Date
July 1, 2025, 12:10 a.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 19.745225] ================================================================== [ 19.745355] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 19.745422] Write of size 8 at addr fff00000c3f30b28 by task kunit_try_catch/261 [ 19.745510] [ 19.745550] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.745635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.745665] Hardware name: linux,dummy-virt (DT) [ 19.745703] Call trace: [ 19.745729] show_stack+0x20/0x38 (C) [ 19.745782] dump_stack_lvl+0x8c/0xd0 [ 19.745834] print_report+0x118/0x608 [ 19.745894] kasan_report+0xdc/0x128 [ 19.745943] kasan_check_range+0x100/0x1a8 [ 19.745993] __kasan_check_write+0x20/0x30 [ 19.746040] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 19.746094] kasan_bitops_generic+0x110/0x1c8 [ 19.746153] kunit_try_run_case+0x170/0x3f0 [ 19.746213] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.746269] kthread+0x328/0x630 [ 19.746314] ret_from_fork+0x10/0x20 [ 19.746364] [ 19.746385] Allocated by task 261: [ 19.746427] kasan_save_stack+0x3c/0x68 [ 19.746832] kasan_save_track+0x20/0x40 [ 19.747340] kasan_save_alloc_info+0x40/0x58 [ 19.747524] __kasan_kmalloc+0xd4/0xd8 [ 19.747569] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.747613] kasan_bitops_generic+0xa0/0x1c8 [ 19.747791] kunit_try_run_case+0x170/0x3f0 [ 19.748199] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.748284] kthread+0x328/0x630 [ 19.748492] ret_from_fork+0x10/0x20 [ 19.748550] [ 19.748984] The buggy address belongs to the object at fff00000c3f30b20 [ 19.748984] which belongs to the cache kmalloc-16 of size 16 [ 19.749063] The buggy address is located 8 bytes inside of [ 19.749063] allocated 9-byte region [fff00000c3f30b20, fff00000c3f30b29) [ 19.749267] [ 19.749294] The buggy address belongs to the physical page: [ 19.749351] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f30 [ 19.749566] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.749787] page_type: f5(slab) [ 19.749887] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.750081] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.750129] page dumped because: kasan: bad access detected [ 19.750519] [ 19.750560] Memory state around the buggy address: [ 19.750772] fff00000c3f30a00: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 19.750905] fff00000c3f30a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.751133] >fff00000c3f30b00: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 19.751182] ^ [ 19.751218] fff00000c3f30b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.751512] fff00000c3f30c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.751671] ================================================================== [ 19.753257] ================================================================== [ 19.753367] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 19.753703] Read of size 8 at addr fff00000c3f30b28 by task kunit_try_catch/261 [ 19.753791] [ 19.753993] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.754223] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.754346] Hardware name: linux,dummy-virt (DT) [ 19.754419] Call trace: [ 19.754459] show_stack+0x20/0x38 (C) [ 19.754836] dump_stack_lvl+0x8c/0xd0 [ 19.754914] print_report+0x118/0x608 [ 19.754964] kasan_report+0xdc/0x128 [ 19.755412] __asan_report_load8_noabort+0x20/0x30 [ 19.755997] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 19.756175] kasan_bitops_generic+0x110/0x1c8 [ 19.756293] kunit_try_run_case+0x170/0x3f0 [ 19.756406] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.756889] kthread+0x328/0x630 [ 19.757131] ret_from_fork+0x10/0x20 [ 19.757386] [ 19.757490] Allocated by task 261: [ 19.757607] kasan_save_stack+0x3c/0x68 [ 19.757724] kasan_save_track+0x20/0x40 [ 19.757921] kasan_save_alloc_info+0x40/0x58 [ 19.758170] __kasan_kmalloc+0xd4/0xd8 [ 19.758393] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.758783] kasan_bitops_generic+0xa0/0x1c8 [ 19.759061] kunit_try_run_case+0x170/0x3f0 [ 19.759215] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.759270] kthread+0x328/0x630 [ 19.759687] ret_from_fork+0x10/0x20 [ 19.759761] [ 19.759787] The buggy address belongs to the object at fff00000c3f30b20 [ 19.759787] which belongs to the cache kmalloc-16 of size 16 [ 19.759859] The buggy address is located 8 bytes inside of [ 19.759859] allocated 9-byte region [fff00000c3f30b20, fff00000c3f30b29) [ 19.759954] [ 19.759976] The buggy address belongs to the physical page: [ 19.760020] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f30 [ 19.760093] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.760159] page_type: f5(slab) [ 19.760200] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.760256] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.760301] page dumped because: kasan: bad access detected [ 19.760337] [ 19.760363] Memory state around the buggy address: [ 19.760414] fff00000c3f30a00: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 19.760475] fff00000c3f30a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.760529] >fff00000c3f30b00: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 19.760571] ^ [ 19.760621] fff00000c3f30b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.760667] fff00000c3f30c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.760709] ================================================================== [ 19.772629] ================================================================== [ 19.772686] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 19.772742] Read of size 8 at