Date
July 5, 2025, 5:09 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 20.471746] ================================================================== [ 20.471934] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 20.472029] Write of size 8 at addr fff00000c604ecc8 by task kunit_try_catch/261 [ 20.472119] [ 20.472169] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.472296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.472323] Hardware name: linux,dummy-virt (DT) [ 20.472371] Call trace: [ 20.472566] show_stack+0x20/0x38 (C) [ 20.472673] dump_stack_lvl+0x8c/0xd0 [ 20.472726] print_report+0x118/0x608 [ 20.472773] kasan_report+0xdc/0x128 [ 20.472902] kasan_check_range+0x100/0x1a8 [ 20.472988] __kasan_check_write+0x20/0x30 [ 20.473038] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 20.473353] kasan_bitops_generic+0x110/0x1c8 [ 20.473429] kunit_try_run_case+0x170/0x3f0 [ 20.473481] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.473627] kthread+0x328/0x630 [ 20.473691] ret_from_fork+0x10/0x20 [ 20.473903] [ 20.474010] Allocated by task 261: [ 20.474060] kasan_save_stack+0x3c/0x68 [ 20.474206] kasan_save_track+0x20/0x40 [ 20.474272] kasan_save_alloc_info+0x40/0x58 [ 20.474376] __kasan_kmalloc+0xd4/0xd8 [ 20.474419] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.474479] kasan_bitops_generic+0xa0/0x1c8 [ 20.474525] kunit_try_run_case+0x170/0x3f0 [ 20.474711] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.474959] kthread+0x328/0x630 [ 20.475038] ret_from_fork+0x10/0x20 [ 20.475141] [ 20.475225] The buggy address belongs to the object at fff00000c604ecc0 [ 20.475225] which belongs to the cache kmalloc-16 of size 16 [ 20.475286] The buggy address is located 8 bytes inside of [ 20.475286] allocated 9-byte region [fff00000c604ecc0, fff00000c604ecc9) [ 20.475372] [ 20.475641] The buggy address belongs to the physical page: [ 20.475757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10604e [ 20.475854] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.475959] page_type: f5(slab) [ 20.476023] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.476302] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.476454] page dumped because: kasan: bad access detected [ 20.476541] [ 20.476823] Memory state around the buggy address: [ 20.476944] fff00000c604eb80: 00 02 fc fc 00 05 fc fc fa fb fc fc 00 02 fc fc [ 20.476994] fff00000c604ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.477064] >fff00000c604ec80: fa fb fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 20.477218] ^ [ 20.477263] fff00000c604ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.477388] fff00000c604ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.477477] ================================================================== [ 20.478162] ================================================================== [ 20.478216] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 20.478269] Read of size 8 at addr fff00000c604ecc8 by task kunit_try_catch/261 [ 20.478329] [ 20.478364] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.478444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.478471] Hardware name: linux,dummy-virt (DT) [ 20.478675] Call trace: [ 20.478718] show_stack+0x20/0x38 (C) [ 20.478900] dump_stack_lvl+0x8c/0xd0 [ 20.479027] print_report+0x118/0x608 [ 20.479098] kasan_report+0xdc/0x128 [ 20.479189] __asan_report_load8_noabort+0x20/0x30 [ 20.479247] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 20.479584] [ 20.479802] __kasan_kmalloc+0xd4/0xd8 [ 20.481137] The buggy address is located 8 bytes inside of [ 20.481137] allocated 9-byte region [fff00000c604ecc0, fff00000c604ecc9) [ 20.482536] fff00000c604eb80: 00 02 fc fc 00 05 fc fc fa fb fc fc 00 02 fc fc [ 20.483198] ================================================================== [ 20.458025] ================================================================== [ 20.458088] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 20.458151] Write of size 8 at addr fff00000c604ecc8 by task kunit_try_catch/261 [ 20.458202] [ 20.458237] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.458321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.458513] Hardware name: linux,dummy-virt (DT) [ 20.458565] Call trace: [ 20.458948] show_stack+0x20/0x38 (C) [ 20.459262] dump_stack_lvl+0x8c/0xd0 [ 20.459318] print_report+0x118/0x608 [ 20.459367] kasan_report+0xdc/0x128 [ 20.459413] kasan_check_range+0x100/0x1a8 [ 20.459469] __kasan_check_write+0x20/0x30 [ 20.459517] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 20.459572] kasan_bitops_generic+0x110/0x1c8 [ 20.459621] kunit_try_run_case+0x170/0x3f0 [ 20.459672] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.459726] kthread+0x328/0x630 [ 20.460509] ret_from_fork+0x10/0x20 [ 20.460575] [ 20.460596] Allocated by task 261: [ 20.460641] kasan_save_stack+0x3c/0x68 [ 20.460686] kasan_save_track+0x20/0x40 [ 20.460725] kasan_save_alloc_info+0x40/0x58 [ 20.460768] __kasan_kmalloc+0xd4/0xd8 [ 20.460806] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.460856] kasan_bitops_generic+0xa0/0x1c8 [ 20.461153] kunit_try_run_case+0x170/0x3f0 [ 20.461290] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.461525] kthread+0x328/0x630 [ 20.461597] ret_from_fork+0x10/0x20 [ 20.461673] [ 20.462112] The buggy address belongs to the object at fff00000c604ecc0 [ 20.462112] which belongs to the cache kmalloc-16 of size 16 [ 20.462196] The buggy address is located 8 bytes inside of [ 20.462196] allocated 9-byte region [fff00000c604ecc0, fff00000c604ecc9) [ 20.462354] [ 20.462398] The buggy address belongs to the physical page: [ 20.462448] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10604e [ 20.462628] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.462707] page_type: f5(slab) [ 20.462753] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.462977] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.463075] page dumped because: kasan: bad access detected [ 20.463175] [ 20.463208] Memory state around the buggy address: [ 20.463407] fff00000c604eb80: 00 02 fc fc 00 05 fc fc fa fb fc fc 00 02 fc fc [ 20.463461] fff00000c604ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.463506] >fff00000c604ec80: fa fb fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 20.463964] ^ [ 20.464059] fff00000c604ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.464208] fff00000c604ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.464355] ================================================================== [ 20.465741] ================================================================== [ 20.465926] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 20.465991] Read of size 8 at addr fff00000c604ecc8 by task kunit_try_catch/261 [ 20.466245] [ 20.466291] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT [ 20.466404] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.466434] Hardware name: linux,dummy-virt (DT) [ 20.466468] Call trace: [ 20.466539] show_stack+0x20/0x38 (C) [ 20.466593] dump_stack_lvl+0x8c/0xd0 [ 20.466665] print_report+0x118/0x608 [ 20.467099] kasan_report+0xdc/0x128 [ 20.467173] __asan_report_load8_noabort+0x20/0x30 [ 20.467530] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 20.467618] kasan_bitops_generic+0x110/0x1c8 [ 20.467782] kunit_try_run_case+0x170/0x3f0 [ 20.467901] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.467986] kthread+0x328/0x630 [ 20.468113] ret_from_fork+0x10/0x20 [ 20.468221] [ 20.468306] Allocated by task 261: [ 20.468364] kasan_save_stack+0x3c/0x68 [ 20.468484] kasan_save_track+0x20/0x40 [ 20.468562] kasan_save_alloc_info+0x40/0x58 [ 20.468602] __kasan_kmalloc+0xd4/0xd8 [ 20.468810] __kmalloc_cache_noprof+0x16c/0x3c0 [ 20.468970] kasan_bitops_generic+0xa0/0x1c8 [ 20.469085] kunit_try_run_case+0x170/0x3f0 [ 20.469203] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 20.469261] kthread+0x328/0x630 [ 20.469471] ret_from_fork+0x10/0x20 [ 20.469612] [ 20.469685] The buggy address belongs to the object at fff00000c604ecc0 [ 20.469685] which belongs to the cache kmalloc-16 of size 16 [ 20.469889] The buggy address is located 8 bytes inside of [ 20.469889] allocated 9-byte region [fff00000c604ecc0, fff00000c604ecc9) [ 20.469967] [ 20.469995] The buggy address belongs to the physical page: [ 20.470047] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10604e [ 20.470103] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 20.470151] page_type: f5(slab) [ 20.470189] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 20.470241] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.470283] page dumped because: kasan: bad access detected [ 20.470317] [ 20.470344] Memory state around the buggy address: [ 20.470377] fff00000c604eb80: 00 02 fc fc 00 05 fc fc fa fb fc fc 00 02 fc fc [ 20.470422] fff00000c604ec00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.470478] >fff00000c604ec80: fa fb fc fc 00 04 fc fc 00 01 fc fc fc fc fc fc [ 20.470528] ^ [ 20.470571] fff00000c604ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.470645] fff00000c604ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.470686] ==================================================================
[ 13.614164] ================================================================== [ 13.615234] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.616171] Write of size 8 at addr ffff88810274c288 by task kunit_try_catch/279 [ 13.616848] [ 13.616947] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.616996] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.617009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.617033] Call Trace: [ 13.617048] <TASK> [ 13.617066] dump_stack_lvl+0x73/0xb0 [ 13.617099] print_report+0xd1/0x650 [ 13.617120] ? __virt_addr_valid+0x1db/0x2d0 [ 13.617144] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.617169] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.617219] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.617245] kasan_report+0x141/0x180 [ 13.617266] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.617297] kasan_check_range+0x10c/0x1c0 [ 13.617321] __kasan_check_write+0x18/0x20 [ 13.617340] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.617365] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.617396] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.617421] ? trace_hardirqs_on+0x37/0xe0 [ 13.617444] ? kasan_bitops_generic+0x92/0x1c0 [ 