Date
Feb. 5, 2025, 2:09 p.m.
| Environment | |
|---|---|
| qemu-x86_64 |
[ 50.666522] ================================================================== [ 50.667172] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xda/0x5e0 [ 50.667880] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 50.668897] [ 50.669175] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.670588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.671649] Call Trace: [ 50.672059] <TASK> [ 50.672421] dump_stack_lvl+0x4e/0x90 [ 50.673441] print_report+0xd2/0x660 [ 50.673957] ? __virt_addr_valid+0x156/0x1e0 [ 50.674527] ? kasan_complete_mode_report_info+0x2a/0x200 [ 50.675180] kasan_report+0xff/0x140 [ 50.675644] ? kasan_bitops_modify.constprop.0+0xda/0x5e0 [ 50.676726] ? kasan_bitops_modify.constprop.0+0xda/0x5e0 [ 50.677657] kasan_check_range+0x10c/0x1c0 [ 50.678363] __kasan_check_write+0x18/0x20 [ 50.678918] kasan_bitops_modify.constprop.0+0xda/0x5e0 [ 50.679793] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 50.680691] ? kasan_set_track+0x29/0x40 [ 50.681542] ? kasan_save_alloc_info+0x22/0x30 [ 50.682274] ? __kasan_kmalloc+0xb7/0xc0 [ 50.682815] kasan_bitops_generic+0xa9/0x130 [ 50.683514] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.684416] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.685390] ? kunit_try_run_case+0x11b/0x290 [ 50.685886] kunit_try_run_case+0x126/0x290 [ 50.686669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.687476] ? __kasan_check_write+0x18/0x20 [ 50.688264] ? trace_preempt_on+0x20/0xa0 [ 50.689098] ? __kthread_parkme+0x4f/0xd0 [ 50.689845] ? preempt_count_sub+0x50/0x80 [ 50.690116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.690384] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.690706] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.691442] kthread+0x19e/0x1e0 [ 50.692506] ? __pfx_kthread+0x10/0x10 [ 50.693526] ret_from_fork+0x41/0x70 [ 50.694194] ? __pfx_kthread+0x10/0x10 [ 50.695090] ret_from_fork_asm+0x1b/0x30 [ 50.695810] </TASK> [ 50.696449] [ 50.696709] Allocated by task 224: [ 50.697751] kasan_save_stack+0x3c/0x60 [ 50.698629] kasan_set_track+0x29/0x40 [ 50.699265] kasan_save_alloc_info+0x22/0x30 [ 50.699996] __kasan_kmalloc+0xb7/0xc0 [ 50.700520] kmalloc_trace+0x4c/0xb0 [ 50.701489] kasan_bitops_generic+0x8e/0x130 [ 50.702245] kunit_try_run_case+0x126/0x290 [ 50.702771] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.703576] kthread+0x19e/0x1e0 [ 50.704318] ret_from_fork+0x41/0x70 [ 50.704849] ret_from_fork_asm+0x1b/0x30 [ 50.705830] [ 50.706315] The buggy address belongs to the object at ffff888101a813e0 [ 50.706315] which belongs to the cache kmalloc-16 of size 16 [ 50.708326] The buggy address is located 8 bytes inside of [ 50.708326] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 50.709872] [ 50.710583] The buggy address belongs to the physical page: [ 50.711232] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 50.712272] flags: 0x200000000000800(slab|node=0|zone=2) [ 50.713017] page_type: 0xffffffff() [ 50.713576] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 50.714176] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 50.715435] page dumped because: kasan: bad access detected [ 50.716033] [ 50.716494] Memory state around the buggy address: [ 50.717430] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 50.718539] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 50.719464] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 50.720528] ^ [ 50.721383] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.722375] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.723477] ================================================================== [ 50.847258] ================================================================== [ 50.848156] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0x5e0 [ 50.848899] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 50.849426] [ 50.849597] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.850201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.851060] Call Trace: [ 50.852604] <TASK> [ 50.853016] dump_stack_lvl+0x4e/0x90 [ 50.853465] print_report+0xd2/0x660 [ 