Date
July 3, 2025, 6:13 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 19.191945] ================================================================== [ 19.192259] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 19.192429] Write of size 8 at addr fff00000c57cf648 by task kunit_try_catch/261 [ 19.192679] [ 19.192755] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.193073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.193257] Hardware name: linux,dummy-virt (DT) [ 19.193370] Call trace: [ 19.193422] show_stack+0x20/0x38 (C) [ 19.193564] dump_stack_lvl+0x8c/0xd0 [ 19.193733] print_report+0x118/0x608 [ 19.193843] kasan_report+0xdc/0x128 [ 19.193971] kasan_check_range+0x100/0x1a8 [ 19.194073] __kasan_check_write+0x20/0x30 [ 19.194125] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 19.194190] kasan_bitops_generic+0x110/0x1c8 [ 19.194240] kunit_try_run_case+0x170/0x3f0 [ 19.194289] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.194344] kthread+0x328/0x630 [ 19.194408] ret_from_fork+0x10/0x20 [ 19.194458] [ 19.194487] Allocated by task 261: [ 19.194528] kasan_save_stack+0x3c/0x68 [ 19.194572] kasan_save_track+0x20/0x40 [ 19.194612] kasan_save_alloc_info+0x40/0x58 [ 19.194664] __kasan_kmalloc+0xd4/0xd8 [ 19.194702] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.194755] kasan_bitops_generic+0xa0/0x1c8 [ 19.194795] kunit_try_run_case+0x170/0x3f0 [ 19.194834] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.194881] kthread+0x328/0x630 [ 19.194929] ret_from_fork+0x10/0x20 [ 19.194981] [ 19.195020] The buggy address belongs to the object at fff00000c57cf640 [ 19.195020] which belongs to the cache kmalloc-16 of size 16 [ 19.195384] The buggy address is located 8 bytes inside of [ 19.195384] allocated 9-byte region [fff00000c57cf640, fff00000c57cf649) [ 19.195608] [ 19.195639] The buggy address belongs to the physical page: [ 19.196006] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057cf [ 19.196123] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.196737] page_type: f5(slab) [ 19.196996] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.197211] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.197397] page dumped because: kasan: bad access detected [ 19.197643] [ 19.197761] Memory state around the buggy address: [ 19.197863] fff00000c57cf500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.198023] fff00000c57cf580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.198209] >fff00000c57cf600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.198355] ^ [ 19.198402] fff00000c57cf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.198639] fff00000c57cf700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.198820] ================================================================== [ 19.238281] ================================================================== [ 19.238335] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 19.238388] Write of size 8 at addr fff00000c57cf648 by task kunit_try_catch/261 [ 19.238440] [ 19.238472] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.238554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.238583] Hardware name: linux,dummy-virt (DT) [ 19.238616] Call trace: [ 19.238641] show_stack+0x20/0x38 (C) [ 19.238703] dump_stack_lvl+0x8c/0xd0 [ 19.238751] print_report+0x118/0x608 [ 19.238799] kasan_report+0xdc/0x128 [ 19.238846] kasan_check_range+0x100/0x1a8 [ 19.238895] __kasan_check_write+0x20/0x30 [ 19.238940] kasan_bitops_modify.constprop.0+0x320/0xbc0 [ 19.238991] kasan_bitops_generic+0x110/0x1c8 [ 19.239051] kunit_try_run_case+0x170/0x3f0 [ 19.239100] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.239155] kthread+0x328/0x630 [ 19.239921] ret_from_fork+0x10/0x20 [ 19.239994] [ 19.240048] Allocated by task 261: [ 19.240081] kasan_save_stack+0x3c/0x68 [ 19.240132] kasan_save_track+0x20/0x40 [ 19.240181] kasan_save_alloc_info+0x40/0x58 [ 19.240224] __kasan_kmalloc+0xd4/0xd8 [ 19.240521] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.240638] kasan_bitops_generic+0xa0/0x1c8 [ 19.240856] kunit_try_run_case+0x170/0x3f0 [ 19.240907] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.241479] kthread+0x328/0x630 [ 19.242547] [ 19.253951] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.258053] Write of size 8 at addr fff00000c57cf648 by task kunit_try_catch/261 [ 19.258450] Call trace: [ 19.259149] kasan_check_range+0x100/0x1a8 [ 19.259850] kthread+0x328/0x630 [ 19.260368] kthread+0x328/0x630 [ 19.260911] [ 19.261650] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.263143] ^ [ 19.266055] Write of size 8 at addr fff00000c57cf648 by task kunit_try_catch/261 [ 19.266968] kasan_report+0xdc/0x128 [ 19.267674] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.270647] [ 19.270930] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.271015] [ 19.271197] >fff00000c57cf600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.274493] [ 19.275186] Hardware name: linux,dummy-virt (DT) [ 19.277515] [ 19.278397] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.280234] The buggy address is located 8 bytes inside of [ 19.280234] allocated 9-byte region [fff00000c57cf640, fff00000c57cf649) [ 19.281584] [ 19.281606] Memory state around the buggy address: [ 19.282451] >fff00000c57cf600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.284194] [ 19.285112] print_report+0x118/0x608 [ 19.288289] kasan_save_alloc_info+0x40/0x58 [ 19.289012] The buggy address belongs to the physical page: [ 19.289871] [ 19.290019] fff00000c57cf500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.291942] ================================================================== [ 19.210523] ================================================================== [ 19.210579] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 19.211434] Write of size 8 at addr fff00000c57cf648 by task kunit_try_catch/261 [ 19.211528] [ 19.211563] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.211807] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.211957] Hardware name: linux,dummy-virt (DT) [ 19.212049] Call trace: [ 19.212078] show_stack+0x20/0x38 (C) [ 19.212132] dump_stack_lvl+0x8c/0xd0 [ 19.212184] print_report+0x118/0x608 [ 19.212504] kasan_report+0xdc/0x128 [ 19.212837] kasan_check_range+0x100/0x1a8 [ 19.213248] __kasan_check_write+0x20/0x30 [ 19.213485] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 19.213675] kasan_bitops_generic+0x110/0x1c8 [ 19.213854] kunit_try_run_case+0x170/0x3f0 [ 19.213922] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.214004] kthread+0x328/0x630 [ 19.214224] ret_from_fork+0x10/0x20 [ 19.214549] [ 19.214690] Allocated by task 261: [ 19.214800] kasan_save_stack+0x3c/0x68 [ 19.215063] kasan_save_track+0x20/0x40 [ 19.215479] kasan_save_alloc_info+0x40/0x58 [ 19.215660] __kasan_kmalloc+0xd4/0xd8 [ 19.215716] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.215948] kasan_bitops_generic+0xa0/0x1c8 [ 19.216142] kunit_try_run_case+0x170/0x3f0 [ 19.216201] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.216401] kthread+0x328/0x630 [ 19.216484] ret_from_fork+0x10/0x20 [ 19.216611] [ 19.216640] The buggy address belongs to the object at fff00000c57cf640 [ 19.216640] which belongs to the cache kmalloc-16 of size 16 [ 19.216934] The buggy address is located 8 bytes inside of [ 19.216934] allocated 9-byte region [fff00000c57cf640, fff00000c57cf649) [ 19.217220] [ 19.217266] The buggy address belongs to the physical page: [ 19.217424] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057cf [ 19.217573] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.217753] page_type: f5(slab) [ 19.217833] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.218277] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.218369] page dumped because: kasan: bad access detected [ 19.218501] [ 19.218555] Memory state around the buggy address: [ 19.218758] fff00000c57cf500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.218956] fff00000c57cf580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.219103] >fff00000c57cf600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.219241] ^ [ 19.219429] fff00000c57cf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.219516] fff00000c57cf700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.219611] ================================================================== [ 19.222497] ================================================================== [ 19.222656] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 19.222779] Read of size 8 at addr fff00000c57cf648 by task kunit_try_catch/261 [ 19.222837] [ 19.222881] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.222966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.222994] Hardware name: linux,dummy-virt (DT) [ 19.223224] Call trace: [ 19.223261] show_stack+0x20/0x38 (C) [ 19.223314] dump_stack_lvl+0x8c/0xd0 [ 19.223377] print_report+0x118/0x608 [ 19.223868] kasan_report+0xdc/0x128 [ 19.223955] __asan_report_load8_noabort+0x20/0x30 [ 19.224009] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 19.224397] kasan_bitops_generic+0x110/0x1c8 [ 19.224910] kunit_try_run_case+0x170/0x3f0 [ 19.224991] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.225096] kthread+0x328/0x630 [ 19.225223] ret_from_fork+0x10/0x20 [ 19.225385] [ 19.225406] Allocated by task 261: [ 19.225436] kasan_save_stack+0x3c/0x68 [ 19.225486] kasan_save_track+0x20/0x40 [ 19.225801] kasan_save_alloc_info+0x40/0x58 [ 19.225960] __kasan_kmalloc+0xd4/0xd8 [ 19.226097] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.226166] kasan_bitops_generic+0xa0/0x1c8 [ 19.226315] kunit_try_run_case+0x170/0x3f0 [ 19.226467] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.226642] kthread+0x328/0x630 [ 19.226856] ret_from_fork+0x10/0x20 [ 19.227022] [ 19.227128] The buggy address belongs to the object at fff00000c57cf640 [ 19.227128] which belongs to the cache kmalloc-16 of size 16 [ 19.227260] The buggy address is located 8 bytes inside of [ 19.227260] allocated 9-byte region [fff00000c57cf640, fff00000c57cf649) [ 19.227466] [ 19.227536] The buggy address belongs to the physical page: [ 19.227595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057cf [ 19.227942] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.228164] page_type: f5(slab) [ 19.228264] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.228427] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.228593] page dumped because: kasan: bad access detected [ 19.228833] [ 19.229018] Memory state around the buggy address: [ 19.229098] fff00000c57cf500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.229157] fff00000c57cf580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.229201] >fff00000c57cf600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.229243] ^ [ 19.229281] fff00000c57cf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.229326] fff00000c57cf700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.229368] ================================================================== [ 19.230189] ================================================================== [ 19.230373] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 19.230429] Write of size 8 at addr fff00000c57cf648 by task kunit_try_catch/261 [ 19.230510] [ 19.230672] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.230867] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.231020] Hardware name: linux,dummy-virt (DT) [ 19.231071] Call trace: [ 19.231296] show_stack+0x20/0x38 (C) [ 19.231382] dump_stack_lvl+0x8c/0xd0 [ 19.231757] print_report+0x118/0x608 [ 19.232073] kasan_report+0xdc/0x128 [ 19.232270] kasan_check_range+0x100/0x1a8 [ 19.232550] __kasan_check_write+0x20/0x30 [ 19.232930] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 19.233072] kasan_bitops_generic+0x110/0x1c8 [ 19.233236] kunit_try_run_case+0x170/0x3f0 [ 19.233403] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.233499] kthread+0x328/0x630 [ 19.233700] ret_from_fork+0x10/0x20 [ 19.233933] [ 19.234025] Allocated by task 261: [ 19.234107] kasan_save_stack+0x3c/0x68 [ 19.234254] kasan_save_track+0x20/0x40 [ 19.234315] kasan_save_alloc_info+0x40/0x58 [ 19.234654] __kasan_kmalloc+0xd4/0xd8 [ 