addr fff00000c3f30b28 by task kunit_try_catch/261 [ 19.772795] [ 19.772827] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.772927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.772961] Hardware name: linux,dummy-virt (DT) [ 19.772995] Call trace: [ 19.773018] show_stack+0x20/0x38 (C) [ 19.773069] dump_stack_lvl+0x8c/0xd0 [ 19.773119] print_report+0x118/0x608 [ 19.773169] kasan_report+0xdc/0x128 [ 19.773217] __asan_report_load8_noabort+0x20/0x30 [ 19.773268] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 19.773322] kasan_bitops_generic+0x110/0x1c8 [ 19.773371] kunit_try_run_case+0x170/0x3f0 [ 19.773421] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.775225] kthread+0x328/0x630 [ 19.775389] ret_from_fork+0x10/0x20 [ 19.775462] [ 19.775516] Allocated by task 261: [ 19.775551] kasan_save_stack+0x3c/0x68 [ 19.775597] kasan_save_track+0x20/0x40 [ 19.775894] kasan_save_alloc_info+0x40/0x58 [ 19.776151] __kasan_kmalloc+0xd4/0xd8 [ 19.776482] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.776620] kasan_bitops_generic+0xa0/0x1c8 [ 19.776697] kunit_try_run_case+0x170/0x3f0 [ 19.776740] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.776978] kthread+0x328/0x630 [ 19.777053] ret_from_fork+0x10/0x20 [ 19.777247] [ 19.777364] The buggy address belongs to the object at fff00000c3f30b20 [ 19.777364] which belongs to the cache kmalloc-16 of size 16 [ 19.777543] The buggy address is located 8 bytes inside of [ 19.777543] allocated 9-byte region [fff00000c3f30b20, fff00000c3f30b29) [ 19.777690] [ 19.778031] The buggy address belongs to the physical page: [ 19.778143] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f30 [ 19.778213] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.778272] page_type: f5(slab) [ 19.778311] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.778397] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.778457] page dumped because: kasan: bad access detected [ 19.778793] [ 19.778815] Memory state around the buggy address: [ 19.778987] fff00000c3f30a00: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 19.779119] fff00000c3f30a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.779332] >fff00000c3f30b00: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 19.779419] ^ [ 19.779526] fff00000c3f30b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.779711] fff00000c3f30c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.781408] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 19.782099] dump_stack_lvl+0x8c/0xd0 [ 19.782492] __kasan_check_write+0x20/0x30 [ 19.782705] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.783342] __kasan_kmalloc+0xd4/0xd8 [ 19.784136] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.785374] The buggy address is located 8 bytes inside of [ 19.785374] allocated 9-byte region [fff00000c3f30b20, fff00000c3f30b29) [ 19.786380] Memory state around the buggy address: [ 19.786413] fff00000c3f30a00: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 19.786563] ^ [ 19.786652] fff00000c3f30c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.788248] Write of size 8 at addr fff00000c3f30b28 by task kunit_try_catch/261 [ 19.789440] Hardware name: linux,dummy-virt (DT) [ 19.790084] kasan_report+0xdc/0x128 [ 19.790831] kunit_try_run_case+0x170/0x3f0 [ 19.791994] __kasan_kmalloc+0xd4/0xd8 [ 19.792042] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.792711] kthread+0x328/0x630 [ 19.793717] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.793962] [ 19.793991] Memory state around the buggy address: [ 19.794036] fff00000c3f30a00: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 19.794214] fff00000c3f30b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.795947] Read of size 8 at addr fff00000c3f30b28 by task kunit_try_catch/261 [ 19.797122] print_report+0x118/0x608 [ 19.797476] kasan_bitops_modify.constprop.0+0xaec/0xbc0 [ 19.797646] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.798628] kunit_try_run_case+0x170/0x3f0 [ 19.799367] [ 19.799649] [ 19.800255] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.801020] [ 19.801206] Memory state around the buggy address: [ 19.801329] fff00000c3f30a00: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 19.801740] >fff00000c3f30b00: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 19.802663] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x344/0xbc0 [ 19.803283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.803568] Call trace: [ 19.803990] dump_stack_lvl+0x8c/0xd0 [ 19.804639] __kasan_check_write+0x20/0x30 [ 19.805123] kunit_try_run_case+0x170/0x3f0 [ 19.806072] kasan_save_track+0x20/0x40 [ 19.807022] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.807351] [ 19.807419] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f30 [ 19.807732] [ 19.807753] Memory state around the buggy address: [ 19.807807] fff00000c3f30a00: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 19.807865] fff00000c3f30a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.808105] ================================================================== [ 19.762719] ================================================================== [ 19.762797] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 19.762850] Write of size 8 at addr fff00000c3f30b28 by task kunit_try_catch/261 [ 19.762902] [ 19.763156] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.763295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.763560] Hardware name: linux,dummy-virt (DT) [ 19.763613] Call trace: [ 19.763658] show_stack+0x20/0x38 (C) [ 19.763873] dump_stack_lvl+0x8c/0xd0 [ 19.764215] print_report+0x118/0x608 [ 