Date
June 26, 2025, 11:12 a.m.
| Environment | |
|---|---|
| e850-96 | |
| qemu-x86_64 |
[ 44.312617] ================================================================== [ 44.319672] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 44.328612] Read of size 8 at addr ffff000802e0b448 by task kunit_try_catch/310 [ 44.335903] [ 44.337386] CPU: 7 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT [ 44.337434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 44.337451] Hardware name: WinLink E850-96 board (DT) [ 44.337470] Call trace: [ 44.337484] show_stack+0x20/0x38 (C) [ 44.337515] dump_stack_lvl+0x8c/0xd0 [ 44.337550] print_report+0x118/0x608 [ 44.337579] kasan_report+0xdc/0x128 [ 44.337611] __asan_report_load8_noabort+0x20/0x30 [ 44.337645] kasan_bitops_test_and_modify.constprop.0+0xa00/0xbc0 [ 44.337680] kasan_bitops_generic+0x11c/0x1c8 [ 44.337708] kunit_try_run_case+0x170/0x3f0 [ 44.337743] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 44.337783] kthread+0x328/0x630 [ 44.337816] ret_from_fork+0x10/0x20 [ 44.337849] [ 44.406474] Allocated by task 310: [ 44.409860] kasan_save_stack+0x3c/0x68 [ 44.413680] kasan_save_track+0x20/0x40 [ 44.417499] kasan_save_alloc_info+0x40/0x58 [ 44.421753] __kasan_kmalloc+0xd4/0xd8 [ 44.425485] __kmalloc_cache_noprof+0x16c/0x3c0 [ 44.429999] kasan_bitops_generic+0xa0/0x1c8 [ 44.434252] kunit_try_run_case+0x170/0x3f0 [ 44.438418] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 44.443888] kthread+0x328/0x630 [ 44.447099] ret_from_fork+0x10/0x20 [ 44.450658] [ 44.452133] The buggy address belongs to the object at ffff000802e0b440 [ 44.452133] which belongs to the cache kmalloc-16 of size 16 [ 44.464462] The buggy address is located 8 bytes inside of [ 44.464462] allocated 9-byte region [ffff000802e0b440, ffff000802e0b449) [ 44.476699] [ 44.478175] The buggy address belongs to the physical page: [ 44.483734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x882e0b [ 44.491719] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 44.498227] page_type: f5(slab) [ 44.501360] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 44.509084] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 44.516803] page dumped because: kasan: bad access detected [ 44.522358] [ 44.523834] Memory state around the buggy address: [ 44.528613] ffff000802e0b300: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 44.535817] ffff000802e0b380: fa fb fc fc 00 00 fc fc 00 07 fc fc 00 07 fc fc [ 44.543022] >ffff000802e0b400: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 44.550223] ^ [ 44.555782] ffff000802e0b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 44.562987] ffff000802e0b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 44.570188] ================================================================== [ 45.644207] ================================================================== [ 45.651249] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x334/0xbc0 [ 45.660189] Write of size 8 at addr ffff000802e0b448 by task kunit_try_catch/310 [ 45.667567] [ 45.669050] CPU: 7 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT [ 45.669098] Tainted: [B]=BAD_PAGE, [N]=TEST [ 45.669112] Hardware name: WinLink E850-96 board (DT) [ 45.669131] Call trace: [ 45.669144] show_stack+0x20/0x38 (C) [ 45.669174] dump_stack_lvl+0x8c/0xd0 [ 45.669206] print_report+0x118/0x608 [ 45.669236] kasan_report+0xdc/0x128 [ 45.669266] kasan_check_range+0x100/0x1a8 [ 45.669300] __kasan_check_write+0x20/0x30 [ 45.669331] kasan_bitops_test_and_modify.constprop.0+0x334/0xbc0 [ 45.669367] kasan_bitops_generic+0x11c/0x1c8 [ 45.669396] kunit_try_run_case+0x170/0x3f0 [ 45.669430] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 45.669470] kthread+0x328/0x630 [ 45.669505] ret_from_fork+0x10/0x20 [ 45.669539] [ 45.741524] Allocated by task 310: [ 45.744910] kasan_save_stack+0x3c/0x68 [ 45.748729] kasan_save_track+0x20/0x40 [ 45.752548] kasan_save_alloc_info+0x40/0x58 [ 45.756802] __kasan_kmalloc+0xd4/0xd8 [ 45.760534] __kmalloc_cache_noprof+0x16c/0x3c0 [ 45.765048] kasan_bitops_generic+0xa0/0x1c8 [ 45.769302] kunit_try_run_case+0x170/0x3f0 [ 45.773468] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 45.778937] kthread+0x328/0x630 [ 45.782149] ret_from_fork+0x10/0x20 [ 45.785708] [ 45.787183] The buggy address belongs to the object at ffff000802e0b440 [ 45.787183] which belongs to the cache kmalloc-16 of size 16 [ 45.799510] The buggy address is located 8 bytes inside of [ 45.799510] allocated 9-byte region [ffff000802e0b440, ffff000802e0b449) [ 45.811749] [ 45.813225] The buggy address belongs to the physical page: [ 45.818781] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x882e0b [ 45.826766] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 45.833276] page_type: f5(slab) [ 45.836412] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 45.844134] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 45.851852] page dumped because: kasan: bad access detected [ 45.857408] [ 45.858883] Memory state around the buggy address: [ 45.863662] ffff000802e0b300: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 45.870867] ffff000802e0b380: fa fb fc fc 00 00 fc fc 00 07 fc fc 00 07 fc fc [ 45.878071] >ffff000802e0b400: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 45.885272] ^ [ 45.890832] ffff000802e0b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 45.898036] ffff000802e0b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 45.905237] ================================================================== [ 45.110861] ================================================================== [ 45.117924] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0 [ 45.126864] Write of size 8 at addr ffff000802e0b448 by task kunit_try_catch/310 [ 45.134242] [ 45.135725] CPU: 7 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT [ 45.135773] Tainted: [B]=BAD_PAGE, [N]=TEST [ 45.135789] Hardware name: WinLink E850-96 board (DT) [ 45.135811] Call trace: [ 45.135823] show_stack+0x20/0x38 (C) [ 45.135857] dump_stack_lvl+0x8c/0xd0 [ 45.135891] print_report+0x118/0x608 [ 45.135922] kasan_report+0xdc/0x128 [ 45.135952] kasan_check_range+0x100/0x1a8 [ 45.135985] __kasan_check_write+0x20/0x30 [ 45.136018] kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0 [ 45.136055] kasan_bitops_generic+0x11c/0x1c8 [ 45.136084] kunit_try_run_case+0x170/0x3f0 [ 45.136119] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 45.136158] kthread+0x328/0x630 [ 45.136190] ret_from_fork+0x10/0x20 [ 45.136223] [ 45.208199] Allocated by task 310: [ 45.211584] kasan_save_stack+0x3c/0x68 [ 45.215403] kasan_save_track+0x20/0x40 [ 45.219223] kasan_save_alloc_info+0x40/0x58 [ 45.223476] __kasan_kmalloc+0xd4/0xd8 [ 45.227209] __kmalloc_cache_noprof+0x16c/0x3c0 [ 45.231723] kasan_bitops_generic+0xa0/0x1c8 [ 45.235976] kunit_try_run_case+0x170/0x3f0 [ 45.240143] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 45.245612] kthread+0x328/0x630 [ 45.248823] ret_from_fork+0x10/0x20 [ 45.252382] [ 45.253858] The buggy address belongs to the object at ffff000802e0b440 [ 45.253858] which belongs to the cache kmalloc-16 of size 16 [ 45.266184] The buggy address is located 8 bytes inside of [ 45.266184] allocated 9-byte region [ffff000802e0b440, ffff000802e0b449) [ 45.278423] [ 45.279900] The buggy address belongs to the physical page: [ 45.285456] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x882e0b [ 45.293441] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 45.299951] page_type: f5(slab) [ 