50.854082] ? __virt_addr_valid+0x156/0x1e0 [ 50.854654] ? kasan_complete_mode_report_info+0x2a/0x200 [ 50.855466] kasan_report+0xff/0x140 [ 50.856530] ? kasan_bitops_modify.constprop.0+0x19c/0x5e0 [ 50.857589] ? kasan_bitops_modify.constprop.0+0x19c/0x5e0 [ 50.858344] kasan_check_range+0x10c/0x1c0 [ 50.859073] __kasan_check_write+0x18/0x20 [ 50.859622] kasan_bitops_modify.constprop.0+0x19c/0x5e0 [ 50.860246] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 50.861039] ? kasan_set_track+0x29/0x40 [ 50.862056] ? kasan_save_alloc_info+0x22/0x30 [ 50.862640] ? __kasan_kmalloc+0xb7/0xc0 [ 50.863207] kasan_bitops_generic+0xa9/0x130 [ 50.863863] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.864483] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.865729] ? kunit_try_run_case+0x11b/0x290 [ 50.866397] kunit_try_run_case+0x126/0x290 [ 50.867023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.867586] ? __kasan_check_write+0x18/0x20 [ 50.868311] ? trace_preempt_on+0x20/0xa0 [ 50.868915] ? __kthread_parkme+0x4f/0xd0 [ 50.869814] ? preempt_count_sub+0x50/0x80 [ 50.870379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.871038] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.871869] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.872610] kthread+0x19e/0x1e0 [ 50.873257] ? __pfx_kthread+0x10/0x10 [ 50.874397] ret_from_fork+0x41/0x70 [ 50.874950] ? __pfx_kthread+0x10/0x10 [ 50.876163] ret_from_fork_asm+0x1b/0x30 [ 50.876634] </TASK> [ 50.876905] [ 50.877163] Allocated by task 224: [ 50.877666] kasan_save_stack+0x3c/0x60 [ 50.878758] kasan_set_track+0x29/0x40 [ 50.879631] kasan_save_alloc_info+0x22/0x30 [ 50.880250] __kasan_kmalloc+0xb7/0xc0 [ 50.880851] kmalloc_trace+0x4c/0xb0 [ 50.881099] kasan_bitops_generic+0x8e/0x130 [ 50.881341] kunit_try_run_case+0x126/0x290 [ 50.881585] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.882013] kthread+0x19e/0x1e0 [ 50.882801] ret_from_fork+0x41/0x70 [ 50.883360] ret_from_fork_asm+0x1b/0x30 [ 50.883923] [ 50.884973] The buggy address belongs to the object at ffff888101a813e0 [ 50.884973] which belongs to the cache kmalloc-16 of size 16 [ 50.886581] The buggy address is located 8 bytes inside of [ 50.886581] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 50.888639] [ 50.888919] The buggy address belongs to the physical page: [ 50.889650] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 50.890500] flags: 0x200000000000800(slab|node=0|zone=2) [ 50.891212] page_type: 0xffffffff() [ 50.891751] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 50.892546] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 50.893635] page dumped because: kasan: bad access detected [ 50.894125] [ 50.894401] Memory state around the buggy address: [ 50.895039] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 50.895932] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 50.896569] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 50.897378] ^ [ 50.898481] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.899064] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.899616] ================================================================== [ 50.901302] ================================================================== [ 50.902569] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1da/0x5e0 [ 50.903288] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 50.904559] [ 50.905116] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.906152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.906820] Call Trace: [ 50.907116] <TASK> [ 50.907377] dump_stack_lvl+0x4e/0x90 [ 50.907881] print_report+0xd2/0x660 [ 50.908353] ? __virt_addr_valid+0x156/0x1e0 [ 50.908959] ? kasan_complete_mode_report_info+0x2a/0x200 [ 50.909676] kasan_report+0xff/0x140 [ 50.910985] ? kasan_bitops_modify.constprop.0+0x1da/0x5e0 [ 50.911923] ? kasan_bitops_modify.constprop.0+0x1da/0x5e0 [ 50.912685] kasan_check_range+0x10c/0x1c0 [ 50.913306] __kasan_check_write+0x18/0x20 [ 50.913990] kasan_bitops_modify.constprop.0+0x1da/0x5e0 [ 50.915032] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 50.915778] ? kasan_set_track+0x29/0x40 [ 50.916299] ? kasan_save_alloc_info+0x22/0x30 [ 50.916942] ? __kasan_kmalloc+0xb7/0xc0 [ 50.917406] kasan_bitops_generic+0xa9/0x130 [ 50.918728] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.919298] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.919920] ? kunit_try_run_case+0x11b/0x290 [ 50.920442] kunit_try_run_case+0x126/0x290 [ 50.921084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.921653] ? __kasan_check_write+0x18/0x20 [ 50.922908] ? trace_preempt_on+0x20/0xa0 [ 50.923415] ? __kthread_parkme+0x4f/0xd0 [ 50.924029] ? preempt_count_sub+0x50/0x80 [ 50.924628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.925158] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.925967] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.927514] kthread+0x19e/0x1e0 [ 50.927965] ? __pfx_kthread+0x10/0x10 [ 50.928524] ret_from_fork+0x41/0x70 [ 50.929115] ? __pfx_kthread+0x10/0x10 [ 50.929677] ret_from_fork_asm+0x1b/0x30 [ 50.930213] </TASK> [ 50.930591] [ 50.930850] Allocated by task 224: [ 50.931807] kasan_save_stack+0x3c/0x60 [ 50.932869] kasan_set_track+0x29/0x40 [ 50.933366] kasan_save_alloc_info+0x22/0x30 [ 50.934084] __kasan_kmalloc+0xb7/0xc0 [ 50.934627] kmalloc_trace+0x4c/0xb0 [ 50.935128] kasan_bitops_generic+0x8e/0x130 [ 50.935782] kunit_try_run_case+0x126/0x290 [ 50.937278] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.937594] kthread+0x19e/0x1e0 [ 50.938172] ret_from_fork+0x41/0x70 [ 50.938942] ret_from_fork_asm+0x1b/0x30 [ 50.939389] [ 50.939585] The buggy address belongs to the object at ffff888101a813e0 [ 50.939585] which belongs to the cache kmalloc-16 of size 16 [ 50.941607] The buggy address is located 8 bytes inside of [ 50.941607] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 50.942969] [ 50.943176] The buggy address belongs to the physical page: [ 50.944324] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 50.945245] flags: 0x200000000000800(slab|node=0|zone=2) [ 50.946207] page_type: 0xffffffff() [ 50.946905] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 50.947850] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 50.948762] page dumped because: kasan: bad access detected [ 50.949200] [ 50.949482] Memory state around the buggy address: [ 50.950848] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 50.951544] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 50.952458] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 50.953589] ^ [ 50.954399] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.954976] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.955729] ================================================================== [ 50.957257] ================================================================== [ 50.957970] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x21c/0x5e0 [ 50.959334] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 50.960229] [ 50.960466] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.961319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.962583] Call Trace: [ 50.962908] <TASK> [ 50.963317] dump_stack_lvl+0x4e/0x90 [ 50.963952] print_report+0xd2/0x660 [ 50.964562] ? __virt_addr_valid+0x156/0x1e0 [ 50.965276] ? kasan_complete_mode_report_info+0x2a/0x200 [ 50.966216] kasan_report+0xff/0x140 [ 50.966610] ? kasan_bitops_modify.constprop.0+0x21c/0x5e0 [ 50.967544] ? kasan_bitops_modify.constprop.0+0x21c/0x5e0 [ 50.968463] kasan_check_range+0x10c/0x1c0 [ 50.969246] __kasan_check_write+0x18/0x20 [ 50.969991] kasan_bitops_modify.constprop.0+0x21c/0x5e0 [ 50.971264] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 50.972119] ? kasan_set_track+0x29/0x40 [ 50.972857] ? kasan_save_alloc_info+0x22/0x30 [ 50.973613] ? __kasan_kmalloc+0xb7/0xc0 [ 50.974119] kasan_bitops_generic+0xa9/0x130 [ 50.974605] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.975779] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.976532] ? kunit_try_run_case+0x11b/0x290 [ 50.977321] kunit_try_run_case+0x126/0x290 [ 50.978127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.978981] ? __kasan_check_write+0x18/0x20 [ 50.980515] ? trace_preempt_on+0x20/0xa0 [ 50.980959] ? __kthread_parkme+0x4f/0xd0 [ 50.981651] ? preempt_count_sub+0x50/0x80 [ 