Date
July 8, 2025, 7:07 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 21.692812] ================================================================== [ 21.693175] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 21.693279] Write of size 8 at addr fff00000c6404068 by task kunit_try_catch/261 [ 21.693689] [ 21.693750] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.693870] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.693901] Hardware name: linux,dummy-virt (DT) [ 21.693933] Call trace: [ 21.694005] show_stack+0x20/0x38 (C) [ 21.694185] dump_stack_lvl+0x8c/0xd0 [ 21.694416] print_report+0x118/0x608 [ 21.694484] kasan_report+0xdc/0x128 [ 21.694531] kasan_check_range+0x100/0x1a8 [ 21.694832] __kasan_check_write+0x20/0x30 [ 21.694902] kasan_bitops_modify.constprop.0+0x2b4/0xbc0 [ 21.694956] kasan_bitops_generic+0x110/0x1c8 [ 21.695093] kunit_try_run_case+0x170/0x3f0 [ 21.695153] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.695476] kthread+0x328/0x630 [ 21.695573] ret_from_fork+0x10/0x20 [ 21.695779] [ 21.695903] Allocated by task 261: [ 21.696126] kasan_save_stack+0x3c/0x68 [ 21.696244] kasan_save_track+0x20/0x40 [ 21.696324] kasan_save_alloc_info+0x40/0x58 [ 21.696555] __kasan_kmalloc+0xd4/0xd8 [ 21.696860] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.697007] kasan_bitops_generic+0xa0/0x1c8 [ 21.697117] kunit_try_run_case+0x170/0x3f0 [ 21.697299] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.697526] kthread+0x328/0x630 [ 21.697644] ret_from_fork+0x10/0x20 [ 21.697720] [ 21.697964] The buggy address belongs to the object at fff00000c6404060 [ 21.697964] which belongs to the cache kmalloc-16 of size 16 [ 21.698100] The buggy address is located 8 bytes inside of [ 21.698100] allocated 9-byte region [fff00000c6404060, fff00000c6404069) [ 21.698317] [ 21.698373] The buggy address belongs to the physical page: [ 21.698423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106404 [ 21.698490] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.698580] page_type: f5(slab) [ 21.698636] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.698687] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.698741] page dumped because: kasan: bad access detected [ 21.698784] [ 21.698813] Memory state around the buggy address: [ 21.698847] fff00000c6403f00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 21.698893] fff00000c6403f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.698942] >fff00000c6404000: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 21.698980] ^ [ 21.699028] fff00000c6404080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.699077] fff00000c6404100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.699117] ================================================================== [ 21.684449] ================================================================== [ 21.684512] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 21.684620] Read of size 8 at addr fff00000c6404068 by task kunit_try_catch/261 [ 21.684699] [ 21.684790] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.684872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.684901] Hardware name: linux,dummy-virt (DT) [ 21.684934] Call trace: [ 21.685164] show_stack+0x20/0x38 (C) [ 21.685734] dump_stack_lvl+0x8c/0xd0 [ 21.685803] print_report+0x118/0x608 [ 21.686121] kasan_report+0xdc/0x128 [ 21.686184] __asan_report_load8_noabort+0x20/0x30 [ 21.686237] kasan_bitops_modify.constprop.0+0xa80/0xbc0 [ 21.686290] kasan_bitops_generic+0x110/0x1c8 [ 21.686339] kunit_try_run_case+0x170/0x3f0 [ 21.686624] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.686702] kthread+0x328/0x630 [ 21.686759] ret_from_fork+0x10/0x20 [ 21.686817] [ 21.686838] Allocated by task 261: [ 21.687371] kasan_save_stack+0x3c/0x68 [ 21.687480] kasan_save_track+0x20/0x40 [ 21.687549] kasan_save_alloc_info+0x40/0x58 [ 21.687701] __kasan_kmalloc+0xd4/0xd8 [ 21.687916] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.688088] kasan_bitops_generic+0xa0/0x1c8 [ 21.688244] kunit_try_run_case+0x170/0x3f0 [ 21.688567] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.688707] kthread+0x328/0x630 [ 21.688815] ret_from_fork+0x10/0x20 [ 21.688951] [ 21.689038] The buggy address belongs to the object at fff00000c6404060 [ 21.689038] which belongs to the cache kmalloc-16 of size 16 [ 21.689162] The buggy address is located 8 bytes inside of [ 21.689162] allocated 9-byte region [fff00000c6404060, fff00000c6404069) [ 21.689311] [ 21.689378] The buggy address belongs to the physical page: [ 21.689701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106404 [ 21.689921] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.690019] page_type: f5(slab) [ 21.690385] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.690631] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.690846] page dumped because: kasan: bad access detected [ 21.690911] [ 21.690955] Memory state around the buggy address: [ 21.691016] fff00000c6403f00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 21.691158] fff00000c6403f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.691213] >fff00000c6404000: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 21.691255] ^ [ 21.691308] fff00000c6404080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.691353] fff00000c6404100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.691409] ================================================================== [ 21.674883] ================================================================== [ 21.675062] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 21.675123] Write of size 8 at addr