ? trace_preempt_on+0x20/0xc0 [ 19.215829] ? __pfx_kthread+0x10/0x10 [ 19.215849] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.215872] ? calculate_sigpending+0x7b/0xa0 [ 19.215896] ? __pfx_kthread+0x10/0x10 [ 19.215917] ret_from_fork+0x41/0x80 [ 19.215940] ? __pfx_kthread+0x10/0x10 [ 19.215961] ret_from_fork_asm+0x1a/0x30 [ 19.215997] </TASK> [ 19.216012] [ 19.230573] Allocated by task 282: [ 19.230859] kasan_save_stack+0x45/0x70 [ 19.231294] kasan_save_track+0x18/0x40 [ 19.231562] kasan_save_alloc_info+0x3b/0x50 [ 19.231800] __kasan_kmalloc+0xb7/0xc0 [ 19.232136] __kmalloc_cache_noprof+0x189/0x420 [ 19.232529] kasan_bitops_generic+0x92/0x1c0 [ 19.232933] kunit_try_run_case+0x1a5/0x480 [ 19.233329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.233571] kthread+0x337/0x6f0 [ 19.233763] ret_from_fork+0x41/0x80 [ 19.233958] ret_from_fork_asm+0x1a/0x30 [ 19.234246] [ 19.234381] The buggy address belongs to the object at ffff888101d9a440 [ 19.234381] which belongs to the cache kmalloc-16 of size 16 [ 19.235088] The buggy address is located 8 bytes inside of [ 19.235088] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.235783] [ 19.235918] The buggy address belongs to the physical page: [ 19.236397] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.236844] flags: 0x200000000000000(node=0|zone=2) [ 19.237243] page_type: f5(slab) [ 19.237453] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.238021] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.238382] page dumped because: kasan: bad access detected [ 19.238769] [ 19.238950] Memory state around the buggy address: [ 19.239387] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.239788] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.240240] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.240760] ^ [ 19.241130] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.241531] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.241890] ================================================================== [ 19.280698] ================================================================== [ 19.281454] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 19.282132] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.282797] [ 19.282995] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.283083] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.283100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.283139] Call Trace: [ 19.283165] <TASK> [ 19.283191] dump_stack_lvl+0x73/0xb0 [ 19.283237] print_report+0xd1/0x650 [ 19.283263] ? __virt_addr_valid+0x1db/0x2d0 [ 19.283289] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 19.283314] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.283339] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 19.283363] kasan_report+0x141/0x180 [ 19.283388] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 19.283417] kasan_check_range+0x10c/0x1c0 [ 19.283440] __kasan_check_write+0x18/0x20 [ 19.283462] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 19.283486] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.283511] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.283535] ? trace_hardirqs_on+0x37/0xe0 [ 19.283561] ? kasan_bitops_generic+0x92/0x1c0 [ 19.283587] kasan_bitops_generic+0x116/0x1c0 [ 19.283609] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.283647] ? __pfx_read_tsc+0x10/0x10 [ 19.283673] ? ktime_get_ts64+0x86/0x230 [ 19.283701] kunit_try_run_case+0x1a5/0x480 [ 19.283730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.283765] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.283795] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.283820] ? __kthread_parkme+0x82/0x180 [ 19.283844] ? preempt_count_sub+0x50/0x80 [ 19.283872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.283897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.283922] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.283946] kthread+0x337/0x6f0 [ 19.283965] ? trace_preempt_on+0x20/0xc0 [ 19.283990] ? __pfx_kthread+0x10/0x10 [ 19.284010] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.284032] ? calculate_sigpending+0x7b/0xa0 [ 19.284056] ? __pfx_kthread+0x10/0x10 [ 19.284077] ret_from_fork+0x41/0x80 [ 19.284103] ? __pfx_kthread+0x10/0x10 [ 19.284140] ret_from_fork_asm+0x1a/0x30 [ 19.284196] </TASK> [ 19.284219] [ 19.296436] Allocated by task 282: [ 19.296852] kasan_save_stack+0x45/0x70 [ 19.297248] kasan_save_track+0x18/0x40 [ 19.297558] kasan_save_alloc_info+0x3b/0x50 [ 19.297778] __kasan_kmalloc+0xb7/0xc0 [ 19.298055] __kmalloc_cache_noprof+0x189/0x420 [ 19.298463] kasan_bitops_generic+0x92/0x1c0 [ 19.298840] kunit_try_run_case+0x1a5/0x480 [ 19.299085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.299365] kthread+0x337/0x6f0 [ 19.299551] ret_from_fork+0x41/0x80 [ 19.299906] ret_from_fork_asm+0x1a/0x30 [ 19.300291] [ 19.300491] The buggy address belongs to the object at ffff888101d9a440 [ 19.300491] which belongs to the cache kmalloc-16 of size 16 [ 19.301171] The buggy address is located 8 bytes inside of [ 19.301171] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.302031] [ 19.302233] The buggy address belongs to the physical page: [ 19.302577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.303151] flags: 0x200000000000000(node=0|zone=2) [ 19.303453] page_type: f5(slab) [ 19.303705] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.304177] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.304480] page dumped because: kasan: bad access detected [ 19.304776] [ 19.304957] Memory state around the buggy address: [ 19.305403] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.305953] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.306527] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.306817] ^ [ 19.307298] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.307722] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.308191] ==================================================================