Date
July 1, 2025, 12:10 a.m.
| Environment | |
|---|---|
| qemu-x86_64 |
[ 13.706815] ================================================================== [ 13.707255] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.707636] Read of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.708049] [ 13.708175] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.708240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.708252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.708272] Call Trace: [ 13.708287] <TASK> [ 13.708301] dump_stack_lvl+0x73/0xb0 [ 13.708329] print_report+0xd1/0x650 [ 13.708352] ? __virt_addr_valid+0x1db/0x2d0 [ 13.708374] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.708420] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.708442] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.708468] kasan_report+0x141/0x180 [ 13.708489] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.708521] kasan_check_range+0x10c/0x1c0 [ 13.708544] __kasan_check_read+0x15/0x20 [ 13.708563] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.708589] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.708616] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.708662] ? finish_task_switch.isra.0+0x156/0x700 [ 13.708684] ? kasan_bitops_generic+0x92/0x1c0 [ 13.708710] kasan_bitops_generic+0x121/0x1c0 [ 13.708734] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.708757] ? __pfx_read_tsc+0x10/0x10 [ 13.708777] ? ktime_get_ts64+0x86/0x230 [ 13.708800] kunit_try_run_case+0x1a5/0x480 [ 13.708823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.708844] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.708867] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.708890] ? __kthread_parkme+0x82/0x180 [ 13.708910] ? preempt_count_sub+0x50/0x80 [ 13.708932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.708956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.708979] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.709002] kthread+0x337/0x6f0 [ 13.709021] ? trace_preempt_on+0x20/0xc0 [ 13.709055] ? __pfx_kthread+0x10/0x10 [ 13.709075] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.709095] ? calculate_sigpending+0x7b/0xa0 [ 13.709118] ? __pfx_kthread+0x10/0x10 [ 13.709158] ret_from_fork+0x116/0x1d0 [ 13.709177] ? __pfx_kthread+0x10/0x10 [ 13.709197] ret_from_fork_asm+0x1a/0x30 [ 13.709227] </TASK> [ 13.709237] [ 13.717124] Allocated by task 278: [ 13.717322] kasan_save_stack+0x45/0x70 [ 13.717487] kasan_save_track+0x18/0x40 [ 13.717627] kasan_save_alloc_info+0x3b/0x50 [ 13.717782] __kasan_kmalloc+0xb7/0xc0 [ 13.717978] __kmalloc_cache_noprof+0x189/0x420 [ 13.718232] kasan_bitops_generic+0x92/0x1c0 [ 13.718460] kunit_try_run_case+0x1a5/0x480 [ 13.718667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.718858] kthread+0x337/0x6f0 [ 13.718980] ret_from_fork+0x116/0x1d0 [ 13.719204] ret_from_fork_asm+0x1a/0x30 [ 13.719421] [ 13.719515] The buggy address belongs to the object at ffff8881027a1100 [ 13.719515] which belongs to the cache kmalloc-16 of size 16 [ 13.719883] The buggy address is located 8 bytes inside of [ 13.719883] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.720344] [ 13.720463] The buggy address belongs to the physical page: [ 13.720731] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.721149] flags: 0x200000000000000(node=0|zone=2) [ 13.721384] page_type: f5(slab) [ 13.721567] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.721801] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.722085] page dumped because: kasan: bad access detected [ 13.722358] [ 13.722474] Memory state around the buggy address: [ 13.722701] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.723000] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.723270] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.723537] ^ [ 13.723709] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.724059] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.724374] ================================================================== [ 13.621375] ================================================================== [ 13.621721] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.622129] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.622444] [ 13.622552] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.622593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.622605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.622625] Call Trace: [ 13.622639] <TASK> [ 13.622652] dump_stack_lvl+0x73/0xb0 [ 13.622677] print_report+0xd1/0x650 [ 13.622699] ? __virt_addr_valid+0x1db/0x2d0 [ 13.622721] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.622747] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.622769] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.622797] kasan_report+0x141/0x180 [ 13.622817] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.622848] kasan_check_range+0x10c/0x1c0 [ 13.622871] __kasan_check_write+0x18/0x20 [ 13.622889] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.622915] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.622942] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.622965] ? finish_task_switch.isra.0+0x156/0x700 [ 13.622987] ? kasan_bitops_generic+0x92/0x1c0 [ 13.623014] kasan_bitops_generic+0x121/0x1c0 [ 13.623436] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.623467] ? __pfx_read_tsc+0x10/0x10 [ 13.623489] ? ktime_get_ts64+0x86/0x230 [ 13.623512] kunit_try_run_case+0x1a5/0x480 [ 13.623536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.623557] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.623579] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.623602] ? __kthread_parkme+0x82/0x180 [ 13.623620] ? preempt_count_sub+0x50/0x80 [ 13.623642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.623665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.623688] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.623710] kthread+0x337/0x6f0 [ 13.623729] ? trace_preempt_on+0x20/0xc0 [ 13.623752] ? __pfx_kthread+0x10/0x10 [ 13.623771] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.623792] ? calculate_sigpending+0x7b/0xa0 [ 13.623814] ? __pfx_kthread+0x10/0x10 [ 13.623835] ret_from_fork+0x116/0x1d0 [ 13.623854] ? __pfx_kthread+0x10/0x10 [ 13.623876] ret_from_fork_asm+0x1a/0x30 [ 13.623905] </TASK> [ 13.623915] [ 13.631567] Allocated by task 278: [ 13.631747] kasan_save_stack+0x45/0x70 [ 13.631950] kasan_save_track+0x18/0x40 [ 13.632183] kasan_save_alloc_info+0x3b/0x50 [ 13.632366] __kasan_kmalloc+0xb7/0xc0 [ 13.632547] __kmalloc_cache_noprof+0x189/0x420 [ 13.632740] kasan_bitops_generic+0x92/0x1c0 [ 13.632933] kunit_try_run_case+0x1a5/0x480 [ 13.633123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.633367] kthread+0x337/0x6f0 [ 13.633506] ret_from_fork+0x116/0x1d0 [ 13.633670] ret_from_fork_asm+0x1a/0x30 [ 13.633850] [ 13.633926] The buggy address belongs to the object at ffff8881027a1100 [ 13.633926] which belongs to the cache kmalloc-16 of size 16 [ 13.634446] The buggy address is located 8 bytes inside of [ 13.634446] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.634823] [ 13.634893] The buggy address belongs to the physical page: [ 13.635082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.635346] flags: 0x200000000000000(node=0|zone=2) [ 13.635574] page_type: f5(slab) [ 13.635736] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.636072] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.636429] page dumped because: kasan: bad access detected [ 13.636679] [ 13.636763] Memory state around the buggy address: [ 13.636915] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.637158] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.637374] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.637671] ^ [ 13.637845] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.638205] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.638525] ================================================================== [ 13.585783] ================================================================== [ 13.586435] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.586835] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.587155] [ 13.587267] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.587308] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.587320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.587340] Call Trace: [ 13.587352] <TASK> [ 13.587366] dump_stack_lvl+0x73/0xb0 [ 13.587391] print_report+0xd1/0x650 [ 13.587413] ? __virt_addr_valid+0x1db/0x2d0 [ 13.587434] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.587460] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.587482] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.587508] kasan_report+0x141/0x180 [ 13.587529] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.587560] kasan_check_range+0x10c/0x1c0 [ 13.587583] __kasan_check_write+0x18/0x20 [ 13.587602] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.587628] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.587654] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.587679] ? finish_task_switch.isra.0+0x156/0x700 [ 13.587700] ? kasan_bitops_generic+0x92/0x1c0 [ 13.587727] kasan_bitops_generic+0x121/0x1c0 [ 13.587750] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.587774] ? __pfx_read_tsc+0x10/0x10 [ 13.587794] ? ktime_get_ts64+0x86/0x230 [ 13.587817] kunit_try_run_case+0x1a5/0x480 [ 13.587839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.587861] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.587884] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.587906] ? __kthread_parkme+0x82/0x180 [ 13.587926] ? preempt_count_sub+0x50/0x80 [ 13.587948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.587971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.587994] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.588017] kthread+0x337/0x6f0 [ 13.588046] ? trace_preempt_on+0x20/0xc0 [ 13.588068] ? __pfx_kthread+0x10/0x10 [ 13.588088] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.588108] ? calculate_sigpending+0x7b/0xa0 [ 13.588150] ? __pfx_kthread+0x10/0x10 [ 13.588173] ret_from_fork+0x116/0x1d0 [ 13.588190] ? __pfx_kthread+0x10/0x10 [ 13.588210] ret_from_fork_asm+0x1a/0x30 [ 13.588239] </TASK> [ 13.588250] [ 13.595833] Allocated by task 278: [ 13.596011] kasan_save_stack+0x45/0x70 [ 13.596247] kasan_save_track+0x18/0x40 [ 13.596441] kasan_save_alloc_info+0x3b/0x50 [ 13.596660] __kasan_kmalloc+0xb7/0xc0 [ 13.596834] __kmalloc_cache_noprof+0x189/0x420 [ 13.597044] kasan_bitops_generic+0x92/0x1c0 [ 13.597271] kunit_try_run_case+0x1a5/0x480 [ 13.597445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.597689] kthread+0x337/0x6f0 [ 13.597838] ret_from_fork+0x116/0x1d0 [ 13.598001] ret_from_fork_asm+0x1a/0x30 [ 13.598220] [ 13.598299] The buggy address belongs to the object at ffff8881027a1100 [ 13.598299] which belongs to the cache kmalloc-16 of size 16 [ 13.598757] The buggy address is located 8 bytes inside of [ 13.598757] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.599260] [ 13.599356] The buggy address belongs to the physical page: [ 13.599582] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.599849] flags: 0x200000000000000(node=0|zone=2) [ 13.600084] page_type: f5(slab) [ 13.600259] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.600524] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.600750] page dumped because: kasan: bad access detected [ 13.600920] [ 13.600989] Memory state around the buggy address: [ 13.601202] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.601535] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.601851] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.602196] ^ [ 13.602374] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.602623] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.602837] ================================================================== [ 13.603639] ================================================================== [ 13.603989] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.604461] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.604799] [ 13.604903] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.604945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.604957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.604978] Call Trace: [ 13.604992] <TASK> [ 13.605008] dump_stack_lvl+0x73/0xb0 [ 13.605043] print_report+0xd1/0x650 [ 13.605065] ? __virt_addr_valid+0x1db/0x2d0 [ 13.605087] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.605113] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.605155] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.605184] kasan_report+0x141/0x180 [ 13.605205] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.605236] kasan_check_range+0x10c/0x1c0 [ 13.605260] __kasan_check_write+0x18/0x20 [ 13.605278] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.605305] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.605333] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.605357] ? finish_task_switch.isra.0+0x156/0x700 [ 13.605378] ? kasan_bitops_generic+0x92/0x1c0 [ 13.605404] kasan_bitops_generic+0x121/0x1c0 [ 13.605427] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.605451] ? __pfx_read_tsc+0x10/0x10 [ 13.605472] ? ktime_get_ts64+0x86/0x230 [ 13.605494] kunit_try_run_case+0x1a5/0x480 [ 13.605518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.605539] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.605560] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.605583] ? __kthread_parkme+0x82/0x180 [ 13.605601] ? preempt_count_sub+0x50/0x80 [ 13.605623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.605648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.605670] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.605693] kthread+0x337/0x6f0 [ 13.605713] ? trace_preempt_on+0x20/0xc0 [ 13.605734] ? __pfx_kthread+0x10/0x10 [ 13.605755] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.605775] ? calculate_sigpending+0x7b/0xa0 [ 13.605799] ? __pfx_kthread+0x10/0x10 [ 13.605820] ret_from_fork+0x116/0x1d0 [ 13.605838] ? __pfx_kthread+0x10/0x10 [ 13.605859] ret_from_fork_asm+0x1a/0x30 [ 13.605890] </TASK> [ 13.605900] [ 13.613558] Allocated by task 278: [ 13.613687] kasan_save_stack+0x45/0x70 [ 13.613894] kasan_save_track+0x18/0x40 [ 13.614100] kasan_save_alloc_info+0x3b/0x50 [ 13.614333] __kasan_kmalloc+0xb7/0xc0 [ 13.614522] __kmalloc_cache_noprof+0x189/0x420 [ 13.614742] kasan_bitops_generic+0x92/0x1c0 [ 13.614955] kunit_try_run_case+0x1a5/0x480 [ 13.615176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.615352] kthread+0x337/0x6f0 [ 13.615472] ret_from_fork+0x116/0x1d0 [ 13.615603] ret_from_fork_asm+0x1a/0x30 [ 13.615787] [ 13.615879] The buggy address belongs to the object at ffff8881027a1100 [ 13.615879] which belongs to the cache kmalloc-16 of size 16 [ 13.616426] The buggy address is located 8 bytes inside of [ 13.616426] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.616802] [ 13.616897] The buggy address belongs to the physical page: [ 13.617186] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.617495] flags: 0x200000000000000(node=0|zone=2) [ 13.617657] page_type: f5(slab) [ 13.617776] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.618009] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.618321] page