fff00000c6404068 by task kunit_try_catch/261 [ 21.675339] [ 21.675394] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.675524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.675592] Hardware name: linux,dummy-virt (DT) [ 21.675640] Call trace: [ 21.675667] show_stack+0x20/0x38 (C) [ 21.675999] dump_stack_lvl+0x8c/0xd0 [ 21.676108] print_report+0x118/0x608 [ 21.676277] kasan_report+0xdc/0x128 [ 21.676382] kasan_check_range+0x100/0x1a8 [ 21.676539] __kasan_check_write+0x20/0x30 [ 21.676667] kasan_bitops_modify.constprop.0+0x1dc/0xbc0 [ 21.677040] kasan_bitops_generic+0x110/0x1c8 [ 21.677176] kunit_try_run_case+0x170/0x3f0 [ 21.677318] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.677433] kthread+0x328/0x630 [ 21.677506] ret_from_fork+0x10/0x20 [ 21.677795] [ 21.677825] Allocated by task 261: [ 21.678192] kasan_save_stack+0x3c/0x68 [ 21.678276] kasan_save_track+0x20/0x40 [ 21.678414] kasan_save_alloc_info+0x40/0x58 [ 21.678545] __kasan_kmalloc+0xd4/0xd8 [ 21.678937] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.679129] kasan_bitops_generic+0xa0/0x1c8 [ 21.679295] kunit_try_run_case+0x170/0x3f0 [ 21.679359] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.679422] kthread+0x328/0x630 [ 21.679831] ret_from_fork+0x10/0x20 [ 21.680021] [ 21.680125] The buggy address belongs to the object at fff00000c6404060 [ 21.680125] which belongs to the cache kmalloc-16 of size 16 [ 21.680293] The buggy address is located 8 bytes inside of [ 21.680293] allocated 9-byte region [fff00000c6404060, fff00000c6404069) [ 21.680356] [ 21.680390] The buggy address belongs to the physical page: [ 21.680586] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106404 [ 21.680697] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.680876] page_type: f5(slab) [ 21.680999] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.681095] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.681259] page dumped because: kasan: bad access detected [ 21.681343] [ 21.681366] Memory state around the buggy address: [ 21.681420] fff00000c6403f00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 21.681475] fff00000c6403f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.681684] >fff00000c6404000: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 21.681898] ^ [ 21.682268] fff00000c6404080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.682380] fff00000c6404100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.682490] ================================================================== [ 21.659227] ================================================================== [ 21.659294] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 21.659351] Write of size 8 at addr fff00000c6404068 by task kunit_try_catch/261 [ 21.659404] [ 21.659439] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.659735] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.659765] Hardware name: linux,dummy-virt (DT) [ 21.660089] Call trace: [ 21.660304] show_stack+0x20/0x38 (C) [ 21.660380] dump_stack_lvl+0x8c/0xd0 [ 21.660579] print_report+0x118/0x608 [ 21.660737] kasan_report+0xdc/0x128 [ 21.661097] kasan_check_range+0x100/0x1a8 [ 21.661222] __kasan_check_write+0x20/0x30 [ 21.661337] kasan_bitops_modify.constprop.0+0x100/0xbc0 [ 21.661671] kasan_bitops_generic+0x110/0x1c8 [ 21.662107] kunit_try_run_case+0x170/0x3f0 [ 21.662216] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.662450] kthread+0x328/0x630 [ 21.662693] ret_from_fork+0x10/0x20 [ 21.662763] [ 21.662944] Allocated by task 261: [ 21.663208] kasan_save_stack+0x3c/0x68 [ 21.663303] kasan_save_track+0x20/0x40 [ 21.663344] kasan_save_alloc_info+0x40/0x58 [ 21.663387] __kasan_kmalloc+0xd4/0xd8 [ 21.663567] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.663917] kasan_bitops_generic+0xa0/0x1c8 [ 21.664125] kunit_try_run_case+0x170/0x3f0 [ 21.664229] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.664346] kthread+0x328/0x630 [ 21.664454] ret_from_fork+0x10/0x20 [ 21.664517] [ 21.664579] The buggy address belongs to the object at fff00000c6404060 [ 21.664579] which belongs to the cache kmalloc-16 of size 16 [ 21.664793] The buggy address is located 8 bytes inside of [ 21.664793] allocated 9-byte region [fff00000c6404060, fff00000c6404069) [ 21.665007] [ 21.665047] The buggy address belongs to the physical page: [ 21.665099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106404 [ 21.665229] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.665330] page_type: f5(slab) [ 21.665571] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.665674] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.666016] page dumped because: kasan: bad access detected [ 21.666070] [ 21.666125] Memory state around the buggy address: [ 21.666167] fff00000c6403f00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 21.666215] fff00000c6403f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.666259] >fff00000c6404000: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 21.666323] ^ [ 21.666369] fff00000c6404080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.666427] fff00000c6404100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.666475] ================================================================== [ 21.669007] ================================================================== [ 21.669506] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 21.669578] Read of size 8 at addr fff00000c6404068 by task kunit_try_catch/261 [ 21.669900] [ 21.670022] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT [ 21.670122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.670152] Hardware name: linux,dummy-virt (DT) [ 