19.764327] kasan_report+0xdc/0x128 [ 19.764520] kasan_check_range+0x100/0x1a8 [ 19.764636] __kasan_check_write+0x20/0x30 [ 19.764872] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 19.765140] kasan_bitops_generic+0x110/0x1c8 [ 19.765221] kunit_try_run_case+0x170/0x3f0 [ 19.765439] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.765756] kthread+0x328/0x630 [ 19.766141] ret_from_fork+0x10/0x20 [ 19.766627] [ 19.766669] Allocated by task 261: [ 19.766870] kasan_save_stack+0x3c/0x68 [ 19.766923] kasan_save_track+0x20/0x40 [ 19.767317] kasan_save_alloc_info+0x40/0x58 [ 19.767384] __kasan_kmalloc+0xd4/0xd8 [ 19.767805] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.767967] kasan_bitops_generic+0xa0/0x1c8 [ 19.768163] kunit_try_run_case+0x170/0x3f0 [ 19.768610] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.768805] kthread+0x328/0x630 [ 19.769050] ret_from_fork+0x10/0x20 [ 19.769574] [ 19.769768] The buggy address belongs to the object at fff00000c3f30b20 [ 19.769768] which belongs to the cache kmalloc-16 of size 16 [ 19.770062] The buggy address is located 8 bytes inside of [ 19.770062] allocated 9-byte region [fff00000c3f30b20, fff00000c3f30b29) [ 19.770435] [ 19.770571] The buggy address belongs to the physical page: [ 19.770613] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f30 [ 19.770820] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.771023] page_type: f5(slab) [ 19.771094] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.771762] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.771816] page dumped because: kasan: bad access detected [ 19.771852] [ 19.771874] Memory state around the buggy address: [ 19.771913] fff00000c3f30a00: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 19.771961] fff00000c3f30a80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.772008] >fff00000c3f30b00: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 19.772049] ^ [ 19.772085] fff00000c3f30b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.772130] fff00000c3f30c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.772171] ==================================================================
[ 13.513502] ================================================================== [ 13.513822] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.514100] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.514323] [ 13.514431] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.514473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.514485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.514505] Call Trace: [ 13.514517] <TASK> [ 13.514532] dump_stack_lvl+0x73/0xb0 [ 13.514556] print_report+0xd1/0x650 [ 13.514577] ? __virt_addr_valid+0x1db/0x2d0 [ 13.514598] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.514623] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.514644] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.514668] kasan_report+0x141/0x180 [ 13.514689] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.514719] kasan_check_range+0x10c/0x1c0 [ 13.514742] __kasan_check_write+0x18/0x20 [ 13.514761] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.514785] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.514811] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.514834] ? finish_task_switch.isra.0+0x156/0x700 [ 13.514855] ? kasan_bitops_generic+0x92/0x1c0 [ 13.514883] kasan_bitops_generic+0x116/0x1c0 [ 13.514905] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.514930] ? __pfx_read_tsc+0x10/0x10 [ 13.514949] ? ktime_get_ts64+0x86/0x230 [ 13.514972] kunit_try_run_case+0x1a5/0x480 [ 13.514993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.515015] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.515079] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.515101] ? __kthread_parkme+0x82/0x180 [ 13.515121] ? preempt_count_sub+0x50/0x80 [ 13.515162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.515185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.515207] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.515229] kthread+0x337/0x6f0 [ 13.515248] ? trace_preempt_on+0x20/0xc0 [ 13.515269] ? __pfx_kthread+0x10/0x10 [ 13.515290] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.515310] ? calculate_sigpending+0x7b/0xa0 [ 13.515333] ? __pfx_kthread+0x10/0x10 [ 13.515354] ret_from_fork+0x116/0x1d0 [ 13.515372] ? __pfx_kthread+0x10/0x10 [ 13.515392] ret_from_fork_asm+0x1a/0x30 [ 13.515421] </TASK> [ 13.515432] [ 13.523237] Allocated by task 278: [ 13.523401] kasan_save_stack+0x45/0x70 [ 13.523565] kasan_save_track+0x18/0x40 [ 13.523744] kasan_save_alloc_info+0x3b/0x50 [ 13.523894] __kasan_kmalloc+0xb7/0xc0 [ 13.524035] __kmalloc_cache_noprof+0x189/0x420 [ 13.524215] kasan_bitops_generic+0x92/0x1c0 [ 13.524392] kunit_try_run_case+0x1a5/0x480 [ 13.524569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.524797] kthread+0x337/0x6f0 [ 13.524963] ret_from_fork+0x116/0x1d0 [ 13.525105] ret_from_fork_asm+0x1a/0x30 [ 13.525263] [ 13.525334] The buggy address belongs to the object at ffff8881027a1100 [ 13.525334] which belongs to the cache kmalloc-16 of size 16 [ 13.525787] The buggy address is located 8 bytes inside of [ 13.525787] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.526341] [ 13.526412] The buggy address belongs to the physical page: [ 13.526583] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.526821] flags: 0x200000000000000(node=0|zone=2) [ 13.526983] page_type: f5(slab) [ 13.527188] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.527536] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.527879] page dumped because: kasan: bad