Date
June 17, 2025, 3:40 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 24.746366] ================================================================== [ 24.746531] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 24.747219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.747750] kasan_report+0xdc/0x128 [ 24.749493] Allocated by task 263: [ 24.750284] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 24.751194] The buggy address belongs to the physical page: [ 24.753009] >fff00000c58ac280: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 24.755455] ==================================================================
[ 22.753681] ================================================================== [ 22.754657] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 22.755604] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 22.756896] [ 22.757609] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.757736] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.757776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.757999] Call Trace: [ 22.758062] <TASK> [ 22.758116] dump_stack_lvl+0x73/0xb0 [ 22.758194] print_report+0xd1/0x650 [ 22.758235] ? __virt_addr_valid+0x1db/0x2d0 [ 22.758271] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 22.758331] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.758370] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 22.758405] kasan_report+0x141/0x180 [ 22.758441] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 22.758485] kasan_check_range+0x10c/0x1c0 [ 22.758516] __kasan_check_write+0x18/0x20 [ 22.758547] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 22.758582] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.758617] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.758654] ? trace_hardirqs_on+0x37/0xe0 [ 22.758691] ? kasan_bitops_generic+0x92/0x1c0 [ 22.758727] kasan_bitops_generic+0x116/0x1c0 [ 22.758757] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.758790] ? __pfx_read_tsc+0x10/0x10 [ 22.758822] ? ktime_get_ts64+0x86/0x230 [ 22.758864] kunit_try_run_case+0x1a5/0x480 [ 22.758906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.758942] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.759017] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.759104] ? __kthread_parkme+0x82/0x180 [ 22.759157] ? preempt_count_sub+0x50/0x80 [ 22.759196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.759235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.759270] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.759329] kthread+0x337/0x6f0 [ 22.759359] ? trace_preempt_on+0x20/0xc0 [ 22.759394] ? __pfx_kthread+0x10/0x10 [ 22.759421] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.759453] ? calculate_sigpending+0x7b/0xa0 [ 22.759488] ? __pfx_kthread+0x10/0x10 [ 22.759516] ret_from_fork+0x41/0x80 [ 22.759550] ? __pfx_kthread+0x10/0x10 [ 22.759577] ret_from_fork_asm+0x1a/0x30 [ 22.759623] </TASK> [ 22.759640] [ 22.781822] Allocated by task 281: [ 22.782782] kasan_save_stack+0x45/0x70 [ 22.783546] kasan_save_track+0x18/0x40 [ 22.784206] kasan_save_alloc_info+0x3b/0x50 [ 22.785470] __kasan_kmalloc+0xb7/0xc0 [ 22.786594] __kmalloc_cache_noprof+0x189/0x420 [ 22.787184] kasan_bitops_generic+0x92/0x1c0 [ 22.787497] kunit_try_run_case+0x1a5/0x480 [ 22.787780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.788135] kthread+0x337/0x6f0 [ 22.791556] ret_from_fork+0x41/0x80 [ 22.791954] ret_from_fork_asm+0x1a/0x30 [ 22.792527] [ 22.792750] The buggy address belongs to the object at ffff8881026cd0c0 [ 22.792750] which belongs to the cache kmalloc-16 of size 16 [ 22.796139] The buggy address is located 8 bytes inside of [ 22.796139] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 22.796761] [ 22.796910] The buggy address belongs to the physical page: [ 22.797209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 22.797840] flags: 0x200000000000000(node=0|zone=2) [ 22.798209] page_type: f5(slab) [ 22.799358] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.800043] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.800725] page dumped because: kasan: bad access detected [ 22.801417] [ 22.801705] Memory state around the buggy address: [ 22.801979] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.802377] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.802750] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.803114] ^ [ 22.803564] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.804020] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.804498] ================================================================== [ 