21.670305] Call trace: [ 21.670363] show_stack+0x20/0x38 (C) [ 21.670544] dump_stack_lvl+0x8c/0xd0 [ 21.670610] print_report+0x118/0x608 [ 21.670688] kasan_report+0xdc/0x128 [ 21.670938] __asan_report_load8_noabort+0x20/0x30 [ 21.671008] kasan_bitops_modify.constprop.0+0xa44/0xbc0 [ 21.671062] kasan_bitops_generic+0x110/0x1c8 [ 21.671557] kunit_try_run_case+0x170/0x3f0 [ 21.671635] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.671964] kthread+0x328/0x630 [ 21.672122] ret_from_fork+0x10/0x20 [ 21.672207] [ 21.672302] Allocated by task 261: [ 21.672392] kasan_save_stack+0x3c/0x68 [ 21.672581] kasan_save_track+0x20/0x40 [ 21.672669] kasan_save_alloc_info+0x40/0x58 [ 21.672723] __kasan_kmalloc+0xd4/0xd8 [ 21.672762] __kmalloc_cache_noprof+0x16c/0x3c0 [ 21.672811] kasan_bitops_generic+0xa0/0x1c8 [ 21.672861] kunit_try_run_case+0x170/0x3f0 [ 21.672900] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 21.672945] kthread+0x328/0x630 [ 21.672990] ret_from_fork+0x10/0x20 [ 21.673027] [ 21.673049] The buggy address belongs to the object at fff00000c6404060 [ 21.673049] which belongs to the cache kmalloc-16 of size 16 [ 21.673111] The buggy address is located 8 bytes inside of [ 21.673111] allocated 9-byte region [fff00000c6404060, fff00000c6404069) [ 21.673174] [ 21.673205] The buggy address belongs to the physical page: [ 21.673254] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106404 [ 21.673308] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 21.673365] page_type: f5(slab) [ 21.673409] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 21.673466] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.673508] page dumped because: kasan: bad access detected [ 21.673552] [ 21.673582] Memory state around the buggy address: [ 21.673615] fff00000c6403f00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 21.673668] fff00000c6403f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.673734] >fff00000c6404000: fa fb fc fc fa fb fc fc 00 04 fc fc 00 01 fc fc [ 21.673775] ^ [ 21.673813] fff00000c6404080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.673856] fff00000c6404100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.673897] ==================================================================
[ 15.228371] ================================================================== [ 15.229114] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.229794] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.230576] [ 15.230699] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.230747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.230759] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.230781] Call Trace: [ 15.230800] <TASK> [ 15.230817] dump_stack_lvl+0x73/0xb0 [ 15.230848] print_report+0xd1/0x650 [ 15.230870] ? __virt_addr_valid+0x1db/0x2d0 [ 15.230894] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.230919] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.230944] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.230969] kasan_report+0x141/0x180 [ 15.230991] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.231021] kasan_check_range+0x10c/0x1c0 [ 15.231054] __kasan_check_write+0x18/0x20 [ 15.231072] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 15.231096] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.231123] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.231146] ? trace_hardirqs_on+0x37/0xe0 [ 15.231168] ? kasan_bitops_generic+0x92/0x1c0 [ 15.231194] kasan_bitops_generic+0x116/0x1c0 [ 15.231216] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.231240] ? __pfx_read_tsc+0x10/0x10 [ 15.231261] ? ktime_get_ts64+0x86/0x230 [ 15.231285] kunit_try_run_case+0x1a5/0x480 [ 15.231308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.231329] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.231352] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.231375] ? __kthread_parkme+0x82/0x180 [ 15.231394] ? preempt_count_sub+0x50/0x80 [ 15.231417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.231440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.231462] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.231484] kthread+0x337/0x6f0 [ 15.231502] ? trace_preempt_on+0x20/0xc0 [ 15.231523] ? __pfx_kthread+0x10/0x10 [ 15.231542] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.231562] ? calculate_sigpending+0x7b/0xa0 [ 15.231585] ? __pfx_kthread+0x10/0x10 [ 15.231606] ret_from_fork+0x116/0x1d0 [ 15.231623] ? __pfx_kthread+0x10/0x10 [ 15.231643] ret_from_fork_asm+0x1a/0x30 [ 15.231673] </TASK> [ 15.231685] [ 15.245688] Allocated by task 278: [ 15.245871] kasan_save_stack+0x45/0x70 [ 15.246234] kasan_save_track+0x18/0x40 [ 15.246552] kasan_save_alloc_info+0x3b/0x50 [ 15.246864] __kasan_kmalloc+0xb7/0xc0 [ 15.247240] __kmalloc_cache_noprof+0x189/0x420 [ 15.247556] kasan_bitops_generic+0x92/0x1c0 [ 15.247904] kunit_try_run_case+0x1a5/0x480 [ 15.248408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.248667] kthread+0x337/0x6f0 [ 15.248842] ret_from_fork+0x116/0x1d0 [ 15.249448] ret_from_fork_asm+0x1a/0x30 [ 15.249909] [ 15.250012] The buggy address belongs to the object at ffff8881022bacc0 [ 15.250012] which belongs to the cache kmalloc-16 of size 16 [ 15.250953] The buggy address is located 8 bytes inside of [ 15.250953] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.251818] [ 15.252034] The buggy address belongs to the physical page: [ 15.252452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.252921] flags: 0x200000000000000(node=0|zone=2) [ 15.253457] page_type: f5(slab) [ 15.253814] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.254370] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.254923] page