13.617481] kasan_bitops_generic+0x116/0x1c0 [ 13.617505] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.617529] ? __pfx_read_tsc+0x10/0x10 [ 13.617550] ? ktime_get_ts64+0x86/0x230 [ 13.617693] kunit_try_run_case+0x1a5/0x480 [ 13.617721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.617743] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.617767] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.617790] ? __kthread_parkme+0x82/0x180 [ 13.617811] ? preempt_count_sub+0x50/0x80 [ 13.617835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.617859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.617882] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.617904] kthread+0x337/0x6f0 [ 13.617923] ? trace_preempt_on+0x20/0xc0 [ 13.617944] ? __pfx_kthread+0x10/0x10 [ 13.617964] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.617985] ? calculate_sigpending+0x7b/0xa0 [ 13.618009] ? __pfx_kthread+0x10/0x10 [ 13.618030] ret_from_fork+0x116/0x1d0 [ 13.618047] ? __pfx_kthread+0x10/0x10 [ 13.618068] ret_from_fork_asm+0x1a/0x30 [ 13.618098] </TASK> [ 13.618109] [ 13.630970] Allocated by task 279: [ 13.631169] kasan_save_stack+0x45/0x70 [ 13.631450] kasan_save_track+0x18/0x40 [ 13.631658] kasan_save_alloc_info+0x3b/0x50 [ 13.631861] __kasan_kmalloc+0xb7/0xc0 [ 13.632045] __kmalloc_cache_noprof+0x189/0x420 [ 13.632306] kasan_bitops_generic+0x92/0x1c0 [ 13.632525] kunit_try_run_case+0x1a5/0x480 [ 13.632677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.632873] kthread+0x337/0x6f0 [ 13.633041] ret_from_fork+0x116/0x1d0 [ 13.633297] ret_from_fork_asm+0x1a/0x30 [ 13.633514] [ 13.633612] The buggy address belongs to the object at ffff88810274c280 [ 13.633612] which belongs to the cache kmalloc-16 of size 16 [ 13.634154] The buggy address is located 8 bytes inside of [ 13.634154] allocated 9-byte region [ffff88810274c280, ffff88810274c289) [ 13.634832] [ 13.634922] The buggy address belongs to the physical page: [ 13.635148] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10274c [ 13.635484] flags: 0x200000000000000(node=0|zone=2) [ 13.635656] page_type: f5(slab) [ 13.635829] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.636181] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.636540] page dumped because: kasan: bad access detected [ 13.636776] [ 13.636873] Memory state around the buggy address: [ 13.637100] ffff88810274c180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.637462] ffff88810274c200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.637747] >ffff88810274c280: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.638064] ^ [ 13.638416] ffff88810274c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.638739] ffff88810274c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.639058] ================================================================== [ 13.749039] ================================================================== [ 13.749548] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.750334] Write of size 8 at addr ffff88810274c288 by task kunit_try_catch/279 [ 13.751040] [ 13.751133] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.751176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.751200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.751221] Call Trace: [ 13.751238] <TASK> [ 13.751256] dump_stack_lvl+0x73/0xb0 [ 13.751284] print_report+0xd1/0x650 [ 13.751359] ? __virt_addr_valid+0x1db/0x2d0 [ 13.751395] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.751420] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.751442] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.751478] kasan_report+0x141/0x180 [ 13.751499] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.751529] kasan_check_range+0x10c/0x1c0 [ 13.751552] __kasan_check_write+0x18/0x20 [ 13.751571] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.751597] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.751624] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.751649] ? trace_hardirqs_on+0x37/0xe0 [ 13.751670] ? kasan_bitops_generic+0x92/0x1c0 [ 13.751706] kasan_bitops_generic+0x116/0x1c0 [ 13.751730] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.751755] ? __pfx_read_tsc+0x10/0x10 [ 13.751777] ? ktime_get_ts64+0x86/0x230 [ 13.751800] kunit_try_run_case+0x1a5/0x480 [ 13.751823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.751845] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.751867] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.751890] ? __kthread_parkme+0x82/0x180 [ 13.751910] ? preempt_count_sub+0x50/0x80 [ 13.751933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.751956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.751979] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.752001] kthread+0x337/0x6f0 [ 13.752020] ? trace_preempt_on+0x20/0xc0 [ 13.752041] ? __pfx_kthread+0x10/0x10 [ 13.752061] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.752082] ? calculate_sigpending+0x7b/0xa0 [ 13.752104] ? __pfx_kthread+0x10/0x10 [ 13.752126] ret_from_fork+0x116/0x1d0 [ 13.752143] ? __pfx_kthread+0x10/0x10 [ 13.752163] ret_from_fork_asm+0x1a/0x30 [ 13.752357] </TASK> [ 13.752376] [ 13.767194] Allocated by task 279: [ 13.767571] kasan_save_stack+0x45/0x70 [ 