Date
July 8, 2025, 7:07 p.m.
| Environment | |
|---|---|
| qemu-x86_64 |
[ 15.348933] ================================================================== [ 15.349589] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.349954] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.350471] [ 15.350598] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.350646] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.350659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.350680] Call Trace: [ 15.350698] <TASK> [ 15.350717] dump_stack_lvl+0x73/0xb0 [ 15.350746] print_report+0xd1/0x650 [ 15.350769] ? __virt_addr_valid+0x1db/0x2d0 [ 15.350791] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.350818] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.350843] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.350870] kasan_report+0x141/0x180 [ 15.350891] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.350923] kasan_check_range+0x10c/0x1c0 [ 15.350946] __kasan_check_write+0x18/0x20 [ 15.350965] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.350990] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.351018] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.351056] ? trace_hardirqs_on+0x37/0xe0 [ 15.351079] ? kasan_bitops_generic+0x92/0x1c0 [ 15.351105] kasan_bitops_generic+0x121/0x1c0 [ 15.351127] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.351152] ? __pfx_read_tsc+0x10/0x10 [ 15.351175] ? ktime_get_ts64+0x86/0x230 [ 15.351199] kunit_try_run_case+0x1a5/0x480 [ 15.351223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.351245] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.351268] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.351290] ? __kthread_parkme+0x82/0x180 [ 15.351310] ? preempt_count_sub+0x50/0x80 [ 15.351333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.351356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.351744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.351817] kthread+0x337/0x6f0 [ 15.351857] ? trace_preempt_on+0x20/0xc0 [ 15.351880] ? __pfx_kthread+0x10/0x10 [ 15.351915] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.351950] ? calculate_sigpending+0x7b/0xa0 [ 15.351976] ? __pfx_kthread+0x10/0x10 [ 15.351997] ret_from_fork+0x116/0x1d0 [ 15.352029] ? __pfx_kthread+0x10/0x10 [ 15.352082] ret_from_fork_asm+0x1a/0x30 [ 15.352115] </TASK> [ 15.352128] [ 15.365758] Allocated by task 278: [ 15.366075] kasan_save_stack+0x45/0x70 [ 15.366429] kasan_save_track+0x18/0x40 [ 15.366616] kasan_save_alloc_info+0x3b/0x50 [ 15.366900] __kasan_kmalloc+0xb7/0xc0 [ 15.367298] __kmalloc_cache_noprof+0x189/0x420 [ 15.367671] kasan_bitops_generic+0x92/0x1c0 [ 15.368030] kunit_try_run_case+0x1a5/0x480 [ 15.368398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.368765] kthread+0x337/0x6f0 [ 15.368943] ret_from_fork+0x116/0x1d0 [ 15.369400] ret_from_fork_asm+0x1a/0x30 [ 15.369646] [ 15.369789] The buggy address belongs to the object at ffff8881022bacc0 [ 15.369789] which belongs to the cache kmalloc-16 of size 16 [ 15.370734] The buggy address is located 8 bytes inside of [ 15.370734] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.371603] [ 15.371718] The buggy address belongs to the physical page: [ 15.371972] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.372812] flags: 0x200000000000000(node=0|zone=2) [ 15.373207] page_type: f5(slab) [ 15.373468] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.373987] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.374498] page dumped because: kasan: bad access detected [ 15.374872] [ 15.375186] Memory state around the buggy address: [ 15.375418] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.375999] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.376573] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.376999] ^ [ 15.377381] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.377946] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.378442] ================================================================== [ 15.407890] ================================================================== [ 15.408830] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.409417] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.409991] [ 15.410297] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.410484] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.410524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.410548] Call Trace: [ 15.410567] <TASK> [ 15.410586] dump_stack_lvl+0x73/0xb0 [ 15.410618] print_report+0xd1/0x650 [ 15.410640] ? __virt_addr_valid+0x1db/0x2d0 [ 15.410664] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.410691] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.410715] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.410742] kasan_report+0x141/0x180 [ 15.410764] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.410796] kasan_check_range+0x10c/0x1c0 [ 15.410818] __kasan_check_write+0x18/0x20 [ 15.410837] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.410864] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.410891] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.410916] ? trace_hardirqs_on+0x37/0xe0 [ 15.410938] ? kasan_bitops_generic+0x92/0x1c0 [ 15.410965] kasan_bitops_generic+0x121/0x1c0 [ 15.410987] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.411011] ? __pfx_read_tsc+0x10/0x10 [ 15.411032] ? ktime_get_ts64+0x86/0x230 [ 15.411132] kunit_try_run_case+0x1a5/0x480 [ 15.411158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.411180] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.411204] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.411225] ? __kthread_parkme+0x82/0x180 [ 15.411246] ? preempt_count_sub+0x50/0x80 [ 15.411269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.411293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.411314] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.411337] kthread+0x337/0x6f0 [ 15.411355] ? trace_preempt_on+0x20/0xc0 [ 15.411375] ? __pfx_kthread+0x10/0x10 [ 15.411396] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.411417] ? calculate_sigpending+0x7b/0xa0 [ 15.411441] ? __pfx_kthread+0x10/0x10 [ 15.411463] ret_from_fork+0x116/0x1d0 [ 15.411481] ? __pfx_kthread+0x10/0x10 [ 15.411521] ret_from_fork_asm+0x1a/0x30 [ 15.411552] </TASK> [ 15.411564] [ 15.424185] Allocated by task 278: [ 15.424393] kasan_save_stack+0x45/0x70 [ 15.424587] kasan_save_track+0x18/0x40 [ 15.424769] kasan_save_alloc_info+0x3b/0x50 [ 15.424970] __kasan_kmalloc+0xb7/0xc0 [ 15.425967] __kmalloc_cache_noprof+0x189/0x420 [ 15.426427] kasan_bitops_generic+0x92/0x1c0 [ 15.426767] kunit_try_run_case+0x1a5/0x480 [ 15.426992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.427468] kthread+0x337/0x6f0 [ 15.427797] ret_from_fork+0x116/0x1d0 [ 15.427994] ret_from_fork_asm+0x1a/0x30 [ 15.428410] [ 15.428633] The buggy address belongs to the object at ffff8881022bacc0 [ 15.428633] which belongs to the cache kmalloc-16 of size 16 [ 15.429468] The buggy address is located 8 bytes inside of [ 15.429468] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.430289] [ 15.430422] The buggy address belongs to the physical page: [ 15.430839] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.431201] flags: 0x200000000000000(node=0|zone=2) [ 15.431653] page_type: f5(slab) [ 15.431952] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.432430] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.432925] page dumped because: kasan: bad access detected [ 15.433454] [ 15.433592] Memory state around the buggy address: [ 15.433963] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.434412] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.434897] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.435368] ^ [ 15.435788] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.436097] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.436657] ================================================================== [ 15.321636] ================================================================== [ 15.322285] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.322820] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.323476] [ 15.323696] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.323744] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.323757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.323778] Call Trace: [ 15.323814] <TASK> [ 15.323830] dump_stack_lvl+0x73/0xb0 [ 15.323860] print_report+0xd1/0x650 [ 15.323882] ? __virt_addr_valid+0x1db/0x2d0 [ 15.323904] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.323931] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.323957] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.323982] kasan_report+0x141/0x180 [ 15.324004] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.324036] kasan_check_range+0x10c/0x1c0 [ 15.324073] __kasan_check_write+0x18/0x20 [ 15.324092] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.324118] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.324146] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.324168] ? trace_hardirqs_on+0x37/0xe0 [ 15.324190] ? kasan_bitops_generic+0x92/0x1c0 [ 15.324218] kasan_bitops_generic+0x121/0x1c0 [ 15.324240] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.324265] ? __pfx_read_tsc+0x10/0x10 [ 15.324285] ? ktime_get_ts64+0x86/0x230 [ 15.324309] kunit_try_run_case+0x1a5/0x480 [ 15.324333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.324354] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.324378] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.324401] ? __kthread_parkme+0x82/0x180 [ 15.324421] ? preempt_count_sub+0x50/0x80 [ 15.324444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.324467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.324489] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.324512] kthread+0x337/0x6f0 [ 15.324531] ? trace_preempt_on+0x20/0xc0 [ 15.324552] ? __pfx_kthread+0x10/0x10 [ 15.324572] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.324593] ? calculate_sigpending+0x7b/0xa0 [ 15.324617] ? __pfx_kthread+0x10/0x10 [ 15.324638] ret_from_fork+0x116/0x1d0 [ 15.324655] ? __pfx_kthread+0x10/0x10 [ 15.324675] ret_from_fork_asm+0x1a/0x30 [ 15.324706] </TASK> [ 15.324718] [ 15.337701] Allocated by task 278: [ 15.338034] kasan_save_stack+0x45/0x70 [ 15.338266] kasan_save_track+0x18/0x40 [ 15.338454] kasan_save_alloc_info+0x3b/0x50 [ 15.339264] __kasan_kmalloc+0xb7/0xc0 [ 15.339803] __kmalloc_cache_noprof+0x189/0x420 [ 15.340119] kasan_bitops_generic+0x92/0x1c0 [ 15.340276] kunit_try_run_case+0x1a5/0x480 [ 15.340422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.340595] kthread+0x337/0x6f0 [ 15.340714] ret_from_fork+0x116/0x1d0 [ 15.340843] ret_from_fork_asm+0x1a/0x30 [ 15.340977] [ 15.341058] The buggy address belongs