dumped because: kasan: bad access detected [ 13.618578] [ 13.618672] Memory state around the buggy address: [ 13.618904] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.619271] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.619588] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.619913] ^ [ 13.620096] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.620408] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.620684] ================================================================== [ 13.565961] ================================================================== [ 13.566538] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.566821] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.567153] [ 13.567262] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.567303] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.567314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.567334] Call Trace: [ 13.567347] <TASK> [ 13.567361] dump_stack_lvl+0x73/0xb0 [ 13.567386] print_report+0xd1/0x650 [ 13.567407] ? __virt_addr_valid+0x1db/0x2d0 [ 13.567429] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.567455] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.567477] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.567504] kasan_report+0x141/0x180 [ 13.567524] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.567555] kasan_check_range+0x10c/0x1c0 [ 13.567578] __kasan_check_write+0x18/0x20 [ 13.567597] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.567623] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.567650] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.567674] ? finish_task_switch.isra.0+0x156/0x700 [ 13.567695] ? kasan_bitops_generic+0x92/0x1c0 [ 13.567721] kasan_bitops_generic+0x121/0x1c0 [ 13.567744] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.567767] ? __pfx_read_tsc+0x10/0x10 [ 13.567788] ? ktime_get_ts64+0x86/0x230 [ 13.567809] kunit_try_run_case+0x1a5/0x480 [ 13.567831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.567853] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.567875] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.567897] ? __kthread_parkme+0x82/0x180 [ 13.567917] ? preempt_count_sub+0x50/0x80 [ 13.567939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.567963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.567985] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.568008] kthread+0x337/0x6f0 [ 13.568037] ? trace_preempt_on+0x20/0xc0 [ 13.568059] ? __pfx_kthread+0x10/0x10 [ 13.568079] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.568100] ? calculate_sigpending+0x7b/0xa0 [ 13.568123] ? __pfx_kthread+0x10/0x10 [ 13.568163] ret_from_fork+0x116/0x1d0 [ 13.568181] ? __pfx_kthread+0x10/0x10 [ 13.568201] ret_from_fork_asm+0x1a/0x30 [ 13.568230] </TASK> [ 13.568241] [ 13.575937] Allocated by task 278: [ 13.576362] kasan_save_stack+0x45/0x70 [ 13.577098] kasan_save_track+0x18/0x40 [ 13.577309] kasan_save_alloc_info+0x3b/0x50 [ 13.577520] __kasan_kmalloc+0xb7/0xc0 [ 13.577709] __kmalloc_cache_noprof+0x189/0x420 [ 13.577932] kasan_bitops_generic+0x92/0x1c0 [ 13.578412] kunit_try_run_case+0x1a5/0x480 [ 13.578807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.579257] kthread+0x337/0x6f0 [ 13.579559] ret_from_fork+0x116/0x1d0 [ 13.579850] ret_from_fork_asm+0x1a/0x30 [ 13.580250] [ 13.580505] The buggy address belongs to the object at ffff8881027a1100 [ 13.580505] which belongs to the cache kmalloc-16 of size 16 [ 13.580998] The buggy address is located 8 bytes inside of [ 13.580998] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.581483] [ 13.581563] The buggy address belongs to the physical page: [ 13.581808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.582093] flags: 0x200000000000000(node=0|zone=2) [ 13.582357] page_type: f5(slab) [ 13.582531] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.582816] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.583153] page dumped because: kasan: bad access detected [ 13.583346] [ 13.583438] Memory state around the buggy address: [ 13.583646] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.583925] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.584241] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.584521] ^ [ 13.584673] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.584966] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.585288] ================================================================== [ 13.679574] ================================================================== [ 13.679889] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.680960] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.681487] [ 13.681739] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.681917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.681933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.681955] Call Trace: [ 13.681978] <TASK> [ 13.681993] dump_stack_lvl+0x73/0xb0 [ 13.682024] print_report+0xd1/0x650 [ 13.682057] ? __virt_addr_valid+0x1db/0x2d0 [ 