access detected [ 13.528160] [ 13.528256] Memory state around the buggy address: [ 13.528490] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.528808] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.529150] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.529385] ^ [ 13.529505] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.529753] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.530087] ================================================================== [ 13.493938] ================================================================== [ 13.494811] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.495238] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.495520] [ 13.495630] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.495670] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.495682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.495703] Call Trace: [ 13.495716] <TASK> [ 13.495731] dump_stack_lvl+0x73/0xb0 [ 13.495756] print_report+0xd1/0x650 [ 13.495778] ? __virt_addr_valid+0x1db/0x2d0 [ 13.495799] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.495824] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.495846] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.495872] kasan_report+0x141/0x180 [ 13.495892] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.495922] kasan_check_range+0x10c/0x1c0 [ 13.495945] __kasan_check_write+0x18/0x20 [ 13.495964] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.495988] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.496015] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.496051] ? finish_task_switch.isra.0+0x156/0x700 [ 13.496073] ? kasan_bitops_generic+0x92/0x1c0 [ 13.496100] kasan_bitops_generic+0x116/0x1c0 [ 13.496122] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.496147] ? __pfx_read_tsc+0x10/0x10 [ 13.496167] ? ktime_get_ts64+0x86/0x230 [ 13.496190] kunit_try_run_case+0x1a5/0x480 [ 13.496213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.496234] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.496257] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.496279] ? __kthread_parkme+0x82/0x180 [ 13.496299] ? preempt_count_sub+0x50/0x80 [ 13.496321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.496344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.496366] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.496388] kthread+0x337/0x6f0 [ 13.496407] ? trace_preempt_on+0x20/0xc0 [ 13.496429] ? __pfx_kthread+0x10/0x10 [ 13.496449] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.496470] ? calculate_sigpending+0x7b/0xa0 [ 13.496492] ? __pfx_kthread+0x10/0x10 [ 13.496513] ret_from_fork+0x116/0x1d0 [ 13.496530] ? __pfx_kthread+0x10/0x10 [ 13.496550] ret_from_fork_asm+0x1a/0x30 [ 13.496579] </TASK> [ 13.496590] [ 13.504392] Allocated by task 278: [ 13.504585] kasan_save_stack+0x45/0x70 [ 13.504749] kasan_save_track+0x18/0x40 [ 13.504938] kasan_save_alloc_info+0x3b/0x50 [ 13.505124] __kasan_kmalloc+0xb7/0xc0 [ 13.505294] __kmalloc_cache_noprof+0x189/0x420 [ 13.505522] kasan_bitops_generic+0x92/0x1c0 [ 13.505690] kunit_try_run_case+0x1a5/0x480 [ 13.505836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.506008] kthread+0x337/0x6f0 [ 13.506139] ret_from_fork+0x116/0x1d0 [ 13.506270] ret_from_fork_asm+0x1a/0x30 [ 13.506407] [ 13.506477] The buggy address belongs to the object at ffff8881027a1100 [ 13.506477] which belongs to the cache kmalloc-16 of size 16 [ 13.506826] The buggy address is located 8 bytes inside of [ 13.506826] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.507934] [ 13.508049] The buggy address belongs to the physical page: [ 13.508298] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.508644] flags: 0x200000000000000(node=0|zone=2) [ 13.508945] page_type: f5(slab) [ 13.509125] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.509475] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.509767] page dumped because: kasan: bad access detected [ 13.509939] [ 13.510010] Memory state around the buggy address: [ 13.510210] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.510537] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.510852] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.511246] ^ [ 13.511425] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.511686] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.511941] ================================================================== [ 13.457159] ================================================================== [ 13.457511] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.458253] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.458477] [ 13.458559] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.458598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.458610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.458631] Call Trace: [ 13.458644] <TASK> [ 13.458657] dump_stack_lvl+0x73/0xb0 [ 13.458684] print_report+0xd1/0x650 [ 13.458706] ? __virt_addr_valid+0x1db/0x2d0 [ 13.458727] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.458751] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.458773] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.458799] kasan_report+0x141/0x180 [ 13.458821] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.458850] kasan_check_range+0x10c/0x1c0 [ 13.458873] __kasan_check_write+0x18/0x20 [ 13.458892] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.458916] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.458942] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.458966] ? finish_task_switch.isra.0+0x156/0x700 [ 13.458987] ? kasan_bitops_generic+0x92/0x1c0 [ 13.459014] kasan_bitops_generic+0x116/0x1c0 [ 13.459049] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.459077] ? __pfx_read_tsc+0x10/0x10 [ 13.459097] ? ktime_get_ts64+0x86/0x230 [ 13.459120] kunit_try_run_case+0x1a5/0x480 [ 13.459143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.459164] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.459186] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.459211] ? __kthread_parkme+0x82/0x180 [ 13.459230] ? preempt_count_sub+0x50/0x80 [ 13.459252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.459275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.459299] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.459335] kthread+0x337/0x6f0 [ 13.459354] ? trace_preempt_on+0x20/0xc0 [ 13.459376] ? __pfx_kthread+0x10/0x10 [ 13.459396] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.459416] ? calculate_sigpending+0x7b/0xa0 [ 13.459439] ? __pfx_kthread+0x10/0x10 [ 13.459460] ret_from_fork+0x116/0x1d0 [ 13.459477] ? __pfx_kthread+0x10/0x10 [ 13.459497] ret_from_fork_asm+0x1a/0x30 [ 13.459526] </TASK> [ 13.459537] [ 13.467259] Allocated by task 278: [ 13.467437] kasan_save_stack+0x45/0x70 [ 13.467578] kasan_save_track+0x18/0x40 [ 13.467711] kasan_save_alloc_info+0x3b/0x50 [ 13.467857] __kasan_kmalloc+0xb7/0xc0 [ 13.467989] __kmalloc_cache_noprof+0x189/0x420 [ 13.468285] kasan_bitops_generic+0x92/0x1c0 [ 13.468497] kunit_try_run_case+0x1a5/0x480 [ 13.468709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.468965] kthread+0x337/0x6f0 [ 13.469146] ret_from_fork+0x116/0x1d0 [ 13.469343] ret_from_fork_asm+0x1a/0x30 [ 13.469503] [ 13.469573] The buggy address belongs to the object at ffff8881027a1100 [ 13.469573] which belongs to the cache kmalloc-16 of size 16 [ 13.469963] The buggy address is located 8 bytes inside of [ 13.469963] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.471035] [ 13.471113] The buggy address belongs to the physical page: [ 13.471285] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.471522] flags: 0x200000000000000(node=0|zone=2) [ 13.471681] page_type: f5(slab) [ 13.471936] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.472476] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.472744] page dumped because: kasan: bad access detected [ 13.472916] [ 13.472984] Memory state around the buggy address: [ 13.473148] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.473469] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.473789] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.474114] ^ [ 13.474423] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.474690] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.474901] ================================================================== [ 13.438923] ================================================================== [ 13.439624] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.439956] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.440318] [ 13.440411] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.440452] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.440463] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.440483] Call Trace: [ 13.440494] <TASK> [ 13.440507] dump_stack_lvl+0x73/0xb0 [ 13.440531] print_report+0xd1/0x650 [ 13.440552] ? __virt_addr_valid+0x1db/0x2d0 [ 13.440574] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.440599] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.440620] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.440646] kasan_report+0x141/0x180 [ 13.440667] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.440697] kasan_check_range+0x10c/0x1c0 [ 13.440719] __kasan_check_write+0x18/0x20 [ 13.440738] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.440763] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.440789] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.440813] ? finish_task_switch.isra.0+0x156/0x700 [ 13.440835] ? kasan_bitops_generic+0x92/0x1c0 [ 13.440861] kasan_bitops_generic+0x116/0x1c0 [ 13.440884] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.440908] ? __pfx_read_tsc+0x10/0x10 [ 13.440928] ? ktime_get_ts64+0x86/0x230 [ 13.440951] kunit_try_run_case+0x1a5/0x480 [ 13.440974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.440996] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.441018] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.441053] ? __kthread_parkme+0x82/0x180 [ 13.441073] ? preempt_count_sub+0x50/0x80 [ 13.441095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.441118] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.441140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.441176] kthread+0x337/0x6f0 [ 13.441195] ? trace_preempt_on+0x20/0xc0 [ 13.441218] ? __pfx_kthread+0x10/0x10 [ 13.441238] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.441259] ? calculate_sigpending+0x7b/0xa0 [ 13.441281] ? __pfx_kthread+0x10/0x10 [ 13.441301] ret_from_fork+0x116/0x1d0 [ 13.441319] ? __pfx_kthread+0x10/0x10 [ 13.441338] ret_from_fork_asm+0x1a/0x30 [ 13.441367] </TASK> [ 13.441378] [ 13.449363] Allocated by task 278: [ 13.449590] kasan_save_stack+0x45/0x70 [ 13.449769] kasan_save_track+0x18/0x40 [ 13.449905] kasan_save_alloc_info+0x3b/0x50 [ 13.450136] __kasan_kmalloc+0xb7/0xc0 [ 13.450337] __kmalloc_cache_noprof+0x189/0x420 [ 13.450556] kasan_bitops_generic+0x92/0x1c0 [ 13.450751] kunit_try_run_case+0x1a5/0x480 [ 13.450908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.451172] kthread+0x337/0x6f0 [ 13.451313] ret_from_fork+0x116/0x1d0 [ 13.451494] ret_from_fork_asm+0x1a/0x30 [ 13.451659] [ 13.451743] The buggy address belongs to the