19.234732] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.234878] kasan_bitops_generic+0xa0/0x1c8 [ 19.234951] kunit_try_run_case+0x170/0x3f0 [ 19.235162] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.235342] kthread+0x328/0x630 [ 19.235558] ret_from_fork+0x10/0x20 [ 19.235901] [ 19.235948] The buggy address belongs to the object at fff00000c57cf640 [ 19.235948] which belongs to the cache kmalloc-16 of size 16 [ 19.236134] The buggy address is located 8 bytes inside of [ 19.236134] allocated 9-byte region [fff00000c57cf640, fff00000c57cf649) [ 19.236274] [ 19.236300] The buggy address belongs to the physical page: [ 19.236369] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057cf [ 19.236670] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.236732] page_type: f5(slab) [ 19.236771] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.237188] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.237304] page dumped because: kasan: bad access detected [ 19.237341] [ 19.237465] Memory state around the buggy address: [ 19.237516] fff00000c57cf500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.237564] fff00000c57cf580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.237608] >fff00000c57cf600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.237678] ^ [ 19.237717] fff00000c57cf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.237762] fff00000c57cf700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.237811] ================================================================== [ 19.200300] ================================================================== [ 19.200622] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 19.200977] Read of size 8 at addr fff00000c57cf648 by task kunit_try_catch/261 [ 19.201252] [ 19.201341] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 19.201723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.201794] Hardware name: linux,dummy-virt (DT) [ 19.201977] Call trace: [ 19.202545] show_stack+0x20/0x38 (C) [ 19.202870] dump_stack_lvl+0x8c/0xd0 [ 19.203103] print_report+0x118/0x608 [ 19.203471] kasan_report+0xdc/0x128 [ 19.203738] __asan_report_load8_noabort+0x20/0x30 [ 19.203979] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 19.204167] kasan_bitops_generic+0x110/0x1c8 [ 19.204410] kunit_try_run_case+0x170/0x3f0 [ 19.204537] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.205040] kthread+0x328/0x630 [ 19.205243] ret_from_fork+0x10/0x20 [ 19.205482] [ 19.205723] Allocated by task 261: [ 19.205808] kasan_save_stack+0x3c/0x68 [ 19.206084] kasan_save_track+0x20/0x40 [ 19.206181] kasan_save_alloc_info+0x40/0x58 [ 19.206245] __kasan_kmalloc+0xd4/0xd8 [ 19.206483] __kmalloc_cache_noprof+0x16c/0x3c0 [ 19.206948] kasan_bitops_generic+0xa0/0x1c8 [ 19.207139] kunit_try_run_case+0x170/0x3f0 [ 19.207258] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 19.207439] kthread+0x328/0x630 [ 19.207621] ret_from_fork+0x10/0x20 [ 19.207946] [ 19.208105] The buggy address belongs to the object at fff00000c57cf640 [ 19.208105] which belongs to the cache kmalloc-16 of size 16 [ 19.208304] The buggy address is located 8 bytes inside of [ 19.208304] allocated 9-byte region [fff00000c57cf640, fff00000c57cf649) [ 19.208516] [ 19.208654] The buggy address belongs to the physical page: [ 19.208737] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1057cf [ 19.208821] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 19.208874] page_type: f5(slab) [ 19.209292] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 19.209421] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.209550] page dumped because: kasan: bad access detected [ 19.209590] [ 19.209638] Memory state around the buggy address: [ 19.209674] fff00000c57cf500: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.209759] fff00000c57cf580: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.209807] >fff00000c57cf600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.209858] ^ [ 19.209918] fff00000c57cf680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.209976] fff00000c57cf700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.210050] ==================================================================
[ 13.548827] ================================================================== [ 13.549146] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.549586] Write of size 8 at addr ffff888101745ee8 by task kunit_try_catch/279 [ 13.549881] [ 13.549968] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.550011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.550022] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.550043] Call Trace: [ 13.550055] <TASK> [ 13.550069] dump_stack_lvl+0x73/0xb0 [ 13.550093] print_report+0xd1/0x650 [ 13.550131] ? __virt_addr_valid+0x1db/0x2d0 [ 13.550153] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.550178] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.550199] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.550224] kasan_report+0x141/0x180 [ 13.550246] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.550275] kasan_check_range+0x10c/0x1c0 [ 13.550298] __kasan_check_write+0x18/0x20 [ 13.550317] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.550342] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.550368] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.550392] ? trace_hardirqs_on+0x37/0xe0 [ 13.550418] ? kasan_bitops_generic+0x92/0x1c0 [ 13.550446] kasan_bitops_generic+0x116/0x1c0 [ 13.550470] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.550494] ? __pfx_read_tsc+0x10/0x10 [ 13.550514] ? ktime_get_ts64+0x86/0x230 [ 13.550537] kunit_try_run_case+0x1a5/0x480 [ 13.550561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.550582] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.550605] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.550627] ? __kthread_parkme+0x82/0x180 [ 13.550646] ? preempt_count_sub+0x50/0x80 [ 13.550669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.550692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.550714] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.550737] kthread+0x337/0x6f0 [ 13.550756] ? trace_preempt_on+0x20/0xc0 [ 13.550782] ? __pfx_kthread+0x10/0x10 [ 13.550802] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.550823] ? calculate_sigpending+0x7b/0xa0 [ 13.550845] ? __pfx_kthread+0x10/0x10 [ 13.550866] ret_from_fork+0x116/0x1d0 [ 13.550884] ? __pfx_kthread+0x10/0x10 [ 13.550904] ret_from_fork_asm+0x1a/0x30 [ 13.550934] </TASK> [ 13.550945] [ 13.559718] Allocated by task 279: [ 13.559949] kasan_save_stack+0x45/0x70 [ 13.560435] kasan_save_track+0x18/0x40 [ 13.560590] kasan_save_alloc_info+0x3b/0x50 [ 13.560805] __kasan_kmalloc+0xb7/0xc0 [ 13.560951] __kmalloc_cache_noprof+0x189/0x420 [ 13.561187] kasan_bitops_generic+0x92/0x1c0 [ 13.561495] kunit_try_run_case+0x1a5/0x480 [ 13.561670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.561850] kthread+0x337/0x6f0 [ 13.561974] ret_from_fork+0x116/0x1d0 [ 13.562175] ret_from_fork_asm+0x1a/0x30 [ 13.562373] [ 13.562738] The buggy address belongs to the object at ffff888101745ee0 [ 13.562738] which belongs to the cache kmalloc-16 of size 16 [ 13.563494] The buggy address is located 8 bytes inside of [ 13.563494] allocated 9-byte region [ffff888101745ee0, ffff888101745ee9) [ 13.563925] [ 13.564001] The buggy address belongs to the physical page: [ 13.564203] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101745 [ 13.564713] flags: 0x200000000000000(node=0|zone=2) [ 13.564902] page_type: f5(slab) [ 13.565023] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.565546] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.565845] page dumped because: kasan: bad access detected [ 13.566020] [ 13.566116] Memory state around the buggy address: [ 13.566609] ffff888101745d80: 00 01 fc fc 00 04 fc fc 00 04 fc fc 00 05 fc fc [ 13.566943] ffff888101745e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.567366] >ffff888101745e80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.567645] ^ [ 13.567877] ffff888101745f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.568144] ffff888101745f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.568775] ================================================================== [ 13.522317] ================================================================== [ 13.522886] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.523441] Write of size 8 at addr ffff888101745ee8 by task kunit_try_catch/279 [ 13.524066] [ 13.524276] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.524321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.524333] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.524353] Call Trace: [ 13.524364] <TASK> [ 13.524379] dump_stack_lvl+0x73/0xb0 [ 13.524406] print_report+0xd1/0x650 [ 13.524428] ? __virt_addr_valid+0x1db/0x2d0 [ 13.524451] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.524475] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.524496] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.524522] kasan_report+0x141/0x180 [ 13.524543] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.524573] kasan_check_range+0x10c/0x1c0 [ 13.524596] __kasan_check_write+0x18/0x20 [ 13.524614] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.524639] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.524684] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.524707] ? trace_hardirqs_on+0x37/0xe0 [ 13.524733] ? kasan_bitops_generic+0x92/0x1c0 [ 13.524760] kasan_bitops_generic+0x116/0x1c0 [ 13.524783] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.524807] ? __pfx_read_tsc+0x10/0x10 [ 13.524828] ? ktime_get_ts64+0x86/0x230 [ 13.524852] kunit_try_run_case+0x1a5/0x480 [ 13.524874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.524896] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.524918] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.524940] ? __kthread_parkme+0x82/0x180 [ 13.524959] ? preempt_count_sub+0x50/0x80 [ 13.524982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.525005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.525028] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.525051] kthread+0x337/0x6f0 [ 13.525069] ? trace_preempt_on+0x20/0xc0 [ 13.525110] ? __pfx_kthread+0x10/0x10 [ 13.525131] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.525151] ? calculate_sigpending+0x7b/0xa0 [ 13.525174] ? __pfx_kthread+0x10/0x10 [ 13.525195] ret_from_fork+0x116/0x1d0 [ 13.525213] ? __pfx_kthread+0x10/0x10 [ 13.525234] ret_from_fork_asm+0x1a/0x30 [ 13.525263] </TASK> [ 13.525274] [ 13.537304] Allocated by task 279: [ 13.537480] kasan_save_stack+0x45/0x70 [ 13.537664] kasan_save_track+0x18/0x40 [ 13.537802] kasan_save_alloc_info+0x3b/0x50 [ 13.537955] __kasan_kmalloc+0xb7/0xc0 [ 13.538213] __kmalloc_cache_noprof+0x189/0x420 [ 13.538922] kasan_bitops_generic+0x92/0x1c0 [ 13.539407] kunit_try_run_case+0x1a5/0x480 [ 13.539986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.540519] kthread+0x337/0x6f0 [ 13.540705] ret_from_fork+0x116/0x1d0 [ 13.540891] ret_from_fork_asm+0x1a/0x30 [ 13.541121] [ 13.541586] The buggy address belongs to the object at ffff888101745ee0 [ 13.541586] which belongs to the cache kmalloc-16 of size 16 [ 13.542007] The buggy address is located 8 bytes inside of [ 13.542007] allocated 9-byte region [ffff888101745ee0, ffff888101745ee9) [ 13.542744] [ 13.542863] The buggy address belongs to the physical page: [ 13.543175] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101745 [ 13.543573] flags: 0x200000000000000(node=0|zone=2) [ 13.544000] page_type: f5(slab) [ 13.544189] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.544656] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.545012] page dumped because: kasan: bad access detected [ 13.545277] [ 13.545490] Memory state around the buggy address: [ 13.545712] ffff888101745d80: 00 01 fc fc 00 04 fc fc 00 04 fc fc 00 05 fc fc [ 13.546029] ffff888101745e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.546501] >ffff888101745e80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.547047] ^ [ 13.547395] ffff888101745f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.547789] ffff888101745f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.548049] ================================================================== [ 