13.768003] kasan_save_track+0x18/0x40 [ 13.768218] kasan_save_alloc_info+0x3b/0x50 [ 13.768647] __kasan_kmalloc+0xb7/0xc0 [ 13.769123] __kmalloc_cache_noprof+0x189/0x420 [ 13.769616] kasan_bitops_generic+0x92/0x1c0 [ 13.769822] kunit_try_run_case+0x1a5/0x480 [ 13.770073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.770637] kthread+0x337/0x6f0 [ 13.771013] ret_from_fork+0x116/0x1d0 [ 13.771248] ret_from_fork_asm+0x1a/0x30 [ 13.771669] [ 13.771933] The buggy address belongs to the object at ffff88810274c280 [ 13.771933] which belongs to the cache kmalloc-16 of size 16 [ 13.772768] The buggy address is located 8 bytes inside of [ 13.772768] allocated 9-byte region [ffff88810274c280, ffff88810274c289) [ 13.773686] [ 13.773898] The buggy address belongs to the physical page: [ 13.774535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10274c [ 13.774876] flags: 0x200000000000000(node=0|zone=2) [ 13.775423] page_type: f5(slab) [ 13.775819] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.776186] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.776956] page dumped because: kasan: bad access detected [ 13.777126] [ 13.777382] Memory state around the buggy address: [ 13.777769] ffff88810274c180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.777982] ffff88810274c200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.778193] >ffff88810274c280: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.778398] ^ [ 13.778827] ffff88810274c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.779261] ffff88810274c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.779834] ================================================================== [ 13.810642] ================================================================== [ 13.811373] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.812088] Write of size 8 at addr ffff88810274c288 by task kunit_try_catch/279 [ 13.812370] [ 13.812733] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.812782] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.812794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.812816] Call Trace: [ 13.812843] <TASK> [ 13.812861] dump_stack_lvl+0x73/0xb0 [ 13.812888] print_report+0xd1/0x650 [ 13.812911] ? __virt_addr_valid+0x1db/0x2d0 [ 13.812932] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.812958] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.812980] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.813006] kasan_report+0x141/0x180 [ 13.813027] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.813057] kasan_check_range+0x10c/0x1c0 [ 13.813080] __kasan_check_write+0x18/0x20 [ 13.813100] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.813125] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.813152] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.813175] ? trace_hardirqs_on+0x37/0xe0 [ 13.813218] ? kasan_bitops_generic+0x92/0x1c0 [ 13.813247] kasan_bitops_generic+0x116/0x1c0 [ 13.813270] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.813295] ? __pfx_read_tsc+0x10/0x10 [ 13.813316] ? ktime_get_ts64+0x86/0x230 [ 13.813339] kunit_try_run_case+0x1a5/0x480 [ 13.813363] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.813399] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.813421] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.813444] ? __kthread_parkme+0x82/0x180 [ 13.813478] ? preempt_count_sub+0x50/0x80 [ 13.813501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.813525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.813547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.813570] kthread+0x337/0x6f0 [ 13.813589] ? trace_preempt_on+0x20/0xc0 [ 13.813611] ? __pfx_kthread+0x10/0x10 [ 13.813631] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.813652] ? calculate_sigpending+0x7b/0xa0 [ 13.813675] ? __pfx_kthread+0x10/0x10 [ 13.813698] ret_from_fork+0x116/0x1d0 [ 13.813716] ? __pfx_kthread+0x10/0x10 [ 13.813737] ret_from_fork_asm+0x1a/0x30 [ 13.813767] </TASK> [ 13.813778] [ 13.830379] Allocated by task 279: [ 13.830941] kasan_save_stack+0x45/0x70 [ 13.831809] kasan_save_track+0x18/0x40 [ 13.832318] kasan_save_alloc_info+0x3b/0x50 [ 13.832887] __kasan_kmalloc+0xb7/0xc0 [ 13.833576] __kmalloc_cache_noprof+0x189/0x420 [ 13.834150] kasan_bitops_generic+0x92/0x1c0 [ 13.834818] kunit_try_run_case+0x1a5/0x480 [ 13.835599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.836242] kthread+0x337/0x6f0 [ 13.836552] ret_from_fork+0x116/0x1d0 [ 13.837034] ret_from_fork_asm+0x1a/0x30 [ 13.837589] [ 13.837808] The buggy address belongs to the object at ffff88810274c280 [ 13.837808] which belongs to the cache kmalloc-16 of size 16 [ 13.838938] The buggy address is located 8 bytes inside of [ 13.838938] allocated 9-byte region [ffff88810274c280, ffff88810274c289) [ 13.839695] [ 13.839905] The buggy address belongs to the physical page: [ 13.840476] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10274c [ 13.841481] flags: 0x200000000000000(node=0|zone=2) [ 13.841659] page_type: f5(slab) [ 13.841969] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.842674] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.842907] page dumped because: kasan: bad access detected [ 13.843081] [ 13.843153] Memory