45.303086] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 45.310808] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 45.318527] page dumped because: kasan: bad access detected [ 45.324082] [ 45.325558] Memory state around the buggy address: [ 45.330337] ffff000802e0b300: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 45.337541] ffff000802e0b380: fa fb fc fc 00 00 fc fc 00 07 fc fc 00 07 fc fc [ 45.344746] >ffff000802e0b400: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 45.351947] ^ [ 45.357506] ffff000802e0b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 45.364711] ffff000802e0b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 45.371912] ================================================================== [ 44.577562] ================================================================== [ 44.584600] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc0 [ 44.593538] Write of size 8 at addr ffff000802e0b448 by task kunit_try_catch/310 [ 44.600916] [ 44.602399] CPU: 7 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT [ 44.602446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 44.602462] Hardware name: WinLink E850-96 board (DT) [ 44.602481] Call trace: [ 44.602496] show_stack+0x20/0x38 (C) [ 44.602528] dump_stack_lvl+0x8c/0xd0 [ 44.602562] print_report+0x118/0x608 [ 44.602593] kasan_report+0xdc/0x128 [ 44.602623] kasan_check_range+0x100/0x1a8 [ 44.602656] __kasan_check_write+0x20/0x30 [ 44.602690] kasan_bitops_test_and_modify.constprop.0+0x1d8/0xbc0 [ 44.602725] kasan_bitops_generic+0x11c/0x1c8 [ 44.602753] kunit_try_run_case+0x170/0x3f0 [ 44.602787] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 44.602825] kthread+0x328/0x630 [ 44.602857] ret_from_fork+0x10/0x20 [ 44.602890] [ 44.674874] Allocated by task 310: [ 44.678259] kasan_save_stack+0x3c/0x68 [ 44.682078] kasan_save_track+0x20/0x40 [ 44.685898] kasan_save_alloc_info+0x40/0x58 [ 44.690151] __kasan_kmalloc+0xd4/0xd8 [ 44.693884] __kmalloc_cache_noprof+0x16c/0x3c0 [ 44.698397] kasan_bitops_generic+0xa0/0x1c8 [ 44.702651] kunit_try_run_case+0x170/0x3f0 [ 44.706817] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 44.712286] kthread+0x328/0x630 [ 44.715498] ret_from_fork+0x10/0x20 [ 44.719057] [ 44.720532] The buggy address belongs to the object at ffff000802e0b440 [ 44.720532] which belongs to the cache kmalloc-16 of size 16 [ 44.732859] The buggy address is located 8 bytes inside of [ 44.732859] allocated 9-byte region [ffff000802e0b440, ffff000802e0b449) [ 44.745098] [ 44.746574] The buggy address belongs to the physical page: [ 44.752133] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x882e0b [ 44.760116] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 44.766626] page_type: f5(slab) [ 44.769761] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 44.777483] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 44.785202] page dumped because: kasan: bad access detected [ 44.790757] [ 44.792233] Memory state around the buggy address: [ 44.797013] ffff000802e0b300: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 44.804216] ffff000802e0b380: fa fb fc fc 00 00 fc fc 00 07 fc fc 00 07 fc fc [ 44.811420] >ffff000802e0b400: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 44.818622] ^ [ 44.824181] ffff000802e0b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 44.831385] ffff000802e0b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 44.838586] ================================================================== [ 44.044439] ================================================================== [ 44.051450] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 44.060300] Write of size 8 at addr ffff000802e0b448 by task kunit_try_catch/310 [ 44.067678] [ 44.069161] CPU: 7 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT [ 44.069210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 44.069229] Hardware name: WinLink E850-96 board (DT) [ 44.069248] Call trace: [ 44.069262] show_stack+0x20/0x38 (C) [ 44.069293] dump_stack_lvl+0x8c/0xd0 [ 44.069331] print_report+0x118/0x608 [ 44.069360] kasan_report+0xdc/0x128 [ 44.069392] kasan_check_range+0x100/0x1a8 [ 44.069429] __kasan_check_write+0x20/0x30 [ 44.069460] kasan_bitops_test_and_modify.constprop.0+0xfc/0xbc0 [ 44.069495] kasan_bitops_generic+0x11c/0x1c8 [ 44.069524] kunit_try_run_case+0x170/0x3f0 [ 44.069558] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 44.069598] kthread+0x328/0x630 [ 44.069633] ret_from_fork+0x10/0x20 [ 44.069668] [ 44.141548] Allocated by task 310: [ 44.144934] kasan_save_stack+0x3c/0x68 [ 44.148753] kasan_save_track+0x20/0x40 [ 44.152572] kasan_save_alloc_info+0x40/0x58 [ 44.156826] __kasan_kmalloc+0xd4/0xd8 [ 44.160559] __kmalloc_cache_noprof+0x16c/0x3c0 [ 44.165072] kasan_bitops_generic+0xa0/0x1c8 [ 44.169326] kunit_try_run_case+0x170/0x3f0 [ 44.173492] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 44.178961] kthread+0x328/0x630 [ 44.182173] ret_from_fork+0x10/0x20 [ 44.185731] [ 44.187207] The buggy address belongs to the object at ffff000802e0b440 [ 44.187207] which belongs to the cache kmalloc-16 of size 16 [ 44.199534] The buggy address is located 8 bytes inside of [ 44.199534] allocated 9-byte region [ffff000802e0b440, ffff000802e0b449) [ 44.211773] [ 44.213249] The buggy address belongs to the physical page: [ 44.218807] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x882e0b [ 44.226792] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 44.233301] page_type: f5(slab) [ 44.236435] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 44.244158] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 44.251877] page dumped because: kasan: bad access detected [ 44.257432] [ 44.258907] Memory state around the buggy address: [ 44.263686] ffff000802e0b300: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 44.270890] ffff000802e0b380: fa fb fc fc 00 00 fc fc 00 07 fc fc 00 07 fc fc [ 44.278095] >ffff000802e0b400: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 44.285296] ^ [ 44.290855] ffff000802e0b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 44.298060] ffff000802e0b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 44.305261] ================================================================== [ 46.177543] ================================================================== [ 46.184575] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa84/0xbc0 [ 46.193514] Read of size 8 at addr ffff000802e0b448 by task kunit_try_catch/310 [ 46.200805] [ 46.202287] CPU: 7 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT [ 46.202332] Tainted: [B]=BAD_PAGE, [N]=TEST [ 46.202349] Hardware name: WinLink E850-96 board (DT) [ 46.202368] Call trace: [ 46.202382] show_stack+0x20/0x38 (C) [ 46.202415] dump_stack_lvl+0x8c/0xd0 [ 46.202448] print_report+0x118/0x608 [ 46.202480] kasan_report+0xdc/0x128 [ 46.202509] __asan_report_load8_noabort+0x20/0x30 [ 46.202545] kasan_bitops_test_and_modify.constprop.0+0xa84/0xbc0 [ 46.202580] kasan_bitops_generic+0x11c/0x1c8 [ 46.202609] kunit_try_run_case+0x170/0x3f0 [ 46.202643] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 46.202686] kthread+0x328/0x630 [ 46.202717] ret_from_fork+0x10/0x20 [ 46.202749] [ 46.271377] Allocated by task 310: [ 46.274764] kasan_save_stack+0x3c/0x68 [ 46.278582] kasan_save_track+0x20/0x40 [ 46.282401] kasan_save_alloc_info+0x40/0x58 [ 46.286655] __kasan_kmalloc+0xd4/0xd8 [ 46.290388] __kmalloc_cache_noprof+0x16c/0x3c0 [ 46.294901] kasan_bitops_generic+0xa0/0x1c8 [ 46.299155] kunit_try_run_case+0x170/0x3f0 [ 46.303321] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 46.308790] kthread+0x328/0x630 [ 46.312002] ret_from_fork+0x10/0x20 [ 46.315561] [ 46.317036] The buggy address belongs to the object at ffff000802e0b440 [ 46.317036] which belongs to the cache kmalloc-16 of size 16 [ 46.329364] The buggy address is located 8 bytes inside of [ 46.329364] allocated 9-byte region [ffff000802e0b440, ffff000802e0b449) [ 46.341602] [ 46.343078] The buggy address belongs to the physical page: [ 46.348635] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x882e0b [ 46.356620] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 46.363129] page_type: f5(slab) [ 46.366264] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 46.373986] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 46.381706] page dumped because: kasan: bad access detected [ 46.387261] [ 46.388737] Memory state around the buggy address: [ 46.393515] ffff000802e0b300: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 46.400719] ffff000802e0b380: fa fb fc fc 00 00 fc fc 00 07 fc fc 00 07 fc fc [ 46.407924] >ffff000802e0b400: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 46.415125] ^ [ 46.420684] ffff000802e0b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.427889] ffff000802e0b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.435090] ================================================================== [ 45.379264] ================================================================== [ 45.386323] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xacc/0xbc0 [ 45.395262] Read of size 8 at addr ffff000802e0b448 by task kunit_try_catch/310 [ 45.402554] [ 45.404037] CPU: 7 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT [ 45.404082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 45.404096] Hardware name: WinLink E850-96 board (DT) [ 45.404113] Call trace: [ 45.404125] show_stack+0x20/0x38 (C) [ 45.404155] dump_stack_lvl+0x8c/0xd0 [ 45.404190] print_report+0x118/0x608 [ 45.404219] kasan_report+0xdc/0x128 [ 45.404248] __asan_report_load8_noabort+0x20/0x30 [ 45.404281] kasan_bitops_test_and_modify.constprop.0+0xacc/0xbc0 [ 45.404315] kasan_bitops_generic+0x11c/0x1c8 [ 45.404344] kunit_try_run_case+0x170/0x3f0 [ 45.404379] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 45.404418] kthread+0x328/0x630 [ 45.404451] ret_from_fork+0x10/0x20 [ 45.404482] [ 45.473126] Allocated by task 310: [ 45.476511] kasan_save_stack+0x3c/0x68 [ 45.480330] kasan_save_track+0x20/0x40 [ 45.484150] kasan_save_alloc_info+0x40/0x58 [ 45.488403] __kasan_kmalloc+0xd4/0xd8 [ 45.492136] __kmalloc_cache_noprof+0x16c/0x3c0 [ 45.496650] kasan_bitops_generic+0xa0/0x1c8 [ 45.500903] kunit_try_run_case+0x170/0x3f0 [ 45.505069] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 45.510538] kthread+0x328/0x630 [ 45.513750] ret_from_fork+0x10/0x20 [ 45.517309] [ 45.518784] The buggy address belongs to the object at ffff000802e0b440 [ 45.518784] which belongs to the cache kmalloc-16 of size 16 [ 45.531111] The buggy address is located 8 bytes inside of [ 45.531111] allocated 9-byte region [ffff000802e0b440, ffff000802e0b449) [ 45.543350] [ 45.544826] The buggy address belongs to the physical page: [ 45.550382] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x882e0b [ 45.558367] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 45.564878] page_type: f5(slab) [ 45.568010] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 45.575735] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 45.583454] page dumped because: kasan: bad access detected [ 45.589009] [ 45.590485] Memory state around the buggy address: [ 45.595263] ffff000802e0b300: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 45.602468] ffff000802e0b380: fa fb fc fc 00 00 fc fc 00 07 fc fc 00 07 fc fc [ 45.609672] >ffff000802e0b400: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 45.616873] ^ [ 45.622433] ffff000802e0b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 45.629637] ffff000802e0b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 45.636838] ================================================================== [ 44.845907] ================================================================== [ 44.852998] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0 [ 44.861937] Read of size 8 at addr ffff000802e0b448 by task kunit_try_catch/310 [ 44.869228] [ 44.870712] CPU: 7 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT [ 44.870758] Tainted: [B]=BAD_PAGE, [N]=TEST [ 44.870775] Hardware name: WinLink E850-96 board (DT) [ 44.870794] Call trace: [ 44.870808] show_stack+0x20/0x38 (C) [ 44.870842] dump_stack_lvl+0x8c/0xd0 [ 44.870878] print_report+0x118/0x608 [ 44.870907] kasan_report+0xdc/0x128 [ 44.870937] __asan_report_load8_noabort+0x20/0x30 [ 44.870971] kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0 [ 44.871006] kasan_bitops_generic+0x11c/0x1c8 [ 44.871035] kunit_try_run_case+0x170/0x3f0 [ 44.871071] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 44.871111] kthread+0x328/0x630 [ 44.871144] ret_from_fork+0x10/0x20 [ 44.871174] [ 44.939800] Allocated by task 310: [ 44.943185] kasan_save_stack+0x3c/0x68 [ 44.947005] kasan_save_track+0x20/0x40 [ 44.950824] kasan_save_alloc_info+0x40/0x58 [ 44.955078] __kasan_kmalloc+0xd4/0xd8 [ 44.958810] __kmalloc_cache_noprof+0x16c/0x3c0 [ 44.963324] kasan_bitops_generic+0xa0/0x1c8 [ 44.967577] kunit_try_run_case+0x170/0x3f0 [ 44.971744] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 44.977213] kthread+0x328/0x630 [ 44.980424] ret_from_fork+0x10/0x20 [ 44.983983] [ 44.985459] The buggy address belongs to the object at ffff000802e0b440 [ 44.985459] which belongs to the cache kmalloc-16 of size 16 [ 44.997785] The buggy address is located 8 bytes inside of [ 44.997785] allocated 9-byte region [ffff000802e0b440, ffff000802e0b449) [ 45.010024] [ 45.011501] The buggy address belongs to the physical page: [ 45.017057] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x882e0b [ 45.025043] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 45.031552] page_type: f5(slab) [ 45.034685] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 45.042410] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 45.050128] page dumped because: kasan: bad access detected [ 45.055684] [ 45.057159] Memory state around the buggy address: [ 45.061938] ffff000802e0b300: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 45.069142] ffff000802e0b380: fa fb fc fc 00 00 fc fc 00 07 fc fc 00 07 fc fc [ 45.076347] >ffff000802e0b400: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 45.083548] ^ [ 45.089107] ffff000802e0b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 45.096312] ffff000802e0b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 45.103513] ================================================================== [ 45.912585] ================================================================== [ 45.919648] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0 [ 45.928588] Read of size 8 at addr ffff000802e0b448 by task kunit_try_catch/310 [ 45.935879] [ 45.937359] CPU: 7 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT [ 45.937404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 45.937421] Hardware name: WinLink E850-96 board (DT) [ 45.937441] Call trace: [ 45.937452] show_stack+0x20/0x38 (C) [ 45.937484] dump_stack_lvl+0x8c/0xd0 [ 45.937516] print_report+0x118/0x608 [ 45.937547] kasan_report+0xdc/0x128 [ 45.937577] __asan_report_load8_noabort+0x20/0x30 [ 