13.682078] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.682103] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.682126] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.682155] kasan_report+0x141/0x180 [ 13.682178] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.682209] kasan_check_range+0x10c/0x1c0 [ 13.682231] __kasan_check_write+0x18/0x20 [ 13.682250] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.682276] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.682303] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.682326] ? finish_task_switch.isra.0+0x156/0x700 [ 13.682347] ? kasan_bitops_generic+0x92/0x1c0 [ 13.682373] kasan_bitops_generic+0x121/0x1c0 [ 13.682395] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.682419] ? __pfx_read_tsc+0x10/0x10 [ 13.682439] ? ktime_get_ts64+0x86/0x230 [ 13.682461] kunit_try_run_case+0x1a5/0x480 [ 13.682484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.682505] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.682527] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.682549] ? __kthread_parkme+0x82/0x180 [ 13.682568] ? preempt_count_sub+0x50/0x80 [ 13.682590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.682613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.682636] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.682659] kthread+0x337/0x6f0 [ 13.682677] ? trace_preempt_on+0x20/0xc0 [ 13.682700] ? __pfx_kthread+0x10/0x10 [ 13.682720] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.682740] ? calculate_sigpending+0x7b/0xa0 [ 13.682763] ? __pfx_kthread+0x10/0x10 [ 13.682785] ret_from_fork+0x116/0x1d0 [ 13.682802] ? __pfx_kthread+0x10/0x10 [ 13.682822] ret_from_fork_asm+0x1a/0x30 [ 13.682851] </TASK> [ 13.682863] [ 13.695562] Allocated by task 278: [ 13.695886] kasan_save_stack+0x45/0x70 [ 13.696326] kasan_save_track+0x18/0x40 [ 13.696709] kasan_save_alloc_info+0x3b/0x50 [ 13.697018] __kasan_kmalloc+0xb7/0xc0 [ 13.697381] __kmalloc_cache_noprof+0x189/0x420 [ 13.697728] kasan_bitops_generic+0x92/0x1c0 [ 13.698057] kunit_try_run_case+0x1a5/0x480 [ 13.698301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.698543] kthread+0x337/0x6f0 [ 13.698707] ret_from_fork+0x116/0x1d0 [ 13.698885] ret_from_fork_asm+0x1a/0x30 [ 13.699085] [ 13.699530] The buggy address belongs to the object at ffff8881027a1100 [ 13.699530] which belongs to the cache kmalloc-16 of size 16 [ 13.700605] The buggy address is located 8 bytes inside of [ 13.700605] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.701641] [ 13.701721] The buggy address belongs to the physical page: [ 13.701889] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.702136] flags: 0x200000000000000(node=0|zone=2) [ 13.702723] page_type: f5(slab) [ 13.702865] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.703121] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.703357] page dumped because: kasan: bad access detected [ 13.703531] [ 13.703604] Memory state around the buggy address: [ 13.703758] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.703971] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.704277] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.704591] ^ [ 13.704812] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.705182] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.705524] ================================================================== [ 13.725324] ================================================================== [ 13.725635] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.725957] Read of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.726365] [ 13.726474] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.726514] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.726548] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.726566] Call Trace: [ 13.726579] <TASK> [ 13.726594] dump_stack_lvl+0x73/0xb0 [ 13.726620] print_report+0xd1/0x650 [ 13.726641] ? __virt_addr_valid+0x1db/0x2d0 [ 13.726662] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.726687] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.726728] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.726754] kasan_report+0x141/0x180 [ 13.726777] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.726808] __asan_report_load8_noabort+0x18/0x20 [ 13.726831] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.726857] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.726885] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.726923] ? finish_task_switch.isra.0+0x156/0x700 [ 13.726944] ? kasan_bitops_generic+0x92/0x1c0 [ 13.726971] kasan_bitops_generic+0x121/0x1c0 [ 13.726993] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.727019] ? __pfx_read_tsc+0x10/0x10 [ 13.727049] ? ktime_get_ts64+0x86/0x230 [ 13.727076] kunit_try_run_case+0x1a5/0x480 [ 13.727098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.727120] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.727163] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.727205] ? __kthread_parkme+0x82/0x180 [ 13.727226] ? preempt_count_sub+0x50/0x80 [ 