state around the buggy address: [ 13.843338] ffff88810274c180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.843800] ffff88810274c200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.844104] >ffff88810274c280: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.845047] ^ [ 13.845368] ffff88810274c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.845809] ffff88810274c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.846028] ================================================================== [ 13.639564] ================================================================== [ 13.639935] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.640376] Write of size 8 at addr ffff88810274c288 by task kunit_try_catch/279 [ 13.640696] [ 13.640820] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.640863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.640875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.640896] Call Trace: [ 13.640910] <TASK> [ 13.640927] dump_stack_lvl+0x73/0xb0 [ 13.640953] print_report+0xd1/0x650 [ 13.640975] ? __virt_addr_valid+0x1db/0x2d0 [ 13.640998] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.641022] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.641044] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.641069] kasan_report+0x141/0x180 [ 13.641091] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.641122] kasan_check_range+0x10c/0x1c0 [ 13.641145] __kasan_check_write+0x18/0x20 [ 13.641164] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.641256] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.641285] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.641308] ? trace_hardirqs_on+0x37/0xe0 [ 13.641331] ? kasan_bitops_generic+0x92/0x1c0 [ 13.641358] kasan_bitops_generic+0x116/0x1c0 [ 13.641386] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.641411] ? __pfx_read_tsc+0x10/0x10 [ 13.641431] ? ktime_get_ts64+0x86/0x230 [ 13.641465] kunit_try_run_case+0x1a5/0x480 [ 13.641489] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.641512] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.641535] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.641557] ? __kthread_parkme+0x82/0x180 [ 13.641577] ? preempt_count_sub+0x50/0x80 [ 13.641601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.641624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.641646] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.641669] kthread+0x337/0x6f0 [ 13.641690] ? trace_preempt_on+0x20/0xc0 [ 13.641730] ? __pfx_kthread+0x10/0x10 [ 13.641750] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.641771] ? calculate_sigpending+0x7b/0xa0 [ 13.641797] ? __pfx_kthread+0x10/0x10 [ 13.641818] ret_from_fork+0x116/0x1d0 [ 13.641835] ? __pfx_kthread+0x10/0x10 [ 13.641856] ret_from_fork_asm+0x1a/0x30 [ 13.641885] </TASK> [ 13.641896] [ 13.650274] Allocated by task 279: [ 13.650435] kasan_save_stack+0x45/0x70 [ 13.650866] kasan_save_track+0x18/0x40 [ 13.651070] kasan_save_alloc_info+0x3b/0x50 [ 13.651356] __kasan_kmalloc+0xb7/0xc0 [ 13.651511] __kmalloc_cache_noprof+0x189/0x420 [ 13.651693] kasan_bitops_generic+0x92/0x1c0 [ 13.651907] kunit_try_run_case+0x1a5/0x480 [ 13.652092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.652330] kthread+0x337/0x6f0 [ 13.652468] ret_from_fork+0x116/0x1d0 [ 13.652627] ret_from_fork_asm+0x1a/0x30 [ 13.652846] [ 13.652943] The buggy address belongs to the object at ffff88810274c280 [ 13.652943] which belongs to the cache kmalloc-16 of size 16 [ 13.653553] The buggy address is located 8 bytes inside of [ 13.653553] allocated 9-byte region [ffff88810274c280, ffff88810274c289) [ 13.654054] [ 13.654129] The buggy address belongs to the physical page: [ 13.654557] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10274c [ 13.654924] flags: 0x200000000000000(node=0|zone=2) [ 13.655167] page_type: f5(slab) [ 13.655306] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.655628] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.655920] page dumped because: kasan: bad access detected [ 13.656147] [ 13.656245] Memory state around the buggy address: [ 13.656435] ffff88810274c180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.656737] ffff88810274c200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.657092] >ffff88810274c280: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.657393] ^ [ 13.657584] ffff88810274c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.657923] ffff88810274c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.658408] ================================================================== [ 13.680143] ================================================================== [ 13.680490] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.680786] Write of size 8 at addr ffff88810274c288 by task kunit_try_catch/279 [ 13.682097] [ 13.682549] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.682597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.682609] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.682630] Call Trace: [ 13.682643] <TASK> [ 13.682657] dump_stack_lvl+0x73/0xb0 [ 13.682739] print_report+0xd1/0x650 [ 13.682762] ? __virt_addr_valid+0x1db/0x2d0 [ 