45.937610] kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0 [ 45.937645] kasan_bitops_generic+0x11c/0x1c8 [ 45.937674] kunit_try_run_case+0x170/0x3f0 [ 45.937709] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 45.937749] kthread+0x328/0x630 [ 45.937781] ret_from_fork+0x10/0x20 [ 45.937814] [ 46.006451] Allocated by task 310: [ 46.009836] kasan_save_stack+0x3c/0x68 [ 46.013656] kasan_save_track+0x20/0x40 [ 46.017475] kasan_save_alloc_info+0x40/0x58 [ 46.021728] __kasan_kmalloc+0xd4/0xd8 [ 46.025461] __kmalloc_cache_noprof+0x16c/0x3c0 [ 46.029975] kasan_bitops_generic+0xa0/0x1c8 [ 46.034228] kunit_try_run_case+0x170/0x3f0 [ 46.038395] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 46.043864] kthread+0x328/0x630 [ 46.047075] ret_from_fork+0x10/0x20 [ 46.050634] [ 46.052110] The buggy address belongs to the object at ffff000802e0b440 [ 46.052110] which belongs to the cache kmalloc-16 of size 16 [ 46.064436] The buggy address is located 8 bytes inside of [ 46.064436] allocated 9-byte region [ffff000802e0b440, ffff000802e0b449) [ 46.076675] [ 46.078151] The buggy address belongs to the physical page: [ 46.083709] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x882e0b [ 46.091693] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 46.098203] page_type: f5(slab) [ 46.101336] raw: 0bfffe0000000000 ffff000800002640 dead000000000122 0000000000000000 [ 46.109060] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 46.116779] page dumped because: kasan: bad access detected [ 46.122334] [ 46.123810] Memory state around the buggy address: [ 46.128589] ffff000802e0b300: 00 00 fc fc 00 00 fc fc 00 00 fc fc 00 00 fc fc [ 46.135793] ffff000802e0b380: fa fb fc fc 00 00 fc fc 00 07 fc fc 00 07 fc fc [ 46.142998] >ffff000802e0b400: 00 05 fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 46.150199] ^ [ 46.155758] ffff000802e0b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.162963] ffff000802e0b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.170164] ==================================================================
[ 13.208807] ================================================================== [ 13.209175] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.209548] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.209951] [ 13.210066] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.210111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.210123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.210144] Call Trace: [ 13.210162] <TASK> [ 13.210180] dump_stack_lvl+0x73/0xb0 [ 13.210205] print_report+0xd1/0x650 [ 13.210227] ? __virt_addr_valid+0x1db/0x2d0 [ 13.210250] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.210273] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.210295] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.210318] kasan_report+0x141/0x180 [ 13.210342] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.210369] kasan_check_range+0x10c/0x1c0 [ 13.210389] __kasan_check_write+0x18/0x20 [ 13.210409] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.210432] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.210456] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.210477] ? trace_hardirqs_on+0x37/0xe0 [ 13.210500] ? kasan_bitops_generic+0x92/0x1c0 [ 13.210524] kasan_bitops_generic+0x121/0x1c0 [ 13.210544] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.210582] ? __pfx_read_tsc+0x10/0x10 [ 13.210603] ? ktime_get_ts64+0x86/0x230 [ 13.210629] kunit_try_run_case+0x1a5/0x480 [ 13.210654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.210676] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.210701] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.210725] ? __kthread_parkme+0x82/0x180 [ 13.210747] ? preempt_count_sub+0x50/0x80 [ 13.210773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.210797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.210819] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.210842] kthread+0x337/0x6f0 [ 13.210859] ? trace_preempt_on+0x20/0xc0 [ 13.210881] ? __pfx_kthread+0x10/0x10 [ 13.210899] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.210931] ? calculate_sigpending+0x7b/0xa0 [ 13.210953] ? __pfx_kthread+0x10/0x10 [ 13.210972] ret_from_fork+0x41/0x80 [ 13.210992] ? __pfx_kthread+0x10/0x10 [ 13.211010] ret_from_fork_asm+0x1a/0x30 [ 13.211041] </TASK> [ 13.211052] [ 13.219643] Allocated by task 280: [ 13.219972] kasan_save_stack+0x45/0x70 [ 13.220494] kasan_save_track+0x18/0x40 [ 13.220849] kasan_save_alloc_info+0x3b/0x50 [ 13.221057] __kasan_kmalloc+0xb7/0xc0 [ 13.221230] __kmalloc_cache_noprof+0x189/0x420 [ 13.221416] kasan_bitops_generic+0x92/0x1c0 [ 13.221662] kunit_try_run_case+0x1a5/0x480 [ 13.222000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.222179] kthread+0x337/0x6f0 [ 13.222298] ret_from_fork+0x41/0x80 [ 13.222428] ret_from_fork_asm+0x1a/0x30 [ 13.222623] [ 13.222718] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.222718] which belongs to the cache kmalloc-16 of size 16 [ 13.223207] The buggy address is located 8 bytes inside of [ 13.223207] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.223557] [ 13.223628] The buggy address belongs to the physical page: [ 13.224172] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.224543] flags: 0x200000000000000(node=0|zone=2) [ 13.224880] page_type: f5(slab) [ 13.225070] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.225376] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.225807] page dumped because: kasan: bad access detected [ 13.226061] [ 13.226146] Memory state around the buggy address: [ 13.226345] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.226660] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.227235] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.227484] ^ [ 13.227933] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.228222] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.228511] ================================================================== [ 13.147335] ================================================================== [ 13.147579] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.147994] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.148332] [ 13.148577] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.148625] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.148636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.148658] Call Trace: [ 13.148678] <TASK> [ 13.148696] dump_stack_lvl+0x73/0xb0 [ 13.148752] print_report+0xd1/0x650 [ 13.148776] ? __virt_addr_valid+0x1db/0x2d0 [ 13.148800] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.148823] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.148846] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.148870] kasan_report+0x141/0x180 [ 13.148892] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.148931] kasan_check_range+0x10c/0x1c0 [ 13.148951] __kasan_check_write+0x18/0x20 [ 13.148971] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.148995] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.149019] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.149041] ? trace_hardirqs_on+0x37/0xe0 [ 13.149063] ? kasan_bitops_generic+0x92/0x1c0 [ 13.149087] kasan_bitops_generic+0x121/0x1c0 [ 13.149106] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.149127] ? __pfx_read_tsc+0x10/0x10 [ 13.149149] ? ktime_get_ts64+0x86/0x230 [ 13.149175] kunit_try_run_case+0x1a5/0x480 [ 