13.446039] ================================================================== [ 13.447436] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.447980] Write of size 8 at addr ffff888101745ee8 by task kunit_try_catch/279 [ 13.448528] [ 13.448786] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.448839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.448852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.448875] Call Trace: [ 13.448891] <TASK> [ 13.448909] dump_stack_lvl+0x73/0xb0 [ 13.448940] print_report+0xd1/0x650 [ 13.448962] ? __virt_addr_valid+0x1db/0x2d0 [ 13.448985] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.449009] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.449030] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.449055] kasan_report+0x141/0x180 [ 13.449076] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.449119] kasan_check_range+0x10c/0x1c0 [ 13.449149] __kasan_check_write+0x18/0x20 [ 13.449167] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.449192] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.449219] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.449242] ? trace_hardirqs_on+0x37/0xe0 [ 13.449268] ? kasan_bitops_generic+0x92/0x1c0 [ 13.449295] kasan_bitops_generic+0x116/0x1c0 [ 13.449317] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.449341] ? __pfx_read_tsc+0x10/0x10 [ 13.449362] ? ktime_get_ts64+0x86/0x230 [ 13.449385] kunit_try_run_case+0x1a5/0x480 [ 13.449409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.449431] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.449454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.449476] ? __kthread_parkme+0x82/0x180 [ 13.449496] ? preempt_count_sub+0x50/0x80 [ 13.449518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.449542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.449564] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.449587] kthread+0x337/0x6f0 [ 13.449606] ? trace_preempt_on+0x20/0xc0 [ 13.449632] ? __pfx_kthread+0x10/0x10 [ 13.449652] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.449672] ? calculate_sigpending+0x7b/0xa0 [ 13.449695] ? __pfx_kthread+0x10/0x10 [ 13.449715] ret_from_fork+0x116/0x1d0 [ 13.449733] ? __pfx_kthread+0x10/0x10 [ 13.449753] ret_from_fork_asm+0x1a/0x30 [ 13.449782] </TASK> [ 13.449795] [ 13.461711] Allocated by task 279: [ 13.461926] kasan_save_stack+0x45/0x70 [ 13.462239] kasan_save_track+0x18/0x40 [ 13.462505] kasan_save_alloc_info+0x3b/0x50 [ 13.462738] __kasan_kmalloc+0xb7/0xc0 [ 13.462939] __kmalloc_cache_noprof+0x189/0x420 [ 13.463270] kasan_bitops_generic+0x92/0x1c0 [ 13.463531] kunit_try_run_case+0x1a5/0x480 [ 13.463754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.464035] kthread+0x337/0x6f0 [ 13.464474] ret_from_fork+0x116/0x1d0 [ 13.464697] ret_from_fork_asm+0x1a/0x30 [ 13.464876] [ 13.464967] The buggy address belongs to the object at ffff888101745ee0 [ 13.464967] which belongs to the cache kmalloc-16 of size 16 [ 13.465691] The buggy address is located 8 bytes inside of [ 13.465691] allocated 9-byte region [ffff888101745ee0, ffff888101745ee9) [ 13.466259] [ 13.466358] The buggy address belongs to the physical page: [ 13.466563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101745 [ 13.466935] flags: 0x200000000000000(node=0|zone=2) [ 13.467176] page_type: f5(slab) [ 13.467341] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.467699] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.467965] page dumped because: kasan: bad access detected [ 13.468464] [ 13.468580] Memory state around the buggy address: [ 13.468810] ffff888101745d80: 00 01 fc fc 00 04 fc fc 00 04 fc fc 00 05 fc fc [ 13.469083] ffff888101745e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.469453] >ffff888101745e80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.469827] ^ [ 13.470307] ffff888101745f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.470795] ffff888101745f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.471022] ================================================================== [ 13.569230] ================================================================== [ 13.569694] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.570019] Write of size 8 at addr ffff888101745ee8 by task kunit_try_catch/279 [ 13.570490] [ 13.570576] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.570615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.570627] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.570646] Call Trace: [ 13.570661] <TASK> [ 13.570674] dump_stack_lvl+0x73/0xb0 [ 13.570701] print_report+0xd1/0x650 [ 13.570723] ? __virt_addr_valid+0x1db/0x2d0 [ 13.570744] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.570769] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.570791] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.570816] kasan_report+0x141/0x180 [ 13.570837] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.570867] kasan_check_range+0x10c/0x1c0 [ 13.570890] __kasan_check_write+0x18/0x20 [ 13.570909] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.570934] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.570961] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.570985] ? trace_hardirqs_on+0x37/0xe0 [ 13.571012] ? kasan_bitops_generic+0x92/0x1c0 [ 13.571039] kasan_bitops_generic+0x116/0x1c0 [ 13.571063] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.571086] ? __pfx_read_tsc+0x10/0x10 [ 13.571118] ? ktime_get_ts64+0x86/0x230 [ 13.571141] kunit_try_run_case+0x1a5/0x480 [ 13.571164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.571186] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.571218] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.571240] ? __kthread_parkme+0x82/0x180 [ 13.571260] ? preempt_count_sub+0x50/0x80 [ 13.571283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.571307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.571347] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.571370] kthread+0x337/0x6f0 [ 13.571389] ? trace_preempt_on+0x20/0xc0 [ 