50.982335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.983068] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.983965] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.984574] kthread+0x19e/0x1e0 [ 50.985180] ? __pfx_kthread+0x10/0x10 [ 50.985868] ret_from_fork+0x41/0x70 [ 50.986541] ? __pfx_kthread+0x10/0x10 [ 50.987229] ret_from_fork_asm+0x1b/0x30 [ 50.987819] </TASK> [ 50.988353] [ 50.988626] Allocated by task 224: [ 50.989023] kasan_save_stack+0x3c/0x60 [ 50.989942] kasan_set_track+0x29/0x40 [ 50.990543] kasan_save_alloc_info+0x22/0x30 [ 50.991105] __kasan_kmalloc+0xb7/0xc0 [ 50.991545] kmalloc_trace+0x4c/0xb0 [ 50.992439] kasan_bitops_generic+0x8e/0x130 [ 50.993231] kunit_try_run_case+0x126/0x290 [ 50.993977] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.994609] kthread+0x19e/0x1e0 [ 50.995207] ret_from_fork+0x41/0x70 [ 50.995885] ret_from_fork_asm+0x1b/0x30 [ 50.996482] [ 50.996807] The buggy address belongs to the object at ffff888101a813e0 [ 50.996807] which belongs to the cache kmalloc-16 of size 16 [ 50.998135] The buggy address is located 8 bytes inside of [ 50.998135] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 50.999529] [ 50.999892] The buggy address belongs to the physical page: [ 51.000442] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 51.001562] flags: 0x200000000000800(slab|node=0|zone=2) [ 51.002455] page_type: 0xffffffff() [ 51.003287] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 51.004105] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 51.004430] page dumped because: kasan: bad access detected [ 51.004671] [ 51.004971] Memory state around the buggy address: [ 51.006303] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 51.007321] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 51.008445] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 51.009274] ^ [ 51.010351] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.011254] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.011706] ================================================================== [ 51.013024] ================================================================== [ 51.014158] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x25a/0x5e0 [ 51.015025] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 51.015627] [ 51.015940] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 51.016693] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.018359] Call Trace: [ 51.018933] <TASK> [ 51.019454] dump_stack_lvl+0x4e/0x90 [ 51.020014] print_report+0xd2/0x660 [ 51.020519] ? __virt_addr_valid+0x156/0x1e0 [ 51.021958] ? kasan_complete_mode_report_info+0x2a/0x200 [ 51.022628] kasan_report+0xff/0x140 [ 51.023288] ? kasan_bitops_modify.constprop.0+0x25a/0x5e0 [ 51.024312] ? kasan_bitops_modify.constprop.0+0x25a/0x5e0 [ 51.025580] kasan_check_range+0x10c/0x1c0 [ 51.026222] __kasan_check_write+0x18/0x20 [ 51.026856] kasan_bitops_modify.constprop.0+0x25a/0x5e0 [ 51.027441] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 51.028150] ? kasan_set_track+0x29/0x40 [ 51.028762] ? kasan_save_alloc_info+0x22/0x30 [ 51.029920] ? __kasan_kmalloc+0xb7/0xc0 [ 51.030468] kasan_bitops_generic+0xa9/0x130 [ 51.031067] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.031756] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 51.032505] ? kunit_try_run_case+0x11b/0x290 [ 51.033787] kunit_try_run_case+0x126/0x290 [ 51.034323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.034970] ? __kasan_check_write+0x18/0x20 [ 51.035550] ? trace_preempt_on+0x20/0xa0 [ 51.036080] ? __kthread_parkme+0x4f/0xd0 [ 51.036656] ? preempt_count_sub+0x50/0x80 [ 51.038096] ? __pfx_kunit_try_run_case+0x10/0x10 [ 51.038719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 51.039391] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.040331] kthread+0x19e/0x1e0 [ 51.040989] ? __pfx_kthread+0x10/0x10 [ 51.041884] ret_from_fork+0x41/0x70 [ 51.042314] ? __pfx_kthread+0x10/0x10 [ 51.042912] ret_from_fork_asm+0x1b/0x30 [ 51.043640] </TASK> [ 51.044058] [ 51.044411] Allocated by task 224: [ 51.044947] kasan_save_stack+0x3c/0x60 [ 51.045473] kasan_set_track+0x29/0x40 [ 51.046281] kasan_save_alloc_info+0x22/0x30 [ 51.047138] __kasan_kmalloc+0xb7/0xc0 [ 