13.149199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.149221] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.149245] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.149268] ? __kthread_parkme+0x82/0x180 [ 13.149290] ? preempt_count_sub+0x50/0x80 [ 13.149316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.149340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.149363] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.149386] kthread+0x337/0x6f0 [ 13.149404] ? trace_preempt_on+0x20/0xc0 [ 13.149426] ? __pfx_kthread+0x10/0x10 [ 13.149444] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.149465] ? calculate_sigpending+0x7b/0xa0 [ 13.149487] ? __pfx_kthread+0x10/0x10 [ 13.149505] ret_from_fork+0x41/0x80 [ 13.149526] ? __pfx_kthread+0x10/0x10 [ 13.149544] ret_from_fork_asm+0x1a/0x30 [ 13.149591] </TASK> [ 13.149602] [ 13.158511] Allocated by task 280: [ 13.158840] kasan_save_stack+0x45/0x70 [ 13.159011] kasan_save_track+0x18/0x40 [ 13.159204] kasan_save_alloc_info+0x3b/0x50 [ 13.159411] __kasan_kmalloc+0xb7/0xc0 [ 13.159597] __kmalloc_cache_noprof+0x189/0x420 [ 13.160202] kasan_bitops_generic+0x92/0x1c0 [ 13.160370] kunit_try_run_case+0x1a5/0x480 [ 13.160600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.160991] kthread+0x337/0x6f0 [ 13.161160] ret_from_fork+0x41/0x80 [ 13.161328] ret_from_fork_asm+0x1a/0x30 [ 13.161517] [ 13.161595] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.161595] which belongs to the cache kmalloc-16 of size 16 [ 13.162072] The buggy address is located 8 bytes inside of [ 13.162072] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.162421] [ 13.162642] The buggy address belongs to the physical page: [ 13.163152] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.163485] flags: 0x200000000000000(node=0|zone=2) [ 13.163705] page_type: f5(slab) [ 13.163850] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.164237] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.164474] page dumped because: kasan: bad access detected [ 13.164643] [ 13.164711] Memory state around the buggy address: [ 13.164876] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.165204] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.165516] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.165997] ^ [ 13.166234] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.166445] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.166654] ================================================================== [ 13.167050] ================================================================== [ 13.167655] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.168084] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.168465] [ 13.168581] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.168628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.168640] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.168661] Call Trace: [ 13.168679] <TASK> [ 13.168697] dump_stack_lvl+0x73/0xb0 [ 13.168722] print_report+0xd1/0x650 [ 13.168744] ? __virt_addr_valid+0x1db/0x2d0 [ 13.168766] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.168789] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.168812] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.168836] kasan_report+0x141/0x180 [ 13.168858] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.168886] kasan_check_range+0x10c/0x1c0 [ 13.168954] __kasan_check_write+0x18/0x20 [ 13.168974] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.168999] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.169023] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.169045] ? trace_hardirqs_on+0x37/0xe0 [ 13.169067] ? kasan_bitops_generic+0x92/0x1c0 [ 13.169091] kasan_bitops_generic+0x121/0x1c0 [ 13.169112] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.169134] ? __pfx_read_tsc+0x10/0x10 [ 13.169154] ? ktime_get_ts64+0x86/0x230 [ 13.169179] kunit_try_run_case+0x1a5/0x480 [ 13.169205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.169227] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.169251] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.169274] ? __kthread_parkme+0x82/0x180 [ 13.169296] ? preempt_count_sub+0x50/0x80 [ 13.169322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.169346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.169369] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.169393] kthread+0x337/0x6f0 [ 13.169410] ? trace_preempt_on+0x20/0xc0 [ 13.169432] ? __pfx_kthread+0x10/0x10 [ 13.169450] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.169471] ? calculate_sigpending+0x7b/0xa0 [ 13.169492] ? __pfx_kthread+0x10/0x10 [ 13.169511] ret_from_fork+0x41/0x80 [ 13.169531] ? __pfx_kthread+0x10/0x10 [ 13.169549] ret_from_fork_asm+0x1a/0x30 [ 13.169590] </TASK> [ 13.169600] [ 13.179116] Allocated by task 280: [ 13.179326] kasan_save_stack+0x45/0x70 [ 13.179512] kasan_save_track+0x18/0x40 [ 13.179715] kasan_save_alloc_info+0x3b/0x50 [ 13.179907] __kasan_kmalloc+0xb7/0xc0 [ 13.180051] __kmalloc_cache_noprof+0x189/0x420 [ 13.180202] kasan_bitops_generic+0x92/0x1c0 [ 13.180354] kunit_try_run_case+0x1a5/0x480 [ 13.180512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.181068] kthread+0x337/0x6f0 [ 13.181244] ret_from_fork+0x41/0x80 [ 13.181431] ret_from_fork_asm+0x1a/0x30 [ 13.181632] [ 13.181726] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.181726] which belongs to the cache kmalloc-16 of size 16 [ 13.182437] The buggy address is located 8 bytes inside of [ 13.182437] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.183181] [ 13.183257] The buggy address belongs to the physical page: [ 13.183432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.183795] flags: 0x200000000000000(node=0|zone=2) [ 13.184050] page_type: f5(slab) [ 13.184435] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.185017] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.185278] page dumped because: kasan: bad access detected [ 13.185459] [ 13.185552] Memory state around the buggy address: [ 13.185775] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.186159] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.186408] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.187052] ^ [ 13.187263] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.187580] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.188027] ================================================================== [ 13.107287] ================================================================== [ 13.107835] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.108229] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.108481] [ 13.108569] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.108614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.108626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.108647] Call Trace: [ 13.108665] <TASK> [ 13.108682] dump_stack_lvl+0x73/0xb0 [ 13.108706] print_report+0xd1/0x650 [ 13.108729] ? __virt_addr_valid+0x1db/0x2d0 [ 13.108751] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.108774] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.108797] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.108821] kasan_report+0x141/0x180 [ 13.108844] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.108872] kasan_check_range+0x10c/0x1c0 [ 13.108893] __kasan_check_write+0x18/0x20 [ 13.108912] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.108947] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.108972] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.108993] ? trace_hardirqs_on+0x37/0xe0 [ 