object at ffff8881027a1100 [ 13.451743] which belongs to the cache kmalloc-16 of size 16 [ 13.452101] The buggy address is located 8 bytes inside of [ 13.452101] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.452448] [ 13.452518] The buggy address belongs to the physical page: [ 13.452687] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.452921] flags: 0x200000000000000(node=0|zone=2) [ 13.453164] page_type: f5(slab) [ 13.453334] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.453671] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.454001] page dumped because: kasan: bad access detected [ 13.454309] [ 13.454399] Memory state around the buggy address: [ 13.454623] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.454937] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.455420] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.455636] ^ [ 13.455757] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.455969] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.456294] ================================================================== [ 13.421285] ================================================================== [ 13.421726] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.422074] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.422434] [ 13.422564] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.422608] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.422620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.422642] Call Trace: [ 13.422654] <TASK> [ 13.422668] dump_stack_lvl+0x73/0xb0 [ 13.422694] print_report+0xd1/0x650 [ 13.422716] ? __virt_addr_valid+0x1db/0x2d0 [ 13.422737] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.422761] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.422782] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.422807] kasan_report+0x141/0x180 [ 13.422828] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.422857] kasan_check_range+0x10c/0x1c0 [ 13.422880] __kasan_check_write+0x18/0x20 [ 13.422899] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.422924] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.422949] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.422973] ? finish_task_switch.isra.0+0x156/0x700 [ 13.422996] ? kasan_bitops_generic+0x92/0x1c0 [ 13.423022] kasan_bitops_generic+0x116/0x1c0 [ 13.423061] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.423086] ? __pfx_read_tsc+0x10/0x10 [ 13.423106] ? ktime_get_ts64+0x86/0x230 [ 13.423129] kunit_try_run_case+0x1a5/0x480 [ 13.423152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.423173] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.423195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.423217] ? __kthread_parkme+0x82/0x180 [ 13.423237] ? preempt_count_sub+0x50/0x80 [ 13.423274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.423298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.423319] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.423342] kthread+0x337/0x6f0 [ 13.423361] ? trace_preempt_on+0x20/0xc0 [ 13.423383] ? __pfx_kthread+0x10/0x10 [ 13.423404] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.423424] ? calculate_sigpending+0x7b/0xa0 [ 13.423448] ? __pfx_kthread+0x10/0x10 [ 13.423469] ret_from_fork+0x116/0x1d0 [ 13.423486] ? __pfx_kthread+0x10/0x10 [ 13.423506] ret_from_fork_asm+0x1a/0x30 [ 13.423535] </TASK> [ 13.423546] [ 13.431233] Allocated by task 278: [ 13.431392] kasan_save_stack+0x45/0x70 [ 13.431581] kasan_save_track+0x18/0x40 [ 13.431745] kasan_save_alloc_info+0x3b/0x50 [ 13.431932] __kasan_kmalloc+0xb7/0xc0 [ 13.432119] __kmalloc_cache_noprof+0x189/0x420 [ 13.432335] kasan_bitops_generic+0x92/0x1c0 [ 13.432496] kunit_try_run_case+0x1a5/0x480 [ 13.432641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.432896] kthread+0x337/0x6f0 [ 13.433074] ret_from_fork+0x116/0x1d0 [ 13.433310] ret_from_fork_asm+0x1a/0x30 [ 13.433455] [ 13.433543] The buggy address belongs to the object at ffff8881027a1100 [ 13.433543] which belongs to the cache kmalloc-16 of size 16 [ 13.434067] The buggy address is located 8 bytes inside of [ 13.434067] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.434539] [ 13.434614] The buggy address belongs to the physical page: [ 13.434785] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.435023] flags: 0x200000000000000(node=0|zone=2) [ 13.435324] page_type: f5(slab) [ 13.435491] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.435828] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.436182] page dumped because: kasan: bad access detected [ 13.436415] [ 13.436489] Memory state around the buggy address: [ 13.436644] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.436858] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.437165] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.437479] ^ [ 13.437653] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.437973] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.438282] ================================================================== [ 13.530974] ================================================================== [ 13.531382] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.531680] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.531952] [ 13.532042] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.532081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.532092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.532112] Call Trace: [ 13.532126] <TASK> [ 13.532160] dump_stack_lvl+0x73/0xb0 [ 13.532187] print_report+0xd1/0x650 [ 13.532209] ? __virt_addr_valid+0x1db/0x2d0 [ 