51.047568] kmalloc_trace+0x4c/0xb0 [ 51.048122] kasan_bitops_generic+0x8e/0x130 [ 51.048717] kunit_try_run_case+0x126/0x290 [ 51.050009] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 51.050643] kthread+0x19e/0x1e0 [ 51.051217] ret_from_fork+0x41/0x70 [ 51.051705] ret_from_fork_asm+0x1b/0x30 [ 51.052269] [ 51.052503] The buggy address belongs to the object at ffff888101a813e0 [ 51.052503] which belongs to the cache kmalloc-16 of size 16 [ 51.054245] The buggy address is located 8 bytes inside of [ 51.054245] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 51.055340] [ 51.055623] The buggy address belongs to the physical page: [ 51.056269] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 51.057893] flags: 0x200000000000800(slab|node=0|zone=2) [ 51.058513] page_type: 0xffffffff() [ 51.058914] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 51.059752] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 51.060539] page dumped because: kasan: bad access detected [ 51.061922] [ 51.062103] Memory state around the buggy address: [ 51.062643] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 51.063442] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 51.064135] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 51.064844] ^ [ 51.065596] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.066331] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 51.067797] ================================================================== [ 50.607396] ================================================================== [ 50.608800] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x9c/0x5e0 [ 50.609797] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 50.610772] [ 50.611011] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.611637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.613508] Call Trace: [ 50.614222] <TASK> [ 50.614562] dump_stack_lvl+0x4e/0x90 [ 50.615058] print_report+0xd2/0x660 [ 50.616073] ? __virt_addr_valid+0x156/0x1e0 [ 50.617155] ? kasan_complete_mode_report_info+0x2a/0x200 [ 50.618046] kasan_report+0xff/0x140 [ 50.618772] ? kasan_bitops_modify.constprop.0+0x9c/0x5e0 [ 50.619702] ? kasan_bitops_modify.constprop.0+0x9c/0x5e0 [ 50.620446] kasan_check_range+0x10c/0x1c0 [ 50.621050] __kasan_check_write+0x18/0x20 [ 50.621566] kasan_bitops_modify.constprop.0+0x9c/0x5e0 [ 50.622538] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 50.623268] ? kasan_set_track+0x29/0x40 [ 50.623519] ? kasan_save_alloc_info+0x22/0x30 [ 50.623899] ? __kasan_kmalloc+0xb7/0xc0 [ 50.624877] kasan_bitops_generic+0xa9/0x130 [ 50.625334] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.626272] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.627168] ? kunit_try_run_case+0x11b/0x290 [ 50.628002] kunit_try_run_case+0x126/0x290 [ 50.628623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.629571] ? __kasan_check_write+0x18/0x20 [ 50.630444] ? trace_preempt_on+0x20/0xa0 [ 50.631087] ? __kthread_parkme+0x4f/0xd0 [ 50.631599] ? preempt_count_sub+0x50/0x80 [ 50.632321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.632900] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.633574] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.634354] kthread+0x19e/0x1e0 [ 50.634840] ? __pfx_kthread+0x10/0x10 [ 50.635514] ret_from_fork+0x41/0x70 [ 50.636125] ? __pfx_kthread+0x10/0x10 [ 50.637289] ret_from_fork_asm+0x1b/0x30 [ 50.637859] </TASK> [ 50.638226] [ 50.638756] Allocated by task 224: [ 50.639456] kasan_save_stack+0x3c/0x60 [ 50.639957] kasan_set_track+0x29/0x40 [ 50.640403] kasan_save_alloc_info+0x22/0x30 [ 50.641495] __kasan_kmalloc+0xb7/0xc0 [ 50.641984] kmalloc_trace+0x4c/0xb0 [ 50.642686] kasan_bitops_generic+0x8e/0x130 [ 50.643912] kunit_try_run_case+0x126/0x290 [ 50.644360] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.644925] kthread+0x19e/0x1e0 [ 50.645418] ret_from_fork+0x41/0x70 [ 50.646222] ret_from_fork_asm+0x1b/0x30 [ 50.646764] [ 50.647533] The buggy address belongs to the object at ffff888101a813e0 [ 50.647533] which belongs to the cache kmalloc-16 of size 16 [ 50.648716] The buggy address is located 8 bytes inside of [ 50.648716] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 