13.109016] ? kasan_bitops_generic+0x92/0x1c0 [ 13.109040] kasan_bitops_generic+0x121/0x1c0 [ 13.109061] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.109082] ? __pfx_read_tsc+0x10/0x10 [ 13.109102] ? ktime_get_ts64+0x86/0x230 [ 13.109127] kunit_try_run_case+0x1a5/0x480 [ 13.109152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.109174] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.109198] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.109221] ? __kthread_parkme+0x82/0x180 [ 13.109243] ? preempt_count_sub+0x50/0x80 [ 13.109268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.109292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.109315] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.109338] kthread+0x337/0x6f0 [ 13.109355] ? trace_preempt_on+0x20/0xc0 [ 13.109377] ? __pfx_kthread+0x10/0x10 [ 13.109395] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.109417] ? calculate_sigpending+0x7b/0xa0 [ 13.109439] ? __pfx_kthread+0x10/0x10 [ 13.109457] ret_from_fork+0x41/0x80 [ 13.109477] ? __pfx_kthread+0x10/0x10 [ 13.109495] ret_from_fork_asm+0x1a/0x30 [ 13.109527] </TASK> [ 13.109537] [ 13.118641] Allocated by task 280: [ 13.118979] kasan_save_stack+0x45/0x70 [ 13.119198] kasan_save_track+0x18/0x40 [ 13.119380] kasan_save_alloc_info+0x3b/0x50 [ 13.119610] __kasan_kmalloc+0xb7/0xc0 [ 13.119851] __kmalloc_cache_noprof+0x189/0x420 [ 13.120057] kasan_bitops_generic+0x92/0x1c0 [ 13.120263] kunit_try_run_case+0x1a5/0x480 [ 13.120425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.120818] kthread+0x337/0x6f0 [ 13.120959] ret_from_fork+0x41/0x80 [ 13.121091] ret_from_fork_asm+0x1a/0x30 [ 13.121231] [ 13.121302] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.121302] which belongs to the cache kmalloc-16 of size 16 [ 13.121787] The buggy address is located 8 bytes inside of [ 13.121787] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.122262] [ 13.122344] The buggy address belongs to the physical page: [ 13.123055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.123363] flags: 0x200000000000000(node=0|zone=2) [ 13.123560] page_type: f5(slab) [ 13.123743] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.124045] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.124338] page dumped because: kasan: bad access detected [ 13.124509] [ 13.124577] Memory state around the buggy address: [ 13.124735] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.125169] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.125537] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.125892] ^ [ 13.126173] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.126435] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.126712] ================================================================== [ 13.127171] ================================================================== [ 13.127517] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.128379] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.128934] [ 13.129051] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.129099] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.129111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.129133] Call Trace: [ 13.129151] <TASK> [ 13.129169] dump_stack_lvl+0x73/0xb0 [ 13.129194] print_report+0xd1/0x650 [ 13.129217] ? __virt_addr_valid+0x1db/0x2d0 [ 13.129238] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.129262] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.129284] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.129309] kasan_report+0x141/0x180 [ 13.129331] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.129359] kasan_check_range+0x10c/0x1c0 [ 13.129380] __kasan_check_write+0x18/0x20 [ 13.129399] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.129423] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.129448] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.129469] ? trace_hardirqs_on+0x37/0xe0 [ 13.129491] ? kasan_bitops_generic+0x92/0x1c0 [ 13.129516] kasan_bitops_generic+0x121/0x1c0 [ 13.129537] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.129558] ? __pfx_read_tsc+0x10/0x10 [ 13.129578] ? ktime_get_ts64+0x86/0x230 [ 13.129603] kunit_try_run_case+0x1a5/0x480 [ 13.129628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.129650] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.129675] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.129698] ? __kthread_parkme+0x82/0x180 [ 13.129720] ? preempt_count_sub+0x50/0x80 [ 13.129746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.129769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.129792] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.129815] kthread+0x337/0x6f0 [ 13.129832] ? trace_preempt_on+0x20/0xc0 [ 13.129854] ? __pfx_kthread+0x10/0x10 [ 13.129872] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.129893] ? calculate_sigpending+0x7b/0xa0 [ 13.129927] ? __pfx_kthread+0x10/0x10 [ 13.129946] ret_from_fork+0x41/0x80 [ 13.129966] ? __pfx_kthread+0x10/0x10 [ 13.129984] ret_from_fork_asm+0x1a/0x30 [ 13.130015] </TASK> [ 13.130025] [ 13.138383] Allocated by task 280: [ 13.138531] kasan_save_stack+0x45/0x70 [ 13.138688] kasan_save_track+0x18/0x40 [ 13.138823] kasan_save_alloc_info+0x3b/0x50 [ 13.138978] __kasan_kmalloc+0xb7/0xc0 [ 13.139121] __kmalloc_cache_noprof+0x189/0x420 [ 13.139338] kasan_bitops_generic+0x92/0x1c0 [ 13.139543] kunit_try_run_case+0x1a5/0x480 [ 13.139932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.140189] kthread+0x337/0x6f0 [ 13.140360] ret_from_fork+0x41/0x80 [ 13.140543] ret_from_fork_asm+0x1a/0x30 [ 13.140766] [ 13.140860] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.140860] which belongs to the cache kmalloc-16 of size 16 [ 13.141237] The buggy address is located 8 bytes inside of [ 13.141237] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.141905] [ 13.142032] The buggy address belongs to the physical page: [ 13.142293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.142782] flags: 0x200000000000000(node=0|zone=2) [ 13.143046] page_type: f5(slab) [ 13.143221] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.143569] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.143936] page dumped because: kasan: bad access detected [ 13.144172] [ 13.144252] Memory state around the buggy address: [ 13.144437] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.144851] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.145368] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.145594] ^ [ 13.146239] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.146540] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.146900] ================================================================== [ 13.229028] ================================================================== [ 13.229369] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.229814] Read of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.230059] [ 13.230172] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.230219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.230231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.230252] Call Trace: [ 13.230271] <TASK> [ 13.230291] dump_stack_lvl+0x73/0xb0 [ 13.230315] print_report+0xd1/0x650 [ 13.230339] ? __virt_addr_valid+0x1db/0x2d0 [ 13.230361] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.230383] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.230406] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.230429] kasan_report+0x141/0x180 [ 