to the object at ffff8881022bacc0 [ 15.341058] which belongs to the cache kmalloc-16 of size 16 [ 15.341404] The buggy address is located 8 bytes inside of [ 15.341404] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.341761] [ 15.341838] The buggy address belongs to the physical page: [ 15.342010] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.342262] flags: 0x200000000000000(node=0|zone=2) [ 15.342428] page_type: f5(slab) [ 15.342608] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.343245] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.343757] page dumped because: kasan: bad access detected [ 15.343942] [ 15.344019] Memory state around the buggy address: [ 15.345688] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.346033] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.346375] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.346685] ^ [ 15.347507] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.347839] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.348211] ================================================================== [ 15.290864] ================================================================== [ 15.291405] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.292028] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.292508] [ 15.292872] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.292921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.292932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.292953] Call Trace: [ 15.292968] <TASK> [ 15.292983] dump_stack_lvl+0x73/0xb0 [ 15.293010] print_report+0xd1/0x650 [ 15.293326] ? __virt_addr_valid+0x1db/0x2d0 [ 15.293351] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.293381] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.293408] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.293435] kasan_report+0x141/0x180 [ 15.293458] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.293490] kasan_check_range+0x10c/0x1c0 [ 15.293513] __kasan_check_write+0x18/0x20 [ 15.293532] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.293567] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.293595] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.293619] ? trace_hardirqs_on+0x37/0xe0 [ 15.293641] ? kasan_bitops_generic+0x92/0x1c0 [ 15.293668] kasan_bitops_generic+0x121/0x1c0 [ 15.293690] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.293715] ? __pfx_read_tsc+0x10/0x10 [ 15.293735] ? ktime_get_ts64+0x86/0x230 [ 15.293759] kunit_try_run_case+0x1a5/0x480 [ 15.293784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.293806] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.293828] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.293851] ? __kthread_parkme+0x82/0x180 [ 15.293872] ? preempt_count_sub+0x50/0x80 [ 15.293895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.293919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.293942] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.293966] kthread+0x337/0x6f0 [ 15.293985] ? trace_preempt_on+0x20/0xc0 [ 15.294007] ? __pfx_kthread+0x10/0x10 [ 15.294027] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.294116] ? calculate_sigpending+0x7b/0xa0 [ 15.294145] ? __pfx_kthread+0x10/0x10 [ 15.294166] ret_from_fork+0x116/0x1d0 [ 15.294185] ? __pfx_kthread+0x10/0x10 [ 15.294206] ret_from_fork_asm+0x1a/0x30 [ 15.294236] </TASK> [ 15.294248] [ 15.308499] Allocated by task 278: [ 15.308698] kasan_save_stack+0x45/0x70 [ 15.309247] kasan_save_track+0x18/0x40 [ 15.309434] kasan_save_alloc_info+0x3b/0x50 [ 15.309912] __kasan_kmalloc+0xb7/0xc0 [ 15.310092] __kmalloc_cache_noprof+0x189/0x420 [ 15.310469] kasan_bitops_generic+0x92/0x1c0 [ 15.310811] kunit_try_run_case+0x1a5/0x480 [ 15.311052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.311552] kthread+0x337/0x6f0 [ 15.311740] ret_from_fork+0x116/0x1d0 [ 15.312058] ret_from_fork_asm+0x1a/0x30 [ 15.312357] [ 15.312441] The buggy address belongs to the object at ffff8881022bacc0 [ 15.312441] which belongs to the cache kmalloc-16 of size 16 [ 15.313627] The buggy address is located 8 bytes inside of [ 15.313627] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.314143] [ 15.314596] The buggy address belongs to the physical page: [ 15.314838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.315572] flags: 0x200000000000000(node=0|zone=2) [ 15.315822] page_type: f5(slab) [ 15.316146] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.316619] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.316936] page dumped because: kasan: bad access detected [ 15.317502] [ 15.317685] Memory state around the buggy address: [ 15.318129] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.318541] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.318845] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.319451] ^ [ 15.319764] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.320116] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.320701] ================================================================== [ 15.379127] ================================================================== [ 15.379874] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.380310] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.381192] [ 15.381325] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.381538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.381561] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.381584] Call