13.571414] ? __pfx_kthread+0x10/0x10 [ 13.571434] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.571454] ? calculate_sigpending+0x7b/0xa0 [ 13.571477] ? __pfx_kthread+0x10/0x10 [ 13.571497] ret_from_fork+0x116/0x1d0 [ 13.571515] ? __pfx_kthread+0x10/0x10 [ 13.571534] ret_from_fork_asm+0x1a/0x30 [ 13.571564] </TASK> [ 13.571575] [ 13.579635] Allocated by task 279: [ 13.579768] kasan_save_stack+0x45/0x70 [ 13.579962] kasan_save_track+0x18/0x40 [ 13.580216] kasan_save_alloc_info+0x3b/0x50 [ 13.580576] __kasan_kmalloc+0xb7/0xc0 [ 13.580766] __kmalloc_cache_noprof+0x189/0x420 [ 13.580996] kasan_bitops_generic+0x92/0x1c0 [ 13.581410] kunit_try_run_case+0x1a5/0x480 [ 13.581596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.581847] kthread+0x337/0x6f0 [ 13.581970] ret_from_fork+0x116/0x1d0 [ 13.582135] ret_from_fork_asm+0x1a/0x30 [ 13.582397] [ 13.582500] The buggy address belongs to the object at ffff888101745ee0 [ 13.582500] which belongs to the cache kmalloc-16 of size 16 [ 13.582956] The buggy address is located 8 bytes inside of [ 13.582956] allocated 9-byte region [ffff888101745ee0, ffff888101745ee9) [ 13.583595] [ 13.583685] The buggy address belongs to the physical page: [ 13.583919] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101745 [ 13.584342] flags: 0x200000000000000(node=0|zone=2) [ 13.584549] page_type: f5(slab) [ 13.584715] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.584998] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.585355] page dumped because: kasan: bad access detected [ 13.585549] [ 13.585644] Memory state around the buggy address: [ 13.585855] ffff888101745d80: 00 01 fc fc 00 04 fc fc 00 04 fc fc 00 05 fc fc [ 13.586158] ffff888101745e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.586413] >ffff888101745e80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.586629] ^ [ 13.586830] ffff888101745f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.587049] ffff888101745f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.587530] ================================================================== [ 13.587987] ================================================================== [ 13.588336] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.588701] Write of size 8 at addr ffff888101745ee8 by task kunit_try_catch/279 [ 13.588987] [ 13.589070] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.589119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.589131] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.589150] Call Trace: [ 13.589162] <TASK> [ 13.589175] dump_stack_lvl+0x73/0xb0 [ 13.589200] print_report+0xd1/0x650 [ 13.589221] ? __virt_addr_valid+0x1db/0x2d0 [ 13.589243] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.589267] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.589288] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.589313] kasan_report+0x141/0x180 [ 13.589335] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.589428] kasan_check_range+0x10c/0x1c0 [ 13.589452] __kasan_check_write+0x18/0x20 [ 13.589471] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.589496] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.589523] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.589548] ? trace_hardirqs_on+0x37/0xe0 [ 13.589575] ? kasan_bitops_generic+0x92/0x1c0 [ 13.589602] kasan_bitops_generic+0x116/0x1c0 [ 13.589625] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.589648] ? __pfx_read_tsc+0x10/0x10 [ 13.589668] ? ktime_get_ts64+0x86/0x230 [ 13.589691] kunit_try_run_case+0x1a5/0x480 [ 13.589714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.589736] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.589759] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.589781] ? __kthread_parkme+0x82/0x180 [ 13.589800] ? preempt_count_sub+0x50/0x80 [ 13.589823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.589846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.589868] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.589890] kthread+0x337/0x6f0 [ 13.589909] ? trace_preempt_on+0x20/0xc0 [ 13.589934] ? __pfx_kthread+0x10/0x10 [ 13.589954] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.589974] ? calculate_sigpending+0x7b/0xa0 [ 13.589996] ? __pfx_kthread+0x10/0x10 [ 13.590017] ret_from_fork+0x116/0x1d0 [ 13.590035] ? __pfx_kthread+0x10/0x10 [ 13.590055] ret_from_fork_asm+0x1a/0x30 [ 13.590084] </TASK> [ 13.590105] [ 13.599573] Allocated by task 279: [ 13.599713] kasan_save_stack+0x45/0x70 [ 13.599862] kasan_save_track+0x18/0x40 [ 13.600048] kasan_save_alloc_info+0x3b/0x50 [ 13.600339] __kasan_kmalloc+0xb7/0xc0 [ 13.600537] __kmalloc_cache_noprof+0x189/0x420 [ 13.600764] kasan_bitops_generic+0x92/0x1c0 [ 13.600917] kunit_try_run_case+0x1a5/0x480 [ 13.601064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.601331] kthread+0x337/0x6f0 [ 13.601504] ret_from_fork+0x116/0x1d0 [ 13.601796] ret_from_fork_asm+0x1a/0x30 [ 13.601937] [ 13.602010] The buggy address belongs to the object at ffff888101745ee0 [ 13.602010] which belongs to the cache kmalloc-16 of size 16 [ 13.602404] The buggy address is located 8 bytes inside of [ 13.602404] allocated 9-byte region [ffff888101745ee0, ffff888101745ee9) [ 13.603295] [ 13.603422] The buggy address belongs to the physical page: [ 13.603667] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101745 [ 13.603910] flags: 0x200000000000000(node=0|zone=2) [ 13.604077] page_type: f5(slab) [ 13.604439] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.604996] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.605455] page dumped because: kasan: bad access detected [ 13.605626] [ 13.605697] Memory state around the buggy address: [ 13.606082] ffff888101745d80: 00 01 fc fc 00 04 fc fc 00 04 fc fc 00 05 fc fc [ 13.606529] ffff888101745e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.606752] >ffff888101745e80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.606968] ^ [ 13.607481] ffff888101745f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.607817] ffff888101745f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.608178] ================================================================== [ 