13.230452] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.230481] kasan_check_range+0x10c/0x1c0 [ 13.230501] __kasan_check_read+0x15/0x20 [ 13.230521] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.230545] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.230569] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.230590] ? trace_hardirqs_on+0x37/0xe0 [ 13.230612] ? kasan_bitops_generic+0x92/0x1c0 [ 13.230637] kasan_bitops_generic+0x121/0x1c0 [ 13.230738] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.230765] ? __pfx_read_tsc+0x10/0x10 [ 13.230786] ? ktime_get_ts64+0x86/0x230 [ 13.230812] kunit_try_run_case+0x1a5/0x480 [ 13.230837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.230860] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.230884] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.230908] ? __kthread_parkme+0x82/0x180 [ 13.230943] ? preempt_count_sub+0x50/0x80 [ 13.230969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.230993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.231016] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.231039] kthread+0x337/0x6f0 [ 13.231055] ? trace_preempt_on+0x20/0xc0 [ 13.231078] ? __pfx_kthread+0x10/0x10 [ 13.231096] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.231118] ? calculate_sigpending+0x7b/0xa0 [ 13.231140] ? __pfx_kthread+0x10/0x10 [ 13.231158] ret_from_fork+0x41/0x80 [ 13.231179] ? __pfx_kthread+0x10/0x10 [ 13.231197] ret_from_fork_asm+0x1a/0x30 [ 13.231229] </TASK> [ 13.231240] [ 13.239552] Allocated by task 280: [ 13.239694] kasan_save_stack+0x45/0x70 [ 13.239843] kasan_save_track+0x18/0x40 [ 13.240092] kasan_save_alloc_info+0x3b/0x50 [ 13.240318] __kasan_kmalloc+0xb7/0xc0 [ 13.240505] __kmalloc_cache_noprof+0x189/0x420 [ 13.240810] kasan_bitops_generic+0x92/0x1c0 [ 13.241038] kunit_try_run_case+0x1a5/0x480 [ 13.241252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.241486] kthread+0x337/0x6f0 [ 13.241647] ret_from_fork+0x41/0x80 [ 13.241840] ret_from_fork_asm+0x1a/0x30 [ 13.242053] [ 13.242149] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.242149] which belongs to the cache kmalloc-16 of size 16 [ 13.242690] The buggy address is located 8 bytes inside of [ 13.242690] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.243108] [ 13.243205] The buggy address belongs to the physical page: [ 13.243450] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.244091] flags: 0x200000000000000(node=0|zone=2) [ 13.244333] page_type: f5(slab) [ 13.244506] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.244936] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.245216] page dumped because: kasan: bad access detected [ 13.245386] [ 13.245455] Memory state around the buggy address: [ 13.245698] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.246088] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.246414] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.246783] ^ [ 13.247068] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.247384] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.247647] ================================================================== [ 13.188521] ================================================================== [ 13.189280] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.189872] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.190198] [ 13.190292] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.190339] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.190350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.190371] Call Trace: [ 13.190390] <TASK> [ 13.190408] dump_stack_lvl+0x73/0xb0 [ 13.190435] print_report+0xd1/0x650 [ 13.190457] ? __virt_addr_valid+0x1db/0x2d0 [ 13.190480] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.190504] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.190528] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.190551] kasan_report+0x141/0x180 [ 13.190574] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.190602] kasan_check_range+0x10c/0x1c0 [ 13.190623] __kasan_check_write+0x18/0x20 [ 13.190642] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.190666] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.190690] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.190711] ? trace_hardirqs_on+0x37/0xe0 [ 13.190774] ? kasan_bitops_generic+0x92/0x1c0 [ 13.190802] kasan_bitops_generic+0x121/0x1c0 [ 13.190821] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.190843] ? __pfx_read_tsc+0x10/0x10 [ 13.190863] ? ktime_get_ts64+0x86/0x230 [ 13.190889] kunit_try_run_case+0x1a5/0x480 [ 13.190928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.190951] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.190976] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.190999] ? __kthread_parkme+0x82/0x180 [ 13.191021] ? preempt_count_sub+0x50/0x80 [ 13.191047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.191070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.191093] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.191117] kthread+0x337/0x6f0 [ 13.191133] ? trace_preempt_on+0x20/0xc0 [ 13.191157] ? __pfx_kthread+0x10/0x10 [ 13.191175] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.191197] ? calculate_sigpending+0x7b/0xa0 [ 13.191218] ? __pfx_kthread+0x10/0x10 [ 13.191237] ret_from_fork+0x41/0x80 [ 13.191258] ? __pfx_kthread+0x10/0x10 [ 13.191276] ret_from_fork_asm+0x1a/0x30 [ 13.191309] </TASK> [ 13.191319] [ 13.200236] Allocated by task 280: [ 13.200432] kasan_save_stack+0x45/0x70 [ 13.200672] kasan_save_track+0x18/0x40 [ 13.200880] kasan_save_alloc_info+0x3b/0x50 [ 13.201087] __kasan_kmalloc+0xb7/0xc0 [ 13.201220] __kmalloc_cache_noprof+0x189/0x420 [ 13.201411] kasan_bitops_generic+0x92/0x1c0 [ 13.201662] kunit_try_run_case+0x1a5/0x480 [ 13.202021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.202204] kthread+0x337/0x6f0 [ 13.202322] ret_from_fork+0x41/0x80 [ 13.202452] ret_from_fork_asm+0x1a/0x30 [ 13.202656] [ 13.202751] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.202751] which belongs to the cache kmalloc-16 of size 16 [ 13.203299] The buggy address is located 8 bytes inside of [ 13.203299] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.203954] [ 13.204038] The buggy address belongs to the physical page: [ 13.204253] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.204494] flags: 0x200000000000000(node=0|zone=2) [ 13.204711] page_type: f5(slab) [ 13.204884] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.205303] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.205672] page dumped because: kasan: bad access detected [ 13.206142] [ 13.206227] Memory state around the buggy address: [ 13.206418] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.206790] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.207125] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.207368] ^ [ 13.207671] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.207891] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.208222] ================================================================== [ 13.086622] ================================================================== [ 13.087002] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.087720] Write of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.088128] [ 13.088238] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.088295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.088307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.088328] Call Trace: [ 13.088346] <TASK> [ 13.088364] dump_stack_lvl+0x73/0xb0 [ 13.088390] print_report+0xd1/0x650 [ 13.088413] ? __virt_addr_valid+0x1db/0x2d0 [ 13.088435] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.088459] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.088482] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.088506] kasan_report+0x141/0x180 [ 13.088529] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.088557] kasan_check_range+0x10c/0x1c0 [ 13.088577] __kasan_check_write+0x18/0x20 [ 13.088597] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.088621] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.088645] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.088667] ? trace_hardirqs_on+0x37/0xe0 [ 13.088688] ? kasan_bitops_generic+0x92/0x1c0 [ 13.088713] kasan_bitops_generic+0x121/0x1c0 [ 13.088733] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.088754] ? __pfx_read_tsc+0x10/0x10 [ 13.088774] ? ktime_get_ts64+0x86/0x230 [ 13.088841] kunit_try_run_case+0x1a5/0x480 [ 13.088868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.088890] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.088914] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.088949] ? __kthread_parkme+0x82/0x180 [ 13.088971] ? preempt_count_sub+0x50/0x80 [ 13.088997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.089021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.089043] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.089066] kthread+0x337/0x6f0 [ 13.089083] ? trace_preempt_on+0x20/0xc0 [ 13.089105] ? __pfx_kthread+0x10/0x10 [ 13.089123] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.089144] ? calculate_sigpending+0x7b/0xa0 [ 13.089166] ? __pfx_kthread+0x10/0x10 [ 13.089184] ret_from_fork+0x41/0x80 [ 13.089204] ? __pfx_kthread+0x10/0x10 [ 13.089223] ret_from_fork_asm+0x1a/0x30 [ 13.089254] </TASK> [ 13.089265] [ 13.098100] Allocated by task 280: [ 13.098294] kasan_save_stack+0x45/0x70 [ 13.098471] kasan_save_track+0x18/0x40 [ 13.098669] kasan_save_alloc_info+0x3b/0x50 [ 13.098935] __kasan_kmalloc+0xb7/0xc0 [ 13.099174] __kmalloc_cache_noprof+0x189/0x420 [ 13.099357] kasan_bitops_generic+0x92/0x1c0 [ 13.099561] kunit_try_run_case+0x1a5/0x480 [ 13.099815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.100039] kthread+0x337/0x6f0 [ 13.100212] ret_from_fork+0x41/0x80 [ 13.100365] ret_from_fork_asm+0x1a/0x30 [ 13.100506] [ 13.100576] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.100576] which belongs to the cache kmalloc-16 of size 16 [ 13.101324] The buggy address is located 8 bytes inside of [ 13.101324] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.101972] [ 13.102072] The buggy address belongs to the physical page: [ 13.102328] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.103063] flags: 0x200000000000000(node=0|zone=2) [ 13.103240] page_type: f5(slab) [ 13.103367] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.103887] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.104240] page dumped because: kasan: bad access detected [ 13.104497] [ 13.104580] Memory state around the buggy address: [ 13.104831] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.105140] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.105423] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.105639] ^ [ 13.106153] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.106413] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.106691] ================================================================== [ 13.248222] ================================================================== [ 13.248537] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.249263] Read of size 8 at addr ffff8881025a7fe8 by task kunit_try_catch/280 [ 13.249566] [ 13.249671] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc3 #1 PREEMPT(voluntary) [ 13.249776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.249789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.249810] Call Trace: [ 13.249828] <TASK> [ 13.249844] dump_stack_lvl+0x73/0xb0 [ 13.249871] print_report+0xd1/0x650 [ 13.249895] ? __virt_addr_valid+0x1db/0x2d0 [ 13.249928] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.249952] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.249975] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.249999] kasan_report+0x141/0x180 [ 13.250021] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.250050] __asan_report_load8_noabort+0x18/0x20 [ 13.250071] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.250098] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.250122] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.250143] ? trace_hardirqs_on+0x37/0xe0 [ 13.250166] ? kasan_bitops_generic+0x92/0x1c0 [ 13.250191] kasan_bitops_generic+0x121/0x1c0 [ 13.250211] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.250232] ? __pfx_read_tsc+0x10/0x10 [ 13.250253] ? ktime_get_ts64+0x86/0x230 [ 13.250277] kunit_try_run_case+0x1a5/0x480 [ 13.250302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.250324] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.250347] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.250371] ? __kthread_parkme+0x82/0x180 [ 13.250393] ? preempt_count_sub+0x50/0x80 [ 13.250419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.250442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.250465] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.250488] kthread+0x337/0x6f0 [ 13.250505] ? trace_preempt_on+0x20/0xc0 [ 13.250527] ? __pfx_kthread+0x10/0x10 [ 13.250545] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.250567] ? calculate_sigpending+0x7b/0xa0 [ 13.250608] ? __pfx_kthread+0x10/0x10 [ 13.250626] ret_from_fork+0x41/0x80 [ 13.250647] ? __pfx_kthread+0x10/0x10 [ 13.250665] ret_from_fork_asm+0x1a/0x30 [ 13.250697] </TASK> [ 13.250758] [ 13.258542] Allocated by task 280: [ 13.258814] kasan_save_stack+0x45/0x70 [ 13.259037] kasan_save_track+0x18/0x40 [ 13.259229] kasan_save_alloc_info+0x3b/0x50 [ 13.259432] __kasan_kmalloc+0xb7/0xc0 [ 13.259642] __kmalloc_cache_noprof+0x189/0x420 [ 13.259938] kasan_bitops_generic+0x92/0x1c0 [ 13.260151] kunit_try_run_case+0x1a5/0x480 [ 13.260360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.260532] kthread+0x337/0x6f0 [ 13.261167] ret_from_fork+0x41/0x80 [ 13.261368] ret_from_fork_asm+0x1a/0x30 [ 13.261521] [ 13.261594] The buggy address belongs to the object at ffff8881025a7fe0 [ 13.261594] which belongs to the cache kmalloc-16 of size 16 [ 13.262154] The buggy address is located 8 bytes inside of [ 13.262154] allocated 9-byte region [ffff8881025a7fe0, ffff8881025a7fe9) [ 13.262731] [ 13.262830] The buggy address belongs to the physical page: [ 13.263061] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a7 [ 13.263394] flags: 0x200000000000000(node=0|zone=2) [ 13.263608] page_type: f5(slab) [ 13.263759] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.264076] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.264372] page dumped because: kasan: bad access detected [ 13.264573] [ 13.264666] Memory state around the buggy address: [ 13.264891] ffff8881025a7e80: 00 06 fc fc 00 06 fc fc 00 00 fc fc fa fb fc fc [ 13.265240] ffff8881025a7f00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.265507] >ffff8881025a7f80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.265804] ^ [ 13.266068] ffff8881025a8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.266381] ffff8881025a8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.266779] ==================================================================