13.727248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.727271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.727293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.727315] kthread+0x337/0x6f0 [ 13.727334] ? trace_preempt_on+0x20/0xc0 [ 13.727356] ? __pfx_kthread+0x10/0x10 [ 13.727376] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.727396] ? calculate_sigpending+0x7b/0xa0 [ 13.727419] ? __pfx_kthread+0x10/0x10 [ 13.727440] ret_from_fork+0x116/0x1d0 [ 13.727457] ? __pfx_kthread+0x10/0x10 [ 13.727477] ret_from_fork_asm+0x1a/0x30 [ 13.727505] </TASK> [ 13.727517] [ 13.735459] Allocated by task 278: [ 13.735613] kasan_save_stack+0x45/0x70 [ 13.735760] kasan_save_track+0x18/0x40 [ 13.735926] kasan_save_alloc_info+0x3b/0x50 [ 13.736175] __kasan_kmalloc+0xb7/0xc0 [ 13.736364] __kmalloc_cache_noprof+0x189/0x420 [ 13.736611] kasan_bitops_generic+0x92/0x1c0 [ 13.736762] kunit_try_run_case+0x1a5/0x480 [ 13.736905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.737211] kthread+0x337/0x6f0 [ 13.737383] ret_from_fork+0x116/0x1d0 [ 13.737570] ret_from_fork_asm+0x1a/0x30 [ 13.737753] [ 13.737865] The buggy address belongs to the object at ffff8881027a1100 [ 13.737865] which belongs to the cache kmalloc-16 of size 16 [ 13.738345] The buggy address is located 8 bytes inside of [ 13.738345] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.738694] [ 13.738782] The buggy address belongs to the physical page: [ 13.739070] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.739477] flags: 0x200000000000000(node=0|zone=2) [ 13.739715] page_type: f5(slab) [ 13.739902] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.740273] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.740545] page dumped because: kasan: bad access detected [ 13.740801] [ 13.740921] Memory state around the buggy address: [ 13.741163] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.741473] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.741779] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.742074] ^ [ 13.742245] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.742549] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.742856] ================================================================== [ 13.657292] ================================================================== [ 13.657657] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.658291] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.658595] [ 13.658679] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.658722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.658735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.658754] Call Trace: [ 13.658769] <TASK> [ 13.658783] dump_stack_lvl+0x73/0xb0 [ 13.658809] print_report+0xd1/0x650 [ 13.658830] ? __virt_addr_valid+0x1db/0x2d0 [ 13.658852] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.658878] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.658900] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.658926] kasan_report+0x141/0x180 [ 13.658949] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.658979] kasan_check_range+0x10c/0x1c0 [ 13.659002] __kasan_check_write+0x18/0x20 [ 13.659021] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.659066] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.659093] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.659117] ? finish_task_switch.isra.0+0x156/0x700 [ 13.659159] ? kasan_bitops_generic+0x92/0x1c0 [ 13.659186] kasan_bitops_generic+0x121/0x1c0 [ 13.659209] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.659233] ? __pfx_read_tsc+0x10/0x10 [ 13.659253] ? ktime_get_ts64+0x86/0x230 [ 13.659275] kunit_try_run_case+0x1a5/0x480 [ 13.659297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.659319] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.659341] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.659363] ? __kthread_parkme+0x82/0x180 [ 13.659383] ? preempt_count_sub+0x50/0x80 [ 13.659407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.659430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.659451] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.659475] kthread+0x337/0x6f0 [ 13.659494] ? trace_preempt_on+0x20/0xc0 [ 13.659518] ? __pfx_kthread+0x10/0x10 [ 13.659537] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.659558] ? calculate_sigpending+0x7b/0xa0 [ 13.659580] ? __pfx_kthread+0x10/0x10 [ 13.659602] ret_from_fork+0x116/0x1d0 [ 13.659620] ? __pfx_kthread+0x10/0x10 [ 13.659641] ret_from_fork_asm+0x1a/0x30 [ 13.659670] </TASK> [ 13.659680] [ 13.667296] Allocated by task 278: [ 13.667424] kasan_save_stack+0x45/0x70 [ 13.667565] kasan_save_track+0x18/0x40 [ 13.667700] kasan_save_alloc_info+0x3b/0x50 [ 13.667885] __kasan_kmalloc+0xb7/0xc0 [ 13.668075] __kmalloc_cache_noprof+0x189/0x420 [ 13.668322] kasan_bitops_generic+0x92/0x1c0 [ 13.668533] kunit_try_run_case+0x1a5/0x480 [ 13.668737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.668987] kthread+0x337/0x6f0 [ 13.670240] ret_from_fork+0x116/0x1d0 [ 13.670397] ret_from_fork_asm+0x1a/0x30 [ 13.670861] [ 13.671084] The buggy address belongs to the object at ffff8881027a1100 [ 13.671084] which