22.643899] ================================================================== [ 22.645527] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 22.647020] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 22.647614] [ 22.647891] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.647988] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.648008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.648049] Call Trace: [ 22.648359] <TASK> [ 22.648418] dump_stack_lvl+0x73/0xb0 [ 22.648503] print_report+0xd1/0x650 [ 22.648579] ? __virt_addr_valid+0x1db/0x2d0 [ 22.648625] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 22.648660] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.648697] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 22.648730] kasan_report+0x141/0x180 [ 22.648766] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 22.648807] kasan_check_range+0x10c/0x1c0 [ 22.648837] __kasan_check_write+0x18/0x20 [ 22.648866] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 22.648898] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.648930] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.649025] ? trace_hardirqs_on+0x37/0xe0 [ 22.649110] ? kasan_bitops_generic+0x92/0x1c0 [ 22.649179] kasan_bitops_generic+0x116/0x1c0 [ 22.649214] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.649250] ? __pfx_read_tsc+0x10/0x10 [ 22.649282] ? ktime_get_ts64+0x86/0x230 [ 22.649353] kunit_try_run_case+0x1a5/0x480 [ 22.649393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.649427] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.649465] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.649501] ? __kthread_parkme+0x82/0x180 [ 22.649534] ? preempt_count_sub+0x50/0x80 [ 22.649569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.649604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.649637] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.649670] kthread+0x337/0x6f0 [ 22.649695] ? trace_preempt_on+0x20/0xc0 [ 22.649727] ? __pfx_kthread+0x10/0x10 [ 22.649753] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.649782] ? calculate_sigpending+0x7b/0xa0 [ 22.649814] ? __pfx_kthread+0x10/0x10 [ 22.649843] ret_from_fork+0x41/0x80 [ 22.649875] ? __pfx_kthread+0x10/0x10 [ 22.649901] ret_from_fork_asm+0x1a/0x30 [ 22.649945] </TASK> [ 22.649980] [ 22.675541] Allocated by task 281: [ 22.676090] kasan_save_stack+0x45/0x70 [ 22.676602] kasan_save_track+0x18/0x40 [ 22.677409] kasan_save_alloc_info+0x3b/0x50 [ 22.677753] __kasan_kmalloc+0xb7/0xc0 [ 22.678691] __kmalloc_cache_noprof+0x189/0x420 [ 22.679038] kasan_bitops_generic+0x92/0x1c0 [ 22.679734] kunit_try_run_case+0x1a5/0x480 [ 22.680703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.681243] kthread+0x337/0x6f0 [ 22.681963] ret_from_fork+0x41/0x80 [ 22.682627] ret_from_fork_asm+0x1a/0x30 [ 22.683015] [ 22.683222] The buggy address belongs to the object at ffff8881026cd0c0 [ 22.683222] which belongs to the cache kmalloc-16 of size 16 [ 22.684135] The buggy address is located 8 bytes inside of [ 22.684135] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 22.686064] [ 22.686286] The buggy address belongs to the physical page: [ 22.686758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 22.688253] flags: 0x200000000000000(node=0|zone=2) [ 22.688626] page_type: f5(slab) [ 22.689394] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.690235] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.690969] page dumped because: kasan: bad access detected [ 22.692185] [ 22.692369] Memory state around the buggy address: [ 22.692686] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.693666] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.694540] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.695664] ^ [ 22.696038] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.696703] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.697732] ================================================================== [ 22.860507] ================================================================== [ 22.861276] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 22.862796] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 22.863939] [ 22.864593] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.864730] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.864810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.864848] Call Trace: [ 22.864881] <TASK> [ 22.864929] dump_stack_lvl+0x73/0xb0 [ 22.865016] print_report+0xd1/0x650 [ 22.865097] ? __virt_addr_valid+0x1db/0x2d0 [ 22.865138] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 