Trace: [ 15.381603] <TASK> [ 15.381621] dump_stack_lvl+0x73/0xb0 [ 15.381653] print_report+0xd1/0x650 [ 15.381675] ? __virt_addr_valid+0x1db/0x2d0 [ 15.381698] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.381724] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.381750] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.381776] kasan_report+0x141/0x180 [ 15.381798] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.381828] kasan_check_range+0x10c/0x1c0 [ 15.381851] __kasan_check_write+0x18/0x20 [ 15.381870] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.381896] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.381923] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.381947] ? trace_hardirqs_on+0x37/0xe0 [ 15.381968] ? kasan_bitops_generic+0x92/0x1c0 [ 15.381995] kasan_bitops_generic+0x121/0x1c0 [ 15.382018] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.382115] ? __pfx_read_tsc+0x10/0x10 [ 15.382141] ? ktime_get_ts64+0x86/0x230 [ 15.382166] kunit_try_run_case+0x1a5/0x480 [ 15.382190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.382213] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.382235] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.382259] ? __kthread_parkme+0x82/0x180 [ 15.382278] ? preempt_count_sub+0x50/0x80 [ 15.382301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.382324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.382345] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.382368] kthread+0x337/0x6f0 [ 15.382386] ? trace_preempt_on+0x20/0xc0 [ 15.382407] ? __pfx_kthread+0x10/0x10 [ 15.382426] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.382446] ? calculate_sigpending+0x7b/0xa0 [ 15.382470] ? __pfx_kthread+0x10/0x10 [ 15.382510] ret_from_fork+0x116/0x1d0 [ 15.382528] ? __pfx_kthread+0x10/0x10 [ 15.382548] ret_from_fork_asm+0x1a/0x30 [ 15.382579] </TASK> [ 15.382592] [ 15.395309] Allocated by task 278: [ 15.395730] kasan_save_stack+0x45/0x70 [ 15.396024] kasan_save_track+0x18/0x40 [ 15.396435] kasan_save_alloc_info+0x3b/0x50 [ 15.396825] __kasan_kmalloc+0xb7/0xc0 [ 15.397180] __kmalloc_cache_noprof+0x189/0x420 [ 15.397397] kasan_bitops_generic+0x92/0x1c0 [ 15.397762] kunit_try_run_case+0x1a5/0x480 [ 15.398143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.398400] kthread+0x337/0x6f0 [ 15.398583] ret_from_fork+0x116/0x1d0 [ 15.398774] ret_from_fork_asm+0x1a/0x30 [ 15.398969] [ 15.399459] The buggy address belongs to the object at ffff8881022bacc0 [ 15.399459] which belongs to the cache kmalloc-16 of size 16 [ 15.400430] The buggy address is located 8 bytes inside of [ 15.400430] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.401225] [ 15.401314] The buggy address belongs to the physical page: [ 15.401762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.402262] flags: 0x200000000000000(node=0|zone=2) [ 15.402651] page_type: f5(slab) [ 15.402901] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.403427] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.403857] page dumped because: kasan: bad access detected [ 15.404427] [ 15.404523] Memory state around the buggy address: [ 15.404912] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.405250] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.405585] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.405860] ^ [ 15.406133] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.406461] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.406769] ================================================================== [ 15.496262] ================================================================== [ 15.497011] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.497515] Read of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.498420] [ 15.498550] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.498597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.498609] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.498632] Call Trace: [ 15.498651] <TASK> [ 15.498669] dump_stack_lvl+0x73/0xb0 [ 15.498722] print_report+0xd1/0x650 [ 15.498744] ? __virt_addr_valid+0x1db/0x2d0 [ 15.498768] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.498794] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.498819] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.498846] kasan_report+0x141/0x180 [ 15.498867] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.498898] kasan_check_range+0x10c/0x1c0 [ 15.498921] __kasan_check_read+0x15/0x20 [ 15.498939] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.498966] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.498993] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.499017] ? trace_hardirqs_on+0x37/0xe0 [ 15.499053] ? kasan_bitops_generic+0x92/0x1c0 [ 15.499080] kasan_bitops_generic+0x121/0x1c0 [ 15.499103] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.499126] ? __pfx_read_tsc+0x10/0x10 [ 15.499147] ? ktime_get_ts64+0x86/0x230 [ 15.499171] kunit_try_run_case+0x1a5/0x480 [ 15.499267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.499288] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.499313] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.499336] ? __kthread_parkme+0x82/0x180 [ 15.499357] ? preempt_count_sub+0x50/0x80 [ 15.499380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.499403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.499426