13.532232] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.532257] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.532279] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.532304] kasan_report+0x141/0x180 [ 13.532325] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.532354] kasan_check_range+0x10c/0x1c0 [ 13.532377] __kasan_check_write+0x18/0x20 [ 13.532396] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.532420] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.532446] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.532469] ? finish_task_switch.isra.0+0x156/0x700 [ 13.532490] ? kasan_bitops_generic+0x92/0x1c0 [ 13.532516] kasan_bitops_generic+0x116/0x1c0 [ 13.532538] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.532562] ? __pfx_read_tsc+0x10/0x10 [ 13.532583] ? ktime_get_ts64+0x86/0x230 [ 13.532604] kunit_try_run_case+0x1a5/0x480 [ 13.532627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.532648] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.532669] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.532691] ? __kthread_parkme+0x82/0x180 [ 13.532711] ? preempt_count_sub+0x50/0x80 [ 13.532733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.532756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.532777] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.532800] kthread+0x337/0x6f0 [ 13.532819] ? trace_preempt_on+0x20/0xc0 [ 13.532840] ? __pfx_kthread+0x10/0x10 [ 13.532861] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.532881] ? calculate_sigpending+0x7b/0xa0 [ 13.532904] ? __pfx_kthread+0x10/0x10 [ 13.532926] ret_from_fork+0x116/0x1d0 [ 13.532943] ? __pfx_kthread+0x10/0x10 [ 13.532963] ret_from_fork_asm+0x1a/0x30 [ 13.532991] </TASK> [ 13.533002] [ 13.540653] Allocated by task 278: [ 13.540826] kasan_save_stack+0x45/0x70 [ 13.540978] kasan_save_track+0x18/0x40 [ 13.541124] kasan_save_alloc_info+0x3b/0x50 [ 13.541292] __kasan_kmalloc+0xb7/0xc0 [ 13.541482] __kmalloc_cache_noprof+0x189/0x420 [ 13.541704] kasan_bitops_generic+0x92/0x1c0 [ 13.541914] kunit_try_run_case+0x1a5/0x480 [ 13.542160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.542416] kthread+0x337/0x6f0 [ 13.542582] ret_from_fork+0x116/0x1d0 [ 13.542740] ret_from_fork_asm+0x1a/0x30 [ 13.542878] [ 13.542948] The buggy address belongs to the object at ffff8881027a1100 [ 13.542948] which belongs to the cache kmalloc-16 of size 16 [ 13.543385] The buggy address is located 8 bytes inside of [ 13.543385] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.543907] [ 13.544003] The buggy address belongs to the physical page: [ 13.544282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.544551] flags: 0x200000000000000(node=0|zone=2) [ 13.544712] page_type: f5(slab) [ 13.544830] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.545119] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.545481] page dumped because: kasan: bad access detected [ 13.545728] [ 13.545820] Memory state around the buggy address: [ 13.546051] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.546390] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.546675] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.546955] ^ [ 13.547122] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.547413] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.547703] ================================================================== [ 13.475391] ================================================================== [ 13.475901] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.476633] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.476929] [ 13.477011] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.477067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.477131] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.477164] Call Trace: [ 13.477178] <TASK> [ 13.477194] dump_stack_lvl+0x73/0xb0 [ 13.477224] print_report+0xd1/0x650 [ 13.477246] ? __virt_addr_valid+0x1db/0x2d0 [ 13.477269] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.477294] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.477316] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.477341] kasan_report+0x141/0x180 [ 13.477363] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.477392] kasan_check_range+0x10c/0x1c0 [ 13.477415] __kasan_check_write+0x18/0x20 [ 13.477435] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.477461] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.477487] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.477511] ? finish_task_switch.isra.0+0x156/0x700 [ 13.477532] ? kasan_bitops_generic+0x92/0x1c0 [ 13.477558] kasan_bitops_generic+0x116/0x1c0 [ 13.477581] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.477606] ? __pfx_read_tsc+0x10/0x10 [ 13.477626] ? ktime_get_ts64+0x86/0x230 [ 13.477649] kunit_try_run_case+0x1a5/0x480 [ 13.477673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.477694] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.477716] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.477738] ? __kthread_parkme+0x82/0x180 [ 13.477758] ? preempt_count_sub+0x50/0x80 [ 13.477780] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.477802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.477825] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.477848] kthread+0x337/0x6f0 [ 13.477866] ? trace_preempt_on+0x20/0xc0 [ 13.477888] ? __pfx_kthread+0x10/0x10 [ 13.477908] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.477928] ? calculate_sigpending+0x7b/0xa0 [ 13.477952] ? __pfx_kthread+0x10/0x10 [ 13.477973] ret_from_fork+0x116/0x1d0 [ 13.477991] ? __pfx_kthread+0x10/0x10 [ 13.478010] ret_from_fork_asm+0x1a/0x30 [ 