22.865172] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.865208] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 22.865241] kasan_report+0x141/0x180 [ 22.865275] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 22.865368] kasan_check_range+0x10c/0x1c0 [ 22.865441] __kasan_check_write+0x18/0x20 [ 22.865501] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 22.865537] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.865573] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.865607] ? trace_hardirqs_on+0x37/0xe0 [ 22.865644] ? kasan_bitops_generic+0x92/0x1c0 [ 22.865680] kasan_bitops_generic+0x116/0x1c0 [ 22.865711] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.865744] ? __pfx_read_tsc+0x10/0x10 [ 22.865776] ? ktime_get_ts64+0x86/0x230 [ 22.865816] kunit_try_run_case+0x1a5/0x480 [ 22.865854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.865888] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.865926] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.866082] ? __kthread_parkme+0x82/0x180 [ 22.866131] ? preempt_count_sub+0x50/0x80 [ 22.866171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.866208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.866244] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.866283] kthread+0x337/0x6f0 [ 22.866336] ? trace_preempt_on+0x20/0xc0 [ 22.866375] ? __pfx_kthread+0x10/0x10 [ 22.866401] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.866436] ? calculate_sigpending+0x7b/0xa0 [ 22.866470] ? __pfx_kthread+0x10/0x10 [ 22.866497] ret_from_fork+0x41/0x80 [ 22.866531] ? __pfx_kthread+0x10/0x10 [ 22.866559] ret_from_fork_asm+0x1a/0x30 [ 22.866604] </TASK> [ 22.866619] [ 22.890869] Allocated by task 281: [ 22.891838] kasan_save_stack+0x45/0x70 [ 22.892821] kasan_save_track+0x18/0x40 [ 22.893476] kasan_save_alloc_info+0x3b/0x50 [ 22.894027] __kasan_kmalloc+0xb7/0xc0 [ 22.894721] __kmalloc_cache_noprof+0x189/0x420 [ 22.895440] kasan_bitops_generic+0x92/0x1c0 [ 22.895789] kunit_try_run_case+0x1a5/0x480 [ 22.896487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.897420] kthread+0x337/0x6f0 [ 22.897857] ret_from_fork+0x41/0x80 [ 22.898481] ret_from_fork_asm+0x1a/0x30 [ 22.899077] [ 22.899281] The buggy address belongs to the object at ffff8881026cd0c0 [ 22.899281] which belongs to the cache kmalloc-16 of size 16 [ 22.900568] The buggy address is located 8 bytes inside of [ 22.900568] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 22.901621] [ 22.901856] The buggy address belongs to the physical page: [ 22.903248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 22.903950] flags: 0x200000000000000(node=0|zone=2) [ 22.904509] page_type: f5(slab) [ 22.904833] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.905799] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.906762] page dumped because: kasan: bad access detected [ 22.907177] [ 22.907396] Memory state around the buggy address: [ 22.907841] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.908544] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.909198] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.909755] ^ [ 22.910311] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.910936] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.911493] ================================================================== [ 22.590701] ================================================================== [ 22.591840] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 22.593801] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 22.595269] [ 22.595575] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.595764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.595810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.595872] Call Trace: [ 22.595931] <TASK> [ 22.595985] dump_stack_lvl+0x73/0xb0 [ 22.596082] print_report+0xd1/0x650 [ 22.596271] ? __virt_addr_valid+0x1db/0x2d0 [ 22.596346] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 22.596384] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.596418] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 22.596452] kasan_report+0x141/0x180 [ 22.596486] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 22.596524] kasan_check_range+0x10c/0x1c0 [ 22.596555] __kasan_check_write+0x18/0x20 [ 22.596585] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 22.596619] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.596654] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.596686] ? trace_hardirqs_on+0x37/0xe0 [ 22.596723] ? kasan_bitops_generic+0x92/0x1c0 [ 22.596759] kasan_bitops_generic+0x116/0x1c0 [ 22.596787] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.596820] ? __pfx_read_tsc+0x10/0x10 [ 22.596851] ? ktime_get_ts64+0x86/0x230 [ 22.596891] kunit_try_run_case+0x1a5/0x480 [ 22.596929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.597074] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.597123] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.597161] ? __kthread_parkme+0x82/0x180 [ 22.597197] ? preempt_count_sub+0x50/0x80 [ 22.597235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.597273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.597335] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.597373] kthread+0x337/0x6f0 [ 22.597401] ? trace_preempt_on+0x20/0xc0 [ 22.597436] ? __pfx_kthread+0x10/0x10 [ 22.597462] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.597495] ? calculate_sigpending+0x7b/0xa0 [ 22.597528] ? __pfx_kthread+0x10/0x10 [ 22.597555] ret_from_fork+0x41/0x80 [ 22.597589] ? __pfx_kthread+0x10/0x10 [ 22.597616] ret_from_fork_asm+0x1a/0x30 [ 22.597662] </TASK> [ 22.597678] [ 22.619137] Allocated by task 281: [ 22.619613] kasan_save_stack+0x45/0x70 [ 22.619969] kasan_save_track+0x18/0x40 [ 22.620278] kasan_save_alloc_info+0x3b/0x50 [ 22.621931] __kasan_kmalloc+0xb7/0xc0 [ 22.623228] __kmalloc_cache_noprof+0x189/0x420 [ 22.623668] kasan_bitops_generic+0x92/0x1c0 [ 22.624020] kunit_try_run_case+0x1a5/0x480 [ 22.624839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.625488] kthread+0x337/0x6f0 [ 22.625928] ret_from_fork+0x41/0x80 [ 22.626427] ret_from_fork_asm+0x1a/0x30 [ 22.626907] [ 22.627335] The buggy address belongs to the object at ffff8881026cd0c0 [ 22.627335] which belongs to the cache kmalloc-16 of size 16 [ 22.628388] The buggy address is located 8 bytes inside of [ 22.628388] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 22.629430] [ 22.630175] The buggy address belongs to the physical page: [ 22.630614] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 22.632092] flags: 0x200000000000000(node=0|zone=2) [ 22.632541] page_type: f5(slab) [ 22.633235] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.634509] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.635570] page dumped because: kasan: bad access detected [ 22.635998] [ 22.636237] Memory state around the buggy address: [ 22.636623] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.638417] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.639271] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.639860] ^ [ 22.640765] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.641517] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.642757] ================================================================== [ 22.967233] ================================================================== [ 22.968475] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 22.969497] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 22.970326] [ 22.970594] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.970944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.971087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.971146] Call Trace: [ 22.971197] <TASK> [ 22.971285] dump_stack_lvl+0x73/0xb0 [ 22.971422] print_report+0xd1/0x650 [ 22.971500] ? __virt_addr_valid+0x1db/0x2d0 [ 22.971577] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 22.971676] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.971782] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 22.971852] kasan_report+0x141/0x180 [ 22.971914] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 22.971972] kasan_check_range+0x10c/0x1c0 [ 22.972097] __kasan_check_write+0x18/0x20 [ 22.972169] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 22.972237] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.972329] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.972403] ? trace_hardirqs_on+0x37/0xe0 [ 22.972450] ? kasan_bitops_generic+0x92/0x1c0 [ 22.972488] kasan_bitops_generic+0x116/0x1c0 [ 22.972519] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.972554] ? __pfx_read_tsc+0x10/0x10 [ 22.972587] ? ktime_get_ts64+0x86/0x230 [ 22.972627] kunit_try_run_case+0x1a5/0x480 [ 22.972666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.972702] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.972739] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.972776] ? __kthread_parkme+0x82/0x180 [ 22.972812] ? preempt_count_sub+0x50/0x80 [ 22.972850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.972886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.972922] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.972957] kthread+0x337/0x6f0 [ 22.972982] ? trace_preempt_on+0x20/0xc0 [ 