dumped because: kasan: bad access detected [ 15.255344] [ 15.255669] Memory state around the buggy address: [ 15.255907] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.256621] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.256954] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.257338] ^ [ 15.257987] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.258461] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.259248] ================================================================== [ 15.037893] ================================================================== [ 15.038314] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.038587] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.038814] [ 15.038911] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.038958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.038970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.038992] Call Trace: [ 15.039005] <TASK> [ 15.039022] dump_stack_lvl+0x73/0xb0 [ 15.039063] print_report+0xd1/0x650 [ 15.039085] ? __virt_addr_valid+0x1db/0x2d0 [ 15.039108] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.039133] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.039158] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.039182] kasan_report+0x141/0x180 [ 15.039203] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.039232] kasan_check_range+0x10c/0x1c0 [ 15.039255] __kasan_check_write+0x18/0x20 [ 15.039273] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.039297] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.039322] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.039346] ? trace_hardirqs_on+0x37/0xe0 [ 15.039369] ? kasan_bitops_generic+0x92/0x1c0 [ 15.039395] kasan_bitops_generic+0x116/0x1c0 [ 15.039417] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.039442] ? __pfx_read_tsc+0x10/0x10 [ 15.039462] ? ktime_get_ts64+0x86/0x230 [ 15.039487] kunit_try_run_case+0x1a5/0x480 [ 15.039512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.039533] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.039558] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.039580] ? __kthread_parkme+0x82/0x180 [ 15.039600] ? preempt_count_sub+0x50/0x80 [ 15.039624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.039647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.039669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.039691] kthread+0x337/0x6f0 [ 15.039710] ? trace_preempt_on+0x20/0xc0 [ 15.039730] ? __pfx_kthread+0x10/0x10 [ 15.039750] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.039770] ? calculate_sigpending+0x7b/0xa0 [ 15.039793] ? __pfx_kthread+0x10/0x10 [ 15.039815] ret_from_fork+0x116/0x1d0 [ 15.039832] ? __pfx_kthread+0x10/0x10 [ 15.039851] ret_from_fork_asm+0x1a/0x30 [ 15.039882] </TASK> [ 15.039893] [ 15.053625] Allocated by task 278: [ 15.054184] kasan_save_stack+0x45/0x70 [ 15.054394] kasan_save_track+0x18/0x40 [ 15.054608] kasan_save_alloc_info+0x3b/0x50 [ 15.055203] __kasan_kmalloc+0xb7/0xc0 [ 15.055670] __kmalloc_cache_noprof+0x189/0x420 [ 15.055893] kasan_bitops_generic+0x92/0x1c0 [ 15.056423] kunit_try_run_case+0x1a5/0x480 [ 15.056867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.057361] kthread+0x337/0x6f0 [ 15.057763] ret_from_fork+0x116/0x1d0 [ 15.058420] ret_from_fork_asm+0x1a/0x30 [ 15.058758] [ 15.058866] The buggy address belongs to the object at ffff8881022bacc0 [ 15.058866] which belongs to the cache kmalloc-16 of size 16 [ 15.059914] The buggy address is located 8 bytes inside of [ 15.059914] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.060832] [ 15.061088] The buggy address belongs to the physical page: [ 15.061349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.061984] flags: 0x200000000000000(node=0|zone=2) [ 15.062612] page_type: f5(slab) [ 15.062792] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.063528] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.063832] page dumped because: kasan: bad access detected [ 15.064496] [ 15.064624] Memory state around the buggy address: [ 15.064849] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.065432] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.065745] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.066452] ^ [ 15.066927] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.067529] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.067804] ================================================================== [ 15.196443] ================================================================== [ 15.196685] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.197885] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.198366] [ 15.198483] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.198732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.198750] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.198773] Call Trace: [ 15.198792] <TASK> [ 15.198812] dump_stack_lvl+0x73/0xb0 [ 15.198844] print_report+0xd1/0x650 [ 15.198866] ? __virt_addr_valid+0x1db/0x2d0 [ 15.198889] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.198915] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.198940] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.198964] kasan_report+0x141/0x180 [ 15.198986] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.199015] kasan_check_range+0x10c/0x1c0 [ 15.199038] __kasan_check_write+0x18/0x20 [ 15.199068] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 15.199093] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.199118] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.199142] ? trace_hardirqs_on+0x37/0xe0 [ 15.199163] ? kasan_bitops_generic+0x92/0x1c0 [ 15.199191] kasan_bitops_generic+0x116/0x1c0 [ 15.199213] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.199237] ? __pfx_read_tsc+0x10/0x10 [ 15.199259] ? ktime_get_ts64+0x86/0x230 [ 15.199283] kunit_try_run_case+0x1a5/0x480 [ 15.199308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.199328] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.199352] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.199373] ? __kthread_parkme+0x82/0x180 [ 15.199393] ? preempt_count_sub+0x50/0x80 [ 15.199416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.199439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.199461] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.199483] kthread+0x337/0x6f0 [ 15.199501] ? trace_preempt_on+0x20/0xc0 [ 15.199522] ? __pfx_kthread+0x10/0x10 [ 15.199541] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.199561] ? calculate_sigpending+0x7b/0xa0 [ 15.199583] ? __pfx_kthread+0x10/0x10 [ 15.199604] ret_from_fork+0x116/0x1d0 [ 15.199621] ? __pfx_kthread+0x10/0x10 [ 15.199641] ret_from_fork_asm+0x1a/0x30 [ 15.199672] </TASK> [ 15.199683] [ 15.213878] Allocated by task 278: [ 15.214318] kasan_save_stack+0x45/0x70 [ 15.214720] kasan_save_track+0x18/0x40 [ 15.215008] kasan_save_alloc_info+0x3b/0x50 [ 15.215411] __kasan_kmalloc+0xb7/0xc0 [ 15.215772] __kmalloc_cache_noprof+0x189/0x420 [ 15.216292] kasan_bitops_generic+0x92/0x1c0 [ 15.216520] kunit_try_run_case+0x1a5/0x480 [ 15.216862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.217500] kthread+0x337/0x6f0 [ 15.217658] ret_from_fork+0x116/0x1d0 [ 15.218020] ret_from_fork_asm+0x1a/0x30 [ 15.218344] [ 15.218450] The buggy address belongs to the object at ffff8881022bacc0 [ 15.218450] which belongs to the cache kmalloc-16 of size 16 [ 15.219614] The buggy address is located 8 bytes inside of [ 15.219614] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.220246] [ 15.220713] The buggy address belongs to the physical page: [ 15.220974] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.221711] flags: 0x200000000000000(node=0|zone=2) [ 15.222217] page_type: f5(slab) [ 15.222393] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.222982] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.223670] page dumped because: kasan: bad access detected [ 15.224136] [ 15.224265] Memory state around the buggy address: [ 15.224727] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.225055] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.225432] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.226078] ^ [ 15.226458] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.227015] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.227518] ================================================================== [ 15.101831] ================================================================== [ 15.102609] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.102962] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.103760] [ 15.103883] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.103931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.103944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.103966] Call Trace: [ 15.103985] <TASK> [ 15.104003] dump_stack_lvl+0x73/0xb0 [ 15.104218] print_report+0xd1/0x650 [ 15.104249] ? __virt_addr_valid+0x1db/0x2d0 [ 15.104273] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.104298] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.104323] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.104348] kasan_report+0x141/0x180 [ 15.104369] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.104400] kasan_check_range+0x10c/0x1c0 [ 15.104422] __kasan_check_write+0x18/0x20 [ 15.104441] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 15.104466] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.104492] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.104532] ? trace_hardirqs_on+0x37/0xe0 [ 15.104554] ? kasan_bitops_generic+0x92/0x1c0 [ 15.104584] kasan_bitops_generic+0x116/0x1c0 [ 15.104608] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.104632] ? __pfx_read_tsc+0x10/0x10 [ 15.104652] ? ktime_get_ts64+0x86/0x230 [ 15.104676] kunit_try_run_case+0x1a5/0x480 [ 15.104699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.104721] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.104745] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.104767] ? __kthread_parkme+0x82/0x180 [ 15.104787] ? preempt_count_sub+0x50/0x80 [ 15.104811] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.104834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.104857] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.104879] kthread+0x337/0x6f0 [ 15.104897] ? trace_preempt_on+0x20/0xc0 [ 15.104918] ? __pfx_kthread+0x10/0x10 [ 15.104939] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.104959] ? calculate_sigpending+0x7b/0xa0 [ 15.104983] ? __pfx_kthread+0x10/0x10 [ 15.105004] ret_from_fork+0x116/0x1d0 [ 15.105022] ? __pfx_kthread+0x10/0x10 [ 15.105055] ret_from_fork_asm+0x1a/0x30 [ 15.105239] </TASK> [ 15.105253] [ 15.119721] Allocated by task 278: [ 15.119899] kasan_save_stack+0x45/0x70 [ 15.120440] kasan_save_track+0x18/0x40 [ 15.120707] kasan_save_alloc_info+0x3b/0x50 [ 15.120974] __kasan_kmalloc+0xb7/0xc0 [ 15.121417] __kmalloc_cache_noprof+0x189/0x420 [ 15.121832] kasan_bitops_generic+0x92/0x1c0 [ 15.122137] kunit_try_run_case+0x1a5/0x480 [ 15.122528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.122880] kthread+0x337/0x6f0 [ 15.123284] ret_from_fork+0x116/0x1d0 [ 15.123594] ret_from_fork_asm+0x1a/0x30 [ 15.123887] [ 