50.649852] [ 50.650365] The buggy address belongs to the physical page: [ 50.651364] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 50.652512] flags: 0x200000000000800(slab|node=0|zone=2) [ 50.653063] page_type: 0xffffffff() [ 50.654012] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 50.655300] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 50.656461] page dumped because: kasan: bad access detected [ 50.656944] [ 50.657250] Memory state around the buggy address: [ 50.658064] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 50.658972] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 50.659893] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 50.660453] ^ [ 50.661658] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.662418] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.663352] ================================================================== [ 50.785598] ================================================================== [ 50.786118] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x15a/0x5e0 [ 50.788192] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 50.789334] [ 50.789879] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.791132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.791942] Call Trace: [ 50.792224] <TASK> [ 50.792475] dump_stack_lvl+0x4e/0x90 [ 50.793849] print_report+0xd2/0x660 [ 50.794267] ? __virt_addr_valid+0x156/0x1e0 [ 50.795323] ? kasan_complete_mode_report_info+0x2a/0x200 [ 50.796484] kasan_report+0xff/0x140 [ 50.797348] ? kasan_bitops_modify.constprop.0+0x15a/0x5e0 [ 50.798172] ? kasan_bitops_modify.constprop.0+0x15a/0x5e0 [ 50.799472] kasan_check_range+0x10c/0x1c0 [ 50.800040] __kasan_check_write+0x18/0x20 [ 50.800832] kasan_bitops_modify.constprop.0+0x15a/0x5e0 [ 50.801843] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 50.802732] ? kasan_set_track+0x29/0x40 [ 50.803451] ? kasan_save_alloc_info+0x22/0x30 [ 50.804320] ? __kasan_kmalloc+0xb7/0xc0 [ 50.804982] kasan_bitops_generic+0xa9/0x130 [ 50.805675] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.806560] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.807429] ? kunit_try_run_case+0x11b/0x290 [ 50.807895] kunit_try_run_case+0x126/0x290 [ 50.809036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.809618] ? __kasan_check_write+0x18/0x20 [ 50.810605] ? trace_preempt_on+0x20/0xa0 [ 50.811713] ? __kthread_parkme+0x4f/0xd0 [ 50.812329] ? preempt_count_sub+0x50/0x80 [ 50.813140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.813702] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.814591] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.815483] kthread+0x19e/0x1e0 [ 50.816020] ? __pfx_kthread+0x10/0x10 [ 50.816625] ret_from_fork+0x41/0x70 [ 50.817614] ? __pfx_kthread+0x10/0x10 [ 50.818426] ret_from_fork_asm+0x1b/0x30 [ 50.819207] </TASK> [ 50.819461] [ 50.819650] Allocated by task 224: [ 50.820285] kasan_save_stack+0x3c/0x60 [ 50.820884] kasan_set_track+0x29/0x40 [ 50.821890] kasan_save_alloc_info+0x22/0x30 [ 50.822365] __kasan_kmalloc+0xb7/0xc0 [ 50.823308] kmalloc_trace+0x4c/0xb0 [ 50.824384] kasan_bitops_generic+0x8e/0x130 [ 50.825094] kunit_try_run_case+0x126/0x290 [ 50.825647] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.826762] kthread+0x19e/0x1e0 [ 50.827408] ret_from_fork+0x41/0x70 [ 50.827878] ret_from_fork_asm+0x1b/0x30 [ 50.828336] [ 50.828587] The buggy address belongs to the object at ffff888101a813e0 [ 50.828587] which belongs to the cache kmalloc-16 of size 16 [ 50.830786] The buggy address is located 8 bytes inside of [ 50.830786] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 50.832348] [ 50.832689] The buggy address belongs to the physical page: [ 50.833502] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 50.835029] flags: 0x200000000000800(slab|node=0|zone=2) [ 50.835566] page_type: 0xffffffff() [ 50.836313] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 50.837305] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 50.838582] page dumped because: kasan: bad access detected [ 50.839048] [ 50.839334] Memory state around the buggy address: [ 50.840002] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 