22.973017] ? __pfx_kthread+0x10/0x10 [ 22.973044] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.973077] ? calculate_sigpending+0x7b/0xa0 [ 22.973111] ? __pfx_kthread+0x10/0x10 [ 22.973138] ret_from_fork+0x41/0x80 [ 22.973172] ? __pfx_kthread+0x10/0x10 [ 22.973200] ret_from_fork_asm+0x1a/0x30 [ 22.973246] </TASK> [ 22.973263] [ 22.996603] Allocated by task 281: [ 22.996992] kasan_save_stack+0x45/0x70 [ 22.998433] kasan_save_track+0x18/0x40 [ 22.998814] kasan_save_alloc_info+0x3b/0x50 [ 22.999514] __kasan_kmalloc+0xb7/0xc0 [ 23.000362] __kmalloc_cache_noprof+0x189/0x420 [ 23.000743] kasan_bitops_generic+0x92/0x1c0 [ 23.001666] kunit_try_run_case+0x1a5/0x480 [ 23.002226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.002591] kthread+0x337/0x6f0 [ 23.002972] ret_from_fork+0x41/0x80 [ 23.003423] ret_from_fork_asm+0x1a/0x30 [ 23.003829] [ 23.004167] The buggy address belongs to the object at ffff8881026cd0c0 [ 23.004167] which belongs to the cache kmalloc-16 of size 16 [ 23.005340] The buggy address is located 8 bytes inside of [ 23.005340] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 23.007095] [ 23.007771] The buggy address belongs to the physical page: [ 23.008382] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 23.009537] flags: 0x200000000000000(node=0|zone=2) [ 23.009911] page_type: f5(slab) [ 23.011023] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.012227] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.012954] page dumped because: kasan: bad access detected [ 23.013927] [ 23.014178] Memory state around the buggy address: [ 23.014610] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.015699] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.016461] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 23.017544] ^ [ 23.017982] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.019053] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.020441] ================================================================== [ 22.913249] ================================================================== [ 22.913735] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 22.914727] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 22.915382] [ 22.916466] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.916600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.916645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.916701] Call Trace: [ 22.916752] <TASK> [ 22.916807] dump_stack_lvl+0x73/0xb0 [ 22.916894] print_report+0xd1/0x650 [ 22.917171] ? __virt_addr_valid+0x1db/0x2d0 [ 22.917254] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 22.917355] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.917440] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 22.917518] kasan_report+0x141/0x180 [ 22.917595] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 22.917686] kasan_check_range+0x10c/0x1c0 [ 22.917763] __kasan_check_write+0x18/0x20 [ 22.917833] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 22.917907] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.918103] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.918186] ? trace_hardirqs_on+0x37/0xe0 [ 22.918260] ? kasan_bitops_generic+0x92/0x1c0 [ 22.918365] kasan_bitops_generic+0x116/0x1c0 [ 22.918422] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.918459] ? __pfx_read_tsc+0x10/0x10 [ 22.918493] ? ktime_get_ts64+0x86/0x230 [ 22.918531] kunit_try_run_case+0x1a5/0x480 [ 22.918572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.918606] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.918646] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.918680] ? __kthread_parkme+0x82/0x180 [ 22.918713] ? preempt_count_sub+0x50/0x80 [ 22.918751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.918786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.918820] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.918856] kthread+0x337/0x6f0 [ 22.918880] ? trace_preempt_on+0x20/0xc0 [ 22.918915] ? __pfx_kthread+0x10/0x10 [ 22.918941] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.919027] ? calculate_sigpending+0x7b/0xa0 [ 22.919110] ? __pfx_kthread+0x10/0x10 [ 22.919204] ret_from_fork+0x41/0x80 [ 22.919248] ? __pfx_kthread+0x10/0x10 [ 22.919279] ret_from_fork_asm+0x1a/0x30 [ 22.919354] </TASK> [ 22.919373] [ 22.944119] Allocated by task 281: [ 22.944500] kasan_save_stack+0x45/0x70 [ 22.944882] kasan_save_track+0x18/0x40 [ 22.945235] kasan_save_alloc_info+0x3b/0x50 [ 22.946142] __kasan_kmalloc+0xb7/0xc0 [ 22.946551] __kmalloc_cache_noprof+0x189/0x420 [ 22.947445] kasan_bitops_generic+0x92/0x1c0 [ 22.948202] kunit_try_run_case+0x1a5/0x480 [ 22.948641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.949347] kthread+0x337/0x6f0 [ 22.949806] ret_from_fork+0x41/0x80 [ 22.950467] ret_from_fork_asm+0x1a/0x30 [ 22.950928] [ 22.951629] The buggy address belongs to the object at ffff8881026cd0c0 [ 22.951629] which belongs to the cache kmalloc-16 of size 16 [ 22.952832] The buggy address is located 8 bytes inside of [ 22.952832] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 22.954258] [ 22.954474] The buggy address belongs to the physical page: [ 22.955366] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 22.956498] flags: 0x200000000000000(node=0|zone=2) [ 22.957272] page_type: f5(slab) [ 22.957737] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.958598] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.959564] page dumped because: kasan: bad access detected [ 22.960278] [ 22.960667] Memory state around the buggy address: [ 22.961263] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.961930] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.962736] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.963433] ^ [ 22.963933] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.965218] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.965874] ================================================================== [ 22.699602] ================================================================== [ 22.700560] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 22.701238] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 22.701829] [ 22.702112] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.702245] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.703064] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.703155] Call Trace: [ 22.703209] <TASK> [ 22.703257] dump_stack_lvl+0x73/0xb0 [ 22.703360] print_report+0xd1/0x650 [ 22.703435] ? __virt_addr_valid+0x1db/0x2d0 [ 22.703511] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 22.703556] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.703592] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 22.703629] kasan_report+0x141/0x180 [ 22.703665] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 22.703706] kasan_check_range+0x10c/0x1c0 [ 22.703736] __kasan_check_write+0x18/0x20 [ 22.703767] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 22.703802] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.703840] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.703894] ? trace_hardirqs_on+0x37/0xe0 [ 22.703935] ? kasan_bitops_generic+0x92/0x1c0 [ 22.704023] kasan_bitops_generic+0x116/0x1c0 [ 22.704104] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.704193] ? __pfx_read_tsc+0x10/0x10 [ 22.704230] ? ktime_get_ts64+0x86/0x230 [ 22.704269] kunit_try_run_case+0x1a5/0x480 [ 22.704340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.704375] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.704413] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.704451] ? __kthread_parkme+0x82/0x180 [ 22.704485] ? preempt_count_sub+0x50/0x80 [ 22.704522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.704559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.704595] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.704630] kthread+0x337/0x6f0 [ 22.704656] ? trace_preempt_on+0x20/0xc0 [ 22.704691] ? __pfx_kthread+0x10/0x10 [ 22.704719] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.704751] ? calculate_sigpending+0x7b/0xa0 [ 22.704786] ? __pfx_kthread+0x10/0x10 [ 22.704812] ret_from_fork+0x41/0x80 [ 22.704846] ? __pfx_kthread+0x10/0x10 [ 22.704873] ret_from_fork_asm+0x1a/0x30 [ 22.704918] </TASK> [ 22.704934] [ 22.728128] Allocated by task 281: [ 22.728437] kasan_save_stack+0x45/0x70 [ 22.729038] kasan_save_track+0x18/0x40 [ 22.729691] kasan_save_alloc_info+0x3b/0x50 [ 22.730062] __kasan_kmalloc+0xb7/0xc0 [ 22.730496] __kmalloc_cache_noprof+0x189/0x420 [ 22.730882] kasan_bitops_generic+0x92/0x1c0 [ 22.731275] kunit_try_run_case+0x1a5/0x480 [ 22.732994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.733460] kthread+0x337/0x6f0 [ 22.734279] ret_from_fork+0x41/0x80 [ 22.735039] ret_from_fork_asm+0x1a/0x30 [ 22.735812] [ 22.736209] The buggy address belongs to the object at ffff8881026cd0c0 [ 22.736209] which belongs to the cache kmalloc-16 of size 16 [ 22.738528] The buggy address is located 8 bytes inside of [ 22.738528] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 22.740118] [ 22.740434] The buggy address belongs to the physical page: [ 22.740792] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 22.741719] flags: 0x200000000000000(node=0|zone=2) [ 22.742667] page_type: f5(slab) [ 22.743460] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.744283] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.745410] page dumped because: kasan: bad access detected [ 22.745914] [ 22.746645] Memory state around the buggy address: [ 22.747016] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.747714] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.748563] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.749658] ^ [ 22.750082] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.750830] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.751829] ================================================================== [ 22.805539] ================================================================== [ 22.806136] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 22.806954] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 22.809038] [ 22.809411] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.809543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.809583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.809642] Call Trace: [ 22.809696] <TASK> [ 22.809747] dump_stack_lvl+0x73/0xb0 [ 22.809833] print_report+0xd1/0x650 [ 22.809918] ? __virt_addr_valid+0x1db/0x2d0 [ 22.810050] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 22.810131] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.810211] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 22.810284] kasan_report+0x141/0x180 [ 22.810380] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 22.810474] kasan_check_range+0x10c/0x1c0 [ 22.810543] __kasan_check_write+0x18/0x20 [ 22.810612] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 22.810686] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.810761] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.810832] ? trace_hardirqs_on+0x37/0xe0 [ 22.810902] ? kasan_bitops_generic+0x92/0x1c0 [ 22.810979] kasan_bitops_generic+0x116/0x1c0 [ 22.811045] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.811120] ? __pfx_read_tsc+0x10/0x10 [ 22.811188] ? ktime_get_ts64+0x86/0x230 [ 22.811269] kunit_try_run_case+0x1a5/0x480 [ 22.811686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.811763] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.811900] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.811987] ? __kthread_parkme+0x82/0x180 [ 22.812068] ? preempt_count_sub+0x50/0x80 [ 22.812150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.812232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.812320] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.812399] kthread+0x337/0x6f0 [ 22.812467] ? trace_preempt_on+0x20/0xc0 [ 22.812542] ? __pfx_kthread+0x10/0x10 [ 22.812608] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.812837] ? calculate_sigpending+0x7b/0xa0 [ 22.812913] ? __pfx_kthread+0x10/0x10 [ 22.813084] ret_from_fork+0x41/0x80 [ 22.813168] ? __pfx_kthread+0x10/0x10 [ 22.813233] ret_from_fork_asm+0x1a/0x30 [ 22.813363] </TASK> [ 22.813404] [ 22.838073] Allocated by task 281: [ 22.838372] kasan_save_stack+0x45/0x70 [ 22.838834] kasan_save_track+0x18/0x40 [ 22.839252] kasan_save_alloc_info+0x3b/0x50 [ 22.840325] __kasan_kmalloc+0xb7/0xc0 [ 22.840884] __kmalloc_cache_noprof+0x189/0x420 [ 22.841525] kasan_bitops_generic+0x92/0x1c0 [ 22.842107] kunit_try_run_case+0x1a5/0x480 [ 22.843004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.843592] kthread+0x337/0x6f0 [ 22.843955] ret_from_fork+0x41/0x80 [ 22.844827] ret_from_fork_asm+0x1a/0x30 [ 22.845355] [ 22.845529] The buggy address belongs to the object at ffff8881026cd0c0 [ 22.845529] which belongs to the cache kmalloc-16 of size 16 [ 22.847586] The buggy address is located 8 bytes inside of [ 22.847586] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 22.848947] [ 22.849474] The buggy address belongs to the physical page: [ 22.849900] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 22.850838] flags: 0x200000000000000(node=0|zone=2) [ 22.851316] page_type: f5(slab) [ 22.851692] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.853196] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.853680] page dumped because: kasan: bad access detected [ 22.854173] [ 22.854417] Memory state around the buggy address: [ 22.854837] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.855825] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.856934] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.857517] ^ [ 22.857730] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.858281] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.859236] ==================================================================