13.682891] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.682917] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.682939] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.682965] kasan_report+0x141/0x180 [ 13.682987] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.683018] kasan_check_range+0x10c/0x1c0 [ 13.683041] __kasan_check_write+0x18/0x20 [ 13.683060] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.683086] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.683114] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.683139] ? trace_hardirqs_on+0x37/0xe0 [ 13.683161] ? kasan_bitops_generic+0x92/0x1c0 [ 13.683365] kasan_bitops_generic+0x116/0x1c0 [ 13.683400] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.683426] ? __pfx_read_tsc+0x10/0x10 [ 13.683447] ? ktime_get_ts64+0x86/0x230 [ 13.683484] kunit_try_run_case+0x1a5/0x480 [ 13.683508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.683529] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.683552] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.683576] ? __kthread_parkme+0x82/0x180 [ 13.683596] ? preempt_count_sub+0x50/0x80 [ 13.683620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.683643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.683665] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.683690] kthread+0x337/0x6f0 [ 13.683709] ? trace_preempt_on+0x20/0xc0 [ 13.683731] ? __pfx_kthread+0x10/0x10 [ 13.683752] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.683773] ? calculate_sigpending+0x7b/0xa0 [ 13.683796] ? __pfx_kthread+0x10/0x10 [ 13.683817] ret_from_fork+0x116/0x1d0 [ 13.683835] ? __pfx_kthread+0x10/0x10 [ 13.683856] ret_from_fork_asm+0x1a/0x30 [ 13.683886] </TASK> [ 13.683898] [ 13.699715] Allocated by task 279: [ 13.700128] kasan_save_stack+0x45/0x70 [ 13.700562] kasan_save_track+0x18/0x40 [ 13.700757] kasan_save_alloc_info+0x3b/0x50 [ 13.700909] __kasan_kmalloc+0xb7/0xc0 [ 13.701044] __kmalloc_cache_noprof+0x189/0x420 [ 13.701273] kasan_bitops_generic+0x92/0x1c0 [ 13.701676] kunit_try_run_case+0x1a5/0x480 [ 13.702103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.702693] kthread+0x337/0x6f0 [ 13.703065] ret_from_fork+0x116/0x1d0 [ 13.703440] ret_from_fork_asm+0x1a/0x30 [ 13.704110] [ 13.704356] The buggy address belongs to the object at ffff88810274c280 [ 13.704356] which belongs to the cache kmalloc-16 of size 16 [ 13.705532] The buggy address is located 8 bytes inside of [ 13.705532] allocated 9-byte region [ffff88810274c280, ffff88810274c289) [ 13.706340] [ 13.706517] The buggy address belongs to the physical page: [ 13.707037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10274c [ 13.707716] flags: 0x200000000000000(node=0|zone=2) [ 13.707890] page_type: f5(slab) [ 13.708016] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.708391] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.709088] page dumped because: kasan: bad access detected [ 13.709639] [ 13.709805] Memory state around the buggy address: [ 13.710402] ffff88810274c180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.711041] ffff88810274c200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.711906] >ffff88810274c280: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.712621] ^ [ 13.712812] ffff88810274c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.713429] ffff88810274c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.713662] ================================================================== [ 13.714610] ================================================================== [ 13.715587] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.716058] Write of size 8 at addr ffff88810274c288 by task kunit_try_catch/279 [ 13.716288] [ 13.716499] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.716547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.716559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.716581] Call Trace: [ 13.716598] <TASK> [ 13.716615] dump_stack_lvl+0x73/0xb0 [ 13.716641] print_report+0xd1/0x650 [ 13.716663] ? __virt_addr_valid+0x1db/0x2d0 [ 13.716688] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.716712] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.716735] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.716760] kasan_report+0x141/0x180 [ 13.716782] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.716812] kasan_check_range+0x10c/0x1c0 [ 13.716836] __kasan_check_write+0x18/0x20 [ 13.716854] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.716880] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.716906] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.716930] ? trace_hardirqs_on+0x37/0xe0 [ 13.716952] ? kasan_bitops_generic+0x92/0x1c0 [ 13.716979] kasan_bitops_generic+0x116/0x1c0 [ 13.717002] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.717026] ? __pfx_read_tsc+0x10/0x10 [ 13.717047] ? ktime_get_ts64+0x86/0x230 [ 13.717071] kunit_try_run_case+0x1a5/0x480 [ 13.717095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.717117] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.717140] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.717163] ? __kthread_parkme+0x82/0x180 [ 13.717183] ? preempt_count_sub+0x50/0x80 [ 