13.471673] ================================================================== [ 13.472012] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.472720] Write of size 8 at addr ffff888101745ee8 by task kunit_try_catch/279 [ 13.473039] [ 13.473199] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.473240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.473253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.473274] Call Trace: [ 13.473289] <TASK> [ 13.473304] dump_stack_lvl+0x73/0xb0 [ 13.473331] print_report+0xd1/0x650 [ 13.473357] ? __virt_addr_valid+0x1db/0x2d0 [ 13.473381] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.473446] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.473494] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.473521] kasan_report+0x141/0x180 [ 13.473544] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.473574] kasan_check_range+0x10c/0x1c0 [ 13.473597] __kasan_check_write+0x18/0x20 [ 13.473617] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.473641] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.473667] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.473691] ? trace_hardirqs_on+0x37/0xe0 [ 13.473750] ? kasan_bitops_generic+0x92/0x1c0 [ 13.473787] kasan_bitops_generic+0x116/0x1c0 [ 13.473811] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.473835] ? __pfx_read_tsc+0x10/0x10 [ 13.473855] ? ktime_get_ts64+0x86/0x230 [ 13.473879] kunit_try_run_case+0x1a5/0x480 [ 13.473908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.473929] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.473952] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.474006] ? __kthread_parkme+0x82/0x180 [ 13.474027] ? preempt_count_sub+0x50/0x80 [ 13.474049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.474072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.474094] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.474130] kthread+0x337/0x6f0 [ 13.474149] ? trace_preempt_on+0x20/0xc0 [ 13.474177] ? __pfx_kthread+0x10/0x10 [ 13.474197] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.474218] ? calculate_sigpending+0x7b/0xa0 [ 13.474241] ? __pfx_kthread+0x10/0x10 [ 13.474262] ret_from_fork+0x116/0x1d0 [ 13.474280] ? __pfx_kthread+0x10/0x10 [ 13.474300] ret_from_fork_asm+0x1a/0x30 [ 13.474329] </TASK> [ 13.474341] [ 13.484726] Allocated by task 279: [ 13.484953] kasan_save_stack+0x45/0x70 [ 13.485271] kasan_save_track+0x18/0x40 [ 13.485441] kasan_save_alloc_info+0x3b/0x50 [ 13.485690] __kasan_kmalloc+0xb7/0xc0 [ 13.485887] __kmalloc_cache_noprof+0x189/0x420 [ 13.486068] kasan_bitops_generic+0x92/0x1c0 [ 13.486360] kunit_try_run_case+0x1a5/0x480 [ 13.486626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.486975] kthread+0x337/0x6f0 [ 13.487305] ret_from_fork+0x116/0x1d0 [ 13.487626] ret_from_fork_asm+0x1a/0x30 [ 13.487846] [ 13.487937] The buggy address belongs to the object at ffff888101745ee0 [ 13.487937] which belongs to the cache kmalloc-16 of size 16 [ 13.488782] The buggy address is located 8 bytes inside of [ 13.488782] allocated 9-byte region [ffff888101745ee0, ffff888101745ee9) [ 13.489436] [ 13.489573] The buggy address belongs to the physical page: [ 13.489843] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101745 [ 13.490249] flags: 0x200000000000000(node=0|zone=2) [ 13.490599] page_type: f5(slab) [ 13.490784] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.491138] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.491639] page dumped because: kasan: bad access detected [ 13.491875] [ 13.491948] Memory state around the buggy address: [ 13.492120] ffff888101745d80: 00 01 fc fc 00 04 fc fc 00 04 fc fc 00 05 fc fc [ 13.492599] ffff888101745e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.493035] >ffff888101745e80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.493653] ^ [ 13.493906] ffff888101745f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.494143] ffff888101745f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.494359] ================================================================== [ 13.609434] ================================================================== [ 13.609761] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.610077] Write of size 8 at addr ffff888101745ee8 by task kunit_try_catch/279 [ 13.610584] [ 13.610684] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.610727] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.610739] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.610760] Call Trace: [ 13.610774] <TASK> [ 13.610789] dump_stack_lvl+0x73/0xb0 [ 13.610816] print_report+0xd1/0x650 [ 13.610838] ? __virt_addr_valid+0x1db/0x2d0 [ 13.610859] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.610884] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.610906] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.610930] kasan_report+0x141/0x180 [ 13.610952] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.610980] kasan_check_range+0x10c/0x1c0 [ 13.611003] __kasan_check_write+0x18/0x20 [ 13.611022] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.611047] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.611073] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.611110] ? trace_hardirqs_on+0x37/0xe0 [ 13.611136] ? kasan_bitops_generic+0x92/0x1c0 [ 13.611308] kasan_bitops_generic+0x116/0x1c0 [ 13.611337] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.611363] ? __pfx_read_tsc+0x10/0x10 [ 13.611384] ? ktime_get_ts64+0x86/0x230 [ 13.611407] kunit_try_run_case+0x1a5/0x480 [ 13.611430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.611451] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.611474] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.611496] ? __kthread_parkme+0x82/0x180 [ 13.611516] ? preempt_count_sub+0x50/0x80 [ 13.611539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.611561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.611583] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.611606] kthread+0x337/0x6f0 [ 13.611625] ? trace_preempt_on+0x20/0xc0 [ 13.611651] ? __pfx_kthread+0x10/0x10 [ 