15.124220] The buggy address belongs to the object at ffff8881022bacc0 [ 15.124220] which belongs to the cache kmalloc-16 of size 16 [ 15.124941] The buggy address is located 8 bytes inside of [ 15.124941] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.125809] [ 15.126090] The buggy address belongs to the physical page: [ 15.126526] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.126978] flags: 0x200000000000000(node=0|zone=2) [ 15.127309] page_type: f5(slab) [ 15.127659] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.128181] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.128639] page dumped because: kasan: bad access detected [ 15.128963] [ 15.129097] Memory state around the buggy address: [ 15.129694] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.130316] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.130708] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.131084] ^ [ 15.131453] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.131865] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.132342] ================================================================== [ 15.165159] ================================================================== [ 15.166158] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.166672] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.167261] [ 15.167373] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.167643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.167657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.167680] Call Trace: [ 15.167699] <TASK> [ 15.167715] dump_stack_lvl+0x73/0xb0 [ 15.167746] print_report+0xd1/0x650 [ 15.167769] ? __virt_addr_valid+0x1db/0x2d0 [ 15.167791] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.167817] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.167843] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.167867] kasan_report+0x141/0x180 [ 15.167888] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.167919] kasan_check_range+0x10c/0x1c0 [ 15.167943] __kasan_check_write+0x18/0x20 [ 15.167963] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 15.167988] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.168014] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.168037] ? trace_hardirqs_on+0x37/0xe0 [ 15.168076] ? kasan_bitops_generic+0x92/0x1c0 [ 15.168102] kasan_bitops_generic+0x116/0x1c0 [ 15.168125] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.168149] ? __pfx_read_tsc+0x10/0x10 [ 15.168168] ? ktime_get_ts64+0x86/0x230 [ 15.168192] kunit_try_run_case+0x1a5/0x480 [ 15.168215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.168236] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.168260] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.168283] ? __kthread_parkme+0x82/0x180 [ 15.168302] ? preempt_count_sub+0x50/0x80 [ 15.168325] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.168349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.168370] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.168394] kthread+0x337/0x6f0 [ 15.168411] ? trace_preempt_on+0x20/0xc0 [ 15.168432] ? __pfx_kthread+0x10/0x10 [ 15.168451] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.168471] ? calculate_sigpending+0x7b/0xa0 [ 15.168494] ? __pfx_kthread+0x10/0x10 [ 15.168514] ret_from_fork+0x116/0x1d0 [ 15.168532] ? __pfx_kthread+0x10/0x10 [ 15.168553] ret_from_fork_asm+0x1a/0x30 [ 15.168583] </TASK> [ 15.168594] [ 15.182459] Allocated by task 278: [ 15.183134] kasan_save_stack+0x45/0x70 [ 15.183336] kasan_save_track+0x18/0x40 [ 15.183706] kasan_save_alloc_info+0x3b/0x50 [ 15.184022] __kasan_kmalloc+0xb7/0xc0 [ 15.184359] __kmalloc_cache_noprof+0x189/0x420 [ 15.184761] kasan_bitops_generic+0x92/0x1c0 [ 15.185262] kunit_try_run_case+0x1a5/0x480 [ 15.185491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.186056] kthread+0x337/0x6f0 [ 15.186424] ret_from_fork+0x116/0x1d0 [ 15.186748] ret_from_fork_asm+0x1a/0x30 [ 15.187052] [ 15.187269] The buggy address belongs to the object at ffff8881022bacc0 [ 15.187269] which belongs to the cache kmalloc-16 of size 16 [ 15.188226] The buggy address is located 8 bytes inside of [ 15.188226] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.188946] [ 15.189313] The buggy address belongs to the physical page: [ 15.189565] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.190218] flags: 0x200000000000000(node=0|zone=2) [ 15.190546] page_type: f5(slab) [ 15.190726] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.191323] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.191682] page dumped because: kasan: bad access detected [ 15.191909] [ 15.192244] Memory state around the buggy address: [ 15.192796] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.193419] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.193869] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.194374] ^ [ 15.194701] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.195278] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.195733] ================================================================== [ 15.069788] ================================================================== [ 15.070368] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.070900] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.071702] [ 15.071831] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.072024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.072059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.072137] Call Trace: [ 15.072152] <TASK> [ 15.072171] dump_stack_lvl+0x73/0xb0 [ 15.072202] print_report+0xd1/0x650 [ 15.072224] ? __virt_addr_valid+0x1db/0x2d0 [ 15.072247] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.072271] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.072296] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.072321] kasan_report+0x141/0x180 [ 15.072342] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.072373] kasan_check_range+0x10c/0x1c0 [ 15.072397] __kasan_check_write+0x18/0x20 [ 15.072415] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.072440] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.072465] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.072489] ? trace_hardirqs_on+0x37/0xe0 [ 15.072511] ? kasan_bitops_generic+0x92/0x1c0 [ 15.072538] kasan_bitops_generic+0x116/0x1c0 [ 15.072560] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.072584] ? __pfx_read_tsc+0x10/0x10 [ 15.072605] ? ktime_get_ts64+0x86/0x230 [ 15.072629] kunit_try_run_case+0x1a5/0x480 [ 15.072652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.072674] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.072698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.072721] ? __kthread_parkme+0x82/0x180 [ 15.072741] ? preempt_count_sub+0x50/0x80 [ 15.072764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.072788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.072811] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.072833] kthread+0x337/0x6f0 [ 15.072852] ? trace_preempt_on+0x20/0xc0 [ 15.072873] ? __pfx_kthread+0x10/0x10 [ 15.072893] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.072914] ? calculate_sigpending+0x7b/0xa0 [ 15.072937] ? __pfx_kthread+0x10/0x10 [ 15.072958] ret_from_fork+0x116/0x1d0 [ 15.072976] ? __pfx_kthread+0x10/0x10 [ 15.072996] ret_from_fork_asm+0x1a/0x30 [ 15.073026] </TASK> [ 15.073037] [ 15.086549] Allocated by task 278: [ 15.086945] kasan_save_stack+0x45/0x70 [ 15.087239] kasan_save_track+0x18/0x40 [ 15.087709] kasan_save_alloc_info+0x3b/0x50 [ 15.087875] __kasan_kmalloc+0xb7/0xc0 [ 15.088013] __kmalloc_cache_noprof+0x189/0x420 [ 15.088353] kasan_bitops_generic+0x92/0x1c0 [ 15.088997] kunit_try_run_case+0x1a5/0x480 [ 15.090008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.090534] kthread+0x337/0x6f0 [ 15.090704] ret_from_fork+0x116/0x1d0 [ 15.090902] ret_from_fork_asm+0x1a/0x30 [ 15.091104] [ 15.091206] The buggy address belongs to the object at ffff8881022bacc0 [ 15.091206] which belongs to the cache kmalloc-16 of size 16 [ 15.092315] The buggy address is located 8 bytes inside of [ 15.092315] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.092983] [ 15.093142] The buggy address belongs to the physical page: [ 15.093623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.094716] flags: 0x200000000000000(node=0|zone=2) [ 15.095270] page_type: f5(slab) [ 15.095420] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.096063] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.096901] page dumped because: kasan: bad access detected [ 15.097406] [ 15.097858] Memory state around the buggy address: [ 15.098204] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.098771] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.099145] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.099615] ^ [ 15.099960] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.100456] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.100886] ================================================================== [ 15.133051] ================================================================== [ 15.133771] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.134381] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.135025] [ 15.135212] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.135261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.135273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.135296] Call Trace: [ 15.135315] <TASK> [ 15.135332] dump_stack_lvl+0x73/0xb0 [ 15.135362] print_report+0xd1/0x650 [ 15.135384] ? __virt_addr_valid+0x1db/0x2d0 [ 15.135407] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.135431] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.135457] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.135482] kasan_report+0x141/0x180 [ 15.135504] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.135534] kasan_check_range+0x10c/0x1c0 [ 15.135557] __kasan_check_write+0x18/0x20 [ 15.135576] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 15.135601] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.135626] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.135650] ? trace_hardirqs_on+0x37/0xe0 [ 15.135672] ? kasan_bitops_generic+0x92/0x1c0 [ 15.135699] kasan_bitops_generic+0x116/0x1c0 [ 15.135721] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.135746] ? __pfx_read_tsc+0x10/0x10 [ 15.135767] ? ktime_get_ts64+0x86/0x230 [ 15.135790] kunit_try_run_case+0x1a5/0x480 [ 15.135814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.135835] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.135859] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.135881] ? __kthread_parkme+0x82/0x180 [ 15.135901] ? preempt_count_sub+0x50/0x80 [ 15.135924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.135947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.135969] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.135993] kthread+0x337/0x6f0 [ 15.136011] ? trace_preempt_on+0x20/0xc0 [ 15.136032] ? __pfx_kthread+0x10/0x10 [ 15.136306] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.136330] ? calculate_sigpending+0x7b/0xa0 [ 15.136370] ? __pfx_kthread+0x10/0x10 [ 15.136393] ret_from_fork+0x116/0x1d0 [ 15.136411] ? __pfx_kthread+0x10/0x10 [ 15.136432] ret_from_fork_asm+0x1a/0x30 [ 15.136463] </TASK> [ 15.136474] [ 15.151079] Allocated by task 278: [ 15.151436] kasan_save_stack+0x45/0x70 [ 15.151849] kasan_save_track+0x18/0x40 [ 15.152130] kasan_save_alloc_info+0x3b/0x50 [ 15.152502] __kasan_kmalloc+0xb7/0xc0 [ 15.152795] __kmalloc_cache_noprof+0x189/0x420 [ 15.153246] kasan_bitops_generic+0x92/0x1c0 [ 15.153436] kunit_try_run_case+0x1a5/0x480 [ 15.153924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.154156] kthread+0x337/0x6f0 [ 15.154725] ret_from_fork+0x116/0x1d0 [ 15.155008] ret_from_fork_asm+0x1a/0x30 [ 15.155527] [ 15.155782] The buggy address belongs to the object at ffff8881022bacc0 [ 15.155782] which belongs to the cache kmalloc-16 of size 16 [ 15.156589] The buggy address is located 8 bytes inside of [ 15.156589] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.157525] [ 15.157623] The buggy address belongs to the physical page: [ 15.157987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.158686] flags: 0x200000000000000(node=0|zone=2) [ 15.159005] page_type: f5(slab) [ 15.159341] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.159898] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.160531] page dumped because: kasan: bad access detected [ 15.160854] [ 15.160943] Memory state around the buggy address: [ 15.161222] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.162031] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.162707] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.163237] ^ [ 15.163469] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.163959] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.164377] ================================================================== [ 15.259861] ================================================================== [ 15.260586] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.261311] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.261953] [ 15.262201] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.262353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.262370] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.262391] Call Trace: [ 15.262407] <TASK> [ 15.262425] dump_stack_lvl+0x73/0xb0 [ 15.262454] print_report+0xd1/0x650 [ 15.262476] ? __virt_addr_valid+0x1db/0x2d0 [ 15.262498] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.262523] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.262548] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.262572] kasan_report+0x141/0x180 [ 15.262595] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.262624] kasan_check_range+0x10c/0x1c0 [ 15.262647] __kasan_check_write+0x18/0x20 [ 15.262666] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 15.262689] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.262715] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.262737] ? trace_hardirqs_on+0x37/0xe0 [ 15.262757] ? kasan_bitops_generic+0x92/0x1c0 [ 15.262785] kasan_bitops_generic+0x116/0x1c0 [ 15.262808] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.262833] ? __pfx_read_tsc+0x10/0x10 [ 15.262854] ? ktime_get_ts64+0x86/0x230 [ 15.262876] kunit_try_run_case+0x1a5/0x480 [ 15.262899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.262921] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.262943] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.262965] ? __kthread_parkme+0x82/0x180 [ 15.262985] ? preempt_count_sub+0x50/0x80 [ 15.263007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.263030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.263065] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.263087] kthread+0x337/0x6f0 [ 15.263105] ? trace_preempt_on+0x20/0xc0 [ 15.263126] ? __pfx_kthread+0x10/0x10 [ 15.263145] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.263165] ? calculate_sigpending+0x7b/0xa0 [ 15.263188] ? __pfx_kthread+0x10/0x10 [ 15.263208] ret_from_fork+0x116/0x1d0 [ 15.263226] ? __pfx_kthread+0x10/0x10 [ 15.263245] ret_from_fork_asm+0x1a/0x30 [ 15.263276] </TASK> [ 15.263287] [ 15.276959] Allocated by task 278: [ 15.277643] kasan_save_stack+0x45/0x70 [ 15.277846] kasan_save_track+0x18/0x40 [ 15.278232] kasan_save_alloc_info+0x3b/0x50 [ 15.278415] __kasan_kmalloc+0xb7/0xc0 [ 15.278642] __kmalloc_cache_noprof+0x189/0x420 [ 15.278860] kasan_bitops_generic+0x92/0x1c0 [ 15.279451] kunit_try_run_case+0x1a5/0x480 [ 15.279677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.280006] kthread+0x337/0x6f0 [ 15.280356] ret_from_fork+0x116/0x1d0 [ 15.280723] ret_from_fork_asm+0x1a/0x30 [ 15.281032] [ 15.281451] The buggy address belongs to the object at ffff8881022bacc0 [ 15.281451] which belongs to the cache kmalloc-16 of size 16 [ 15.282113] The buggy address is located 8 bytes inside of [ 15.282113] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.282863] [ 15.283017] The buggy address belongs to the physical page: [ 15.283468] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.284055] flags: 0x200000000000000(node=0|zone=2) [ 15.284461] page_type: f5(slab) [ 15.284780] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.285358] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.285966] page dumped because: kasan: bad access detected [ 15.286568] [ 15.286655] Memory state around the buggy address: [ 15.286920] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.287422] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.287804] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.288396] ^ [ 15.288700] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.289395] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.289869] ==================================================================