50.840949] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 50.841721] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 50.842584] ^ [ 50.843116] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.844305] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.845281] ================================================================== [ 50.725294] ================================================================== [ 50.727067] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x11c/0x5e0 [ 50.728776] Write of size 8 at addr ffff888101a813e8 by task kunit_try_catch/224 [ 50.729610] [ 50.729934] CPU: 0 PID: 224 Comm: kunit_try_catch Tainted: G B N 6.6.76-rc1 #1 [ 50.730845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.731643] Call Trace: [ 50.732030] <TASK> [ 50.732671] dump_stack_lvl+0x4e/0x90 [ 50.733728] print_report+0xd2/0x660 [ 50.734233] ? __virt_addr_valid+0x156/0x1e0 [ 50.734670] ? kasan_complete_mode_report_info+0x2a/0x200 [ 50.735830] kasan_report+0xff/0x140 [ 50.736514] ? kasan_bitops_modify.constprop.0+0x11c/0x5e0 [ 50.737448] ? kasan_bitops_modify.constprop.0+0x11c/0x5e0 [ 50.738373] kasan_check_range+0x10c/0x1c0 [ 50.738962] __kasan_check_write+0x18/0x20 [ 50.739729] kasan_bitops_modify.constprop.0+0x11c/0x5e0 [ 50.740684] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 50.741418] ? kasan_set_track+0x29/0x40 [ 50.742568] ? kasan_save_alloc_info+0x22/0x30 [ 50.743389] ? __kasan_kmalloc+0xb7/0xc0 [ 50.744061] kasan_bitops_generic+0xa9/0x130 [ 50.744551] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.745342] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 50.745914] ? kunit_try_run_case+0x11b/0x290 [ 50.746552] kunit_try_run_case+0x126/0x290 [ 50.747656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.748422] ? __kasan_check_write+0x18/0x20 [ 50.748832] ? trace_preempt_on+0x20/0xa0 [ 50.749799] ? __kthread_parkme+0x4f/0xd0 [ 50.750765] ? preempt_count_sub+0x50/0x80 [ 50.751367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 50.751914] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 50.752559] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.753655] kthread+0x19e/0x1e0 [ 50.754408] ? __pfx_kthread+0x10/0x10 [ 50.755212] ret_from_fork+0x41/0x70 [ 50.756119] ? __pfx_kthread+0x10/0x10 [ 50.756599] ret_from_fork_asm+0x1b/0x30 [ 50.757363] </TASK> [ 50.757710] [ 50.758074] Allocated by task 224: [ 50.758530] kasan_save_stack+0x3c/0x60 [ 50.759640] kasan_set_track+0x29/0x40 [ 50.760213] kasan_save_alloc_info+0x22/0x30 [ 50.760747] __kasan_kmalloc+0xb7/0xc0 [ 50.762279] kmalloc_trace+0x4c/0xb0 [ 50.762715] kasan_bitops_generic+0x8e/0x130 [ 50.763300] kunit_try_run_case+0x126/0x290 [ 50.764374] kunit_generic_run_threadfn_adapter+0x33/0x50 [ 50.765173] kthread+0x19e/0x1e0 [ 50.765557] ret_from_fork+0x41/0x70 [ 50.765966] ret_from_fork_asm+0x1b/0x30 [ 50.767368] [ 50.767727] The buggy address belongs to the object at ffff888101a813e0 [ 50.767727] which belongs to the cache kmalloc-16 of size 16 [ 50.769166] The buggy address is located 8 bytes inside of [ 50.769166] allocated 9-byte region [ffff888101a813e0, ffff888101a813e9) [ 50.771203] [ 50.771894] The buggy address belongs to the physical page: [ 50.772882] page:(____ptrval____) refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a81 [ 50.774015] flags: 0x200000000000800(slab|node=0|zone=2) [ 50.774924] page_type: 0xffffffff() [ 50.775342] raw: 0200000000000800 ffff8881000413c0 dead000000000122 0000000000000000 [ 50.776610] raw: 0000000000000000 0000000080800080 00000001ffffffff 0000000000000000 [ 50.777120] page dumped because: kasan: bad access detected [ 50.778324] [ 50.778514] Memory state around the buggy address: [ 50.779406] ffff888101a81280: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 50.780484] ffff888101a81300: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 50.781511] >ffff888101a81380: fa fb fc fc 00 05 fc fc fa fb fc fc 00 01 fc fc [ 50.782072] ^ [ 50.782822] ffff888101a81400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.783494] ffff888101a81480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 50.784165] ==================================================================