13.478052] </TASK> [ 13.478062] [ 13.485958] Allocated by task 278: [ 13.486134] kasan_save_stack+0x45/0x70 [ 13.486336] kasan_save_track+0x18/0x40 [ 13.486533] kasan_save_alloc_info+0x3b/0x50 [ 13.486743] __kasan_kmalloc+0xb7/0xc0 [ 13.486913] __kmalloc_cache_noprof+0x189/0x420 [ 13.487108] kasan_bitops_generic+0x92/0x1c0 [ 13.487396] kunit_try_run_case+0x1a5/0x480 [ 13.487585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.487802] kthread+0x337/0x6f0 [ 13.487924] ret_from_fork+0x116/0x1d0 [ 13.488064] ret_from_fork_asm+0x1a/0x30 [ 13.488346] [ 13.488441] The buggy address belongs to the object at ffff8881027a1100 [ 13.488441] which belongs to the cache kmalloc-16 of size 16 [ 13.488977] The buggy address is located 8 bytes inside of [ 13.488977] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.489482] [ 13.489581] The buggy address belongs to the physical page: [ 13.489797] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.490043] flags: 0x200000000000000(node=0|zone=2) [ 13.490205] page_type: f5(slab) [ 13.490324] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.490580] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.490949] page dumped because: kasan: bad access detected [ 13.491215] [ 13.491307] Memory state around the buggy address: [ 13.491525] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.491837] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.492063] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.492599] ^ [ 13.492770] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.493072] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.493405] ================================================================== [ 13.548654] ================================================================== [ 13.549007] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.549389] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.549717] [ 13.549803] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.549844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.549860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.549880] Call Trace: [ 13.549894] <TASK> [ 13.549908] dump_stack_lvl+0x73/0xb0 [ 13.549935] print_report+0xd1/0x650 [ 13.549957] ? __virt_addr_valid+0x1db/0x2d0 [ 13.549978] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.550003] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.550037] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.550063] kasan_report+0x141/0x180 [ 13.550086] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.550116] kasan_check_range+0x10c/0x1c0 [ 13.550159] __kasan_check_write+0x18/0x20 [ 13.550178] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.550205] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.550231] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.550254] ? finish_task_switch.isra.0+0x156/0x700 [ 13.550276] ? kasan_bitops_generic+0x92/0x1c0 [ 13.550302] kasan_bitops_generic+0x116/0x1c0 [ 13.550325] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.550349] ? __pfx_read_tsc+0x10/0x10 [ 13.550369] ? ktime_get_ts64+0x86/0x230 [ 13.550392] kunit_try_run_case+0x1a5/0x480 [ 13.550414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.550435] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.550457] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.550479] ? __kthread_parkme+0x82/0x180 [ 13.550498] ? preempt_count_sub+0x50/0x80 [ 13.550520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.550543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.550564] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.550586] kthread+0x337/0x6f0 [ 13.550605] ? trace_preempt_on+0x20/0xc0 [ 13.550627] ? __pfx_kthread+0x10/0x10 [ 13.550647] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.550667] ? calculate_sigpending+0x7b/0xa0 [ 13.550689] ? __pfx_kthread+0x10/0x10 [ 13.550709] ret_from_fork+0x116/0x1d0 [ 13.550727] ? __pfx_kthread+0x10/0x10 [ 13.550747] ret_from_fork_asm+0x1a/0x30 [ 13.550777] </TASK> [ 13.550787] [ 13.558290] Allocated by task 278: [ 13.558464] kasan_save_stack+0x45/0x70 [ 13.558664] kasan_save_track+0x18/0x40 [ 13.558852] kasan_save_alloc_info+0x3b/0x50 [ 13.559070] __kasan_kmalloc+0xb7/0xc0 [ 13.559283] __kmalloc_cache_noprof+0x189/0x420 [ 13.559472] kasan_bitops_generic+0x92/0x1c0 [ 13.559677] kunit_try_run_case+0x1a5/0x480 [ 13.559828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.560003] kthread+0x337/0x6f0 [ 13.560149] ret_from_fork+0x116/0x1d0 [ 13.560320] ret_from_fork_asm+0x1a/0x30 [ 13.560519] [ 13.560613] The buggy address belongs to the object at ffff8881027a1100 [ 13.560613] which belongs to the cache kmalloc-16 of size 16 [ 13.561128] The buggy address is located 8 bytes inside of [ 13.561128] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.561592] [ 13.561687] The buggy address belongs to the physical page: [ 13.561893] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.562242] flags: 0x200000000000000(node=0|zone=2) [ 13.562440] page_type: f5(slab) [ 13.562590] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.562893] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.563225] page dumped because: kasan: bad access detected [ 13.563440] [ 13.563508] Memory state around the buggy address: [ 13.563672] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.563898] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.564195] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.564507] ^ [ 13.564679] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.564991] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.565333] ==================================================================