belongs to the cache kmalloc-16 of size 16 [ 13.672095] The buggy address is located 8 bytes inside of [ 13.672095] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.672581] [ 13.672654] The buggy address belongs to the physical page: [ 13.672828] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.673420] flags: 0x200000000000000(node=0|zone=2) [ 13.673854] page_type: f5(slab) [ 13.673981] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.674463] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.675248] page dumped because: kasan: bad access detected [ 13.675950] [ 13.676124] Memory state around the buggy address: [ 13.676780] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.677363] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.677583] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.677792] ^ [ 13.677911] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.678472] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.678903] ================================================================== [ 13.639542] ================================================================== [ 13.639890] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.640336] Write of size 8 at addr ffff8881027a1108 by task kunit_try_catch/278 [ 13.640624] [ 13.640730] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.640768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.640779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.640799] Call Trace: [ 13.640813] <TASK> [ 13.640827] dump_stack_lvl+0x73/0xb0 [ 13.640853] print_report+0xd1/0x650 [ 13.640874] ? __virt_addr_valid+0x1db/0x2d0 [ 13.640895] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.640921] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.640942] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.640968] kasan_report+0x141/0x180 [ 13.640989] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.641020] kasan_check_range+0x10c/0x1c0 [ 13.641053] __kasan_check_write+0x18/0x20 [ 13.641072] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.641098] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.641125] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.641169] ? finish_task_switch.isra.0+0x156/0x700 [ 13.641190] ? kasan_bitops_generic+0x92/0x1c0 [ 13.641216] kasan_bitops_generic+0x121/0x1c0 [ 13.641240] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.641264] ? __pfx_read_tsc+0x10/0x10 [ 13.641285] ? ktime_get_ts64+0x86/0x230 [ 13.641307] kunit_try_run_case+0x1a5/0x480 [ 13.641330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.641351] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.641373] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.641394] ? __kthread_parkme+0x82/0x180 [ 13.641413] ? preempt_count_sub+0x50/0x80 [ 13.641435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.641458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.641479] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.641502] kthread+0x337/0x6f0 [ 13.641520] ? trace_preempt_on+0x20/0xc0 [ 13.641541] ? __pfx_kthread+0x10/0x10 [ 13.641562] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.641582] ? calculate_sigpending+0x7b/0xa0 [ 13.641604] ? __pfx_kthread+0x10/0x10 [ 13.641625] ret_from_fork+0x116/0x1d0 [ 13.641643] ? __pfx_kthread+0x10/0x10 [ 13.641662] ret_from_fork_asm+0x1a/0x30 [ 13.641691] </TASK> [ 13.641702] [ 13.649412] Allocated by task 278: [ 13.649549] kasan_save_stack+0x45/0x70 [ 13.649705] kasan_save_track+0x18/0x40 [ 13.649899] kasan_save_alloc_info+0x3b/0x50 [ 13.650125] __kasan_kmalloc+0xb7/0xc0 [ 13.650341] __kmalloc_cache_noprof+0x189/0x420 [ 13.650566] kasan_bitops_generic+0x92/0x1c0 [ 13.650764] kunit_try_run_case+0x1a5/0x480 [ 13.650941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.651194] kthread+0x337/0x6f0 [ 13.651321] ret_from_fork+0x116/0x1d0 [ 13.651503] ret_from_fork_asm+0x1a/0x30 [ 13.651690] [ 13.651773] The buggy address belongs to the object at ffff8881027a1100 [ 13.651773] which belongs to the cache kmalloc-16 of size 16 [ 13.652265] The buggy address is located 8 bytes inside of [ 13.652265] allocated 9-byte region [ffff8881027a1100, ffff8881027a1109) [ 13.652736] [ 13.652819] The buggy address belongs to the physical page: [ 13.653050] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a1 [ 13.653409] flags: 0x200000000000000(node=0|zone=2) [ 13.653630] page_type: f5(slab) [ 13.653779] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.654089] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.654410] page dumped because: kasan: bad access detected [ 13.654633] [ 13.654719] Memory state around the buggy address: [ 13.654872] ffff8881027a1000: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.655104] ffff8881027a1080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.655346] >ffff8881027a1100: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.655558] ^ [ 13.655735] ffff8881027a1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.656056] ffff8881027a1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.656387] ==================================================================