13.611671] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.611690] ? calculate_sigpending+0x7b/0xa0 [ 13.611713] ? __pfx_kthread+0x10/0x10 [ 13.611734] ret_from_fork+0x116/0x1d0 [ 13.611751] ? __pfx_kthread+0x10/0x10 [ 13.611771] ret_from_fork_asm+0x1a/0x30 [ 13.611800] </TASK> [ 13.611811] [ 13.620202] Allocated by task 279: [ 13.620425] kasan_save_stack+0x45/0x70 [ 13.620688] kasan_save_track+0x18/0x40 [ 13.621115] kasan_save_alloc_info+0x3b/0x50 [ 13.621267] __kasan_kmalloc+0xb7/0xc0 [ 13.621615] __kmalloc_cache_noprof+0x189/0x420 [ 13.621823] kasan_bitops_generic+0x92/0x1c0 [ 13.621975] kunit_try_run_case+0x1a5/0x480 [ 13.622262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.622698] kthread+0x337/0x6f0 [ 13.622865] ret_from_fork+0x116/0x1d0 [ 13.623057] ret_from_fork_asm+0x1a/0x30 [ 13.623525] [ 13.623615] The buggy address belongs to the object at ffff888101745ee0 [ 13.623615] which belongs to the cache kmalloc-16 of size 16 [ 13.623995] The buggy address is located 8 bytes inside of [ 13.623995] allocated 9-byte region [ffff888101745ee0, ffff888101745ee9) [ 13.624363] [ 13.624463] The buggy address belongs to the physical page: [ 13.624717] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101745 [ 13.625390] flags: 0x200000000000000(node=0|zone=2) [ 13.625592] page_type: f5(slab) [ 13.625715] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.625949] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.626257] page dumped because: kasan: bad access detected [ 13.626767] [ 13.626867] Memory state around the buggy address: [ 13.627108] ffff888101745d80: 00 01 fc fc 00 04 fc fc 00 04 fc fc 00 05 fc fc [ 13.627639] ffff888101745e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.628176] >ffff888101745e80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.628547] ^ [ 13.628755] ffff888101745f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.629074] ffff888101745f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.629400] ================================================================== [ 13.495005] ================================================================== [ 13.495669] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.496010] Write of size 8 at addr ffff888101745ee8 by task kunit_try_catch/279 [ 13.496502] [ 13.496643] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.496684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.496696] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.496748] Call Trace: [ 13.496765] <TASK> [ 13.496778] dump_stack_lvl+0x73/0xb0 [ 13.496805] print_report+0xd1/0x650 [ 13.496827] ? __virt_addr_valid+0x1db/0x2d0 [ 13.496848] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.496899] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.496922] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.496948] kasan_report+0x141/0x180 [ 13.496969] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.496999] kasan_check_range+0x10c/0x1c0 [ 13.497022] __kasan_check_write+0x18/0x20 [ 13.497041] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.497065] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.497091] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.497127] ? trace_hardirqs_on+0x37/0xe0 [ 13.497346] ? kasan_bitops_generic+0x92/0x1c0 [ 13.497384] kasan_bitops_generic+0x116/0x1c0 [ 13.497437] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.497487] ? __pfx_read_tsc+0x10/0x10 [ 13.497507] ? ktime_get_ts64+0x86/0x230 [ 13.497530] kunit_try_run_case+0x1a5/0x480 [ 13.497554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.497576] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.497600] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.497622] ? __kthread_parkme+0x82/0x180 [ 13.497642] ? preempt_count_sub+0x50/0x80 [ 13.497664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.497688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.497710] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.497733] kthread+0x337/0x6f0 [ 13.497752] ? trace_preempt_on+0x20/0xc0 [ 13.497778] ? __pfx_kthread+0x10/0x10 [ 13.497798] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.497818] ? calculate_sigpending+0x7b/0xa0 [ 13.497842] ? __pfx_kthread+0x10/0x10 [ 13.497862] ret_from_fork+0x116/0x1d0 [ 13.497880] ? __pfx_kthread+0x10/0x10 [ 13.497900] ret_from_fork_asm+0x1a/0x30 [ 13.497930] </TASK> [ 13.497941] [ 13.507979] Allocated by task 279: [ 13.508151] kasan_save_stack+0x45/0x70 [ 13.508297] kasan_save_track+0x18/0x40 [ 13.508603] kasan_save_alloc_info+0x3b/0x50 [ 13.508820] __kasan_kmalloc+0xb7/0xc0 [ 13.508955] __kmalloc_cache_noprof+0x189/0x420 [ 13.509174] kasan_bitops_generic+0x92/0x1c0 [ 13.509637] kunit_try_run_case+0x1a5/0x480 [ 13.509849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.510088] kthread+0x337/0x6f0 [ 13.510410] ret_from_fork+0x116/0x1d0 [ 13.510553] ret_from_fork_asm+0x1a/0x30 [ 13.510767] [ 13.510843] The buggy address belongs to the object at ffff888101745ee0 [ 13.510843] which belongs to the cache kmalloc-16 of size 16 [ 13.511622] The buggy address is located 8 bytes inside of [ 13.511622] allocated 9-byte region [ffff888101745ee0, ffff888101745ee9) [ 13.512880] [ 13.513110] The buggy address belongs to the physical page: [ 13.513776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101745 [ 13.514514] flags: 0x200000000000000(node=0|zone=2) [ 13.514857] page_type: f5(slab) [ 13.514983] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.515323] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.516044] page dumped because: kasan: bad access detected [ 13.516724] [ 13.516887] Memory state around the buggy address: [ 13.517461] ffff888101745d80: 00 01 fc fc 00 04 fc fc 00 04 fc fc 00 05 fc fc [ 13.518055] ffff888101745e00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.518709] >ffff888101745e80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 13.519270] ^ [ 13.519960] ffff888101745f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.520210] ffff888101745f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.521131] ==================================================================