13.717225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.717249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.717272] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.717294] kthread+0x337/0x6f0 [ 13.717313] ? trace_preempt_on+0x20/0xc0 [ 13.717334] ? __pfx_kthread+0x10/0x10 [ 13.717355] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.717375] ? calculate_sigpending+0x7b/0xa0 [ 13.717404] ? __pfx_kthread+0x10/0x10 [ 13.717424] ret_from_fork+0x116/0x1d0 [ 13.717443] ? __pfx_kthread+0x10/0x10 [ 13.717471] ret_from_fork_asm+0x1a/0x30 [ 13.717502] </TASK> [ 13.717513] [ 13.733560] Allocated by task 279: [ 13.733752] kasan_save_stack+0x45/0x70 [ 13.734163] kasan_save_track+0x18/0x40 [ 13.734645] kasan_save_alloc_info+0x3b/0x50 [ 13.735055] __kasan_kmalloc+0xb7/0xc0 [ 13.735598] __kmalloc_cache_noprof+0x189/0x420 [ 13.736106] kasan_bitops_generic+0x92/0x1c0 [ 13.736263] kunit_try_run_case+0x1a5/0x480 [ 13.736795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.737323] kthread+0x337/0x6f0 [ 13.737469] ret_from_fork+0x116/0x1d0 [ 13.737605] ret_from_fork_asm+0x1a/0x30 [ 13.737889] [ 13.738068] The buggy address belongs to the object at ffff88810274c280 [ 13.738068] which belongs to the cache kmalloc-16 of size 16 [ 13.739486] The buggy address is located 8 bytes inside of [ 13.739486] allocated 9-byte region [ffff88810274c280, ffff88810274c289) [ 13.740519] [ 13.740597] The buggy address belongs to the physical page: [ 13.740948] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10274c [ 13.741798] flags: 0x200000000000000(node=0|zone=2) [ 13.742345] page_type: f5(slab) [ 13.742682] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.743379] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.743960] page dumped because: kasan: bad access detected [ 13.744177] [ 13.744342] Memory state around the buggy address: [ 13.745033] ffff88810274c180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.745487] ffff88810274c200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.746179] >ffff88810274c280: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.746752] ^ [ 13.747055] ffff88810274c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.747470] ffff88810274c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.748180] ================================================================== [ 13.780339] ================================================================== [ 13.780657] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.781058] Write of size 8 at addr ffff88810274c288 by task kunit_try_catch/279 [ 13.781321] [ 13.781433] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.781650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.781663] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.781697] Call Trace: [ 13.781708] <TASK> [ 13.781723] dump_stack_lvl+0x73/0xb0 [ 13.781752] print_report+0xd1/0x650 [ 13.781774] ? __virt_addr_valid+0x1db/0x2d0 [ 13.781796] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.781821] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.781843] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.781869] kasan_report+0x141/0x180 [ 13.781891] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.781923] kasan_check_range+0x10c/0x1c0 [ 13.781947] __kasan_check_write+0x18/0x20 [ 13.781966] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.781990] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.782016] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.782039] ? trace_hardirqs_on+0x37/0xe0 [ 13.782060] ? kasan_bitops_generic+0x92/0x1c0 [ 13.782088] kasan_bitops_generic+0x116/0x1c0 [ 13.782110] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.782135] ? __pfx_read_tsc+0x10/0x10 [ 13.782154] ? ktime_get_ts64+0x86/0x230 [ 13.782178] kunit_try_run_case+0x1a5/0x480 [ 13.782251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.782276] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.782298] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.782320] ? __kthread_parkme+0x82/0x180 [ 13.782341] ? preempt_count_sub+0x50/0x80 [ 13.782363] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.782386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.782410] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.782433] kthread+0x337/0x6f0 [ 13.782466] ? trace_preempt_on+0x20/0xc0 [ 13.782488] ? __pfx_kthread+0x10/0x10 [ 13.782508] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.782529] ? calculate_sigpending+0x7b/0xa0 [ 13.782551] ? __pfx_kthread+0x10/0x10 [ 13.782573] ret_from_fork+0x116/0x1d0 [ 13.782591] ? __pfx_kthread+0x10/0x10 [ 13.782611] ret_from_fork_asm+0x1a/0x30 [ 13.782641] </TASK> [ 13.782654] [ 13.795080] Allocated by task 279: [ 13.795519] kasan_save_stack+0x45/0x70 [ 13.795714] kasan_save_track+0x18/0x40 [ 13.795898] kasan_save_alloc_info+0x3b/0x50 [ 13.796475] __kasan_kmalloc+0xb7/0xc0 [ 13.796835] __kmalloc_cache_noprof+0x189/0x420 [ 13.797151] kasan_bitops_generic+0x92/0x1c0 [ 13.797774] kunit_try_run_case+0x1a5/0x480 [ 13.798329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.799013] kthread+0x337/0x6f0 [ 13.799440] ret_from_fork+0x116/0x1d0 [ 13.799843] ret_from_fork_asm+0x1a/0x30 [ 13.800118] [ 13.800348] The buggy address belongs to the object at ffff88810274c280 [ 13.800348] which belongs to the cache kmalloc-16 of size 16 [ 13.801553] The buggy address is located 8 bytes inside of [ 13.801553] allocated 9-byte region [ffff88810274c280, ffff88810274c289) [ 13.802053] [ 13.802473] The buggy address belongs to the physical page: [ 13.803062] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10274c [ 13.803780] flags: 0x200000000000000(node=0|zone=2) [ 13.804418] page_type: f5(slab) [ 13.804631] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.805151] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.805826] page dumped because: kasan: bad access detected [ 13.806007] [ 13.806081] Memory state around the buggy address: [ 13.806348] ffff88810274c180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.807100] ffff88810274c200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.807863] >ffff88810274c280: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.808730] ^ [ 13.809067] ffff88810274c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.809314] ffff88810274c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.809758] ================================================================== [ 13.658831] ================================================================== [ 13.659171] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.659636] Write of size 8 at addr ffff88810274c288 by task kunit_try_catch/279 [ 13.660001] [ 13.660113] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc4 #1 PREEMPT(voluntary) [ 13.660156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.660168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.660249] Call Trace: [ 13.660265] <TASK> [ 13.660281] dump_stack_lvl+0x73/0xb0 [ 13.660308] print_report+0xd1/0x650 [ 13.660329] ? __virt_addr_valid+0x1db/0x2d0 [ 13.660350] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.660375] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.660397] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.660422] kasan_report+0x141/0x180 [ 13.660444] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.660483] kasan_check_range+0x10c/0x1c0 [ 13.660507] __kasan_check_write+0x18/0x20 [ 13.660526] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.660551] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.660577] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.660601] ? trace_hardirqs_on+0x37/0xe0 [ 13.660622] ? kasan_bitops_generic+0x92/0x1c0 [ 13.660649] kasan_bitops_generic+0x116/0x1c0 [ 13.660672] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.660696] ? __pfx_read_tsc+0x10/0x10 [ 13.660716] ? ktime_get_ts64+0x86/0x230 [ 13.660739] kunit_try_run_case+0x1a5/0x480 [ 13.660762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.660784] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.660806] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.660829] ? __kthread_parkme+0x82/0x180 [ 13.660849] ? preempt_count_sub+0x50/0x80 [ 13.660872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.660895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.660920] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.660946] kthread+0x337/0x6f0 [ 13.660964] ? trace_preempt_on+0x20/0xc0 [ 13.660986] ? __pfx_kthread+0x10/0x10 [ 13.661006] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.661027] ? calculate_sigpending+0x7b/0xa0 [ 13.661051] ? __pfx_kthread+0x10/0x10 [ 13.661072] ret_from_fork+0x116/0x1d0 [ 13.661089] ? __pfx_kthread+0x10/0x10 [ 13.661109] ret_from_fork_asm+0x1a/0x30 [ 13.661139] </TASK> [ 13.661150] [ 13.669738] Allocated by task 279: [ 13.669916] kasan_save_stack+0x45/0x70 [ 13.670088] kasan_save_track+0x18/0x40 [ 13.670399] kasan_save_alloc_info+0x3b/0x50 [ 13.670592] __kasan_kmalloc+0xb7/0xc0 [ 13.670780] __kmalloc_cache_noprof+0x189/0x420 [ 13.671024] kasan_bitops_generic+0x92/0x1c0 [ 13.671316] kunit_try_run_case+0x1a5/0x480 [ 13.671539] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.671824] kthread+0x337/0x6f0 [ 13.671977] ret_from_fork+0x116/0x1d0 [ 13.672154] ret_from_fork_asm+0x1a/0x30 [ 13.672354] [ 13.672428] The buggy address belongs to the object at ffff88810274c280 [ 13.672428] which belongs to the cache kmalloc-16 of size 16 [ 13.673001] The buggy address is located 8 bytes inside of [ 13.673001] allocated 9-byte region [ffff88810274c280, ffff88810274c289) [ 13.673534] [ 13.673626] The buggy address belongs to the physical page: [ 13.673882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10274c [ 13.674174] flags: 0x200000000000000(node=0|zone=2) [ 13.674592] page_type: f5(slab) [ 13.674739] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.675089] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.675446] page dumped because: kasan: bad access detected [ 13.675705] [ 13.675801] Memory state around the buggy address: [ 13.675986] ffff88810274c180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.676362] ffff88810274c200: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.676657] >ffff88810274c280: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.676915] ^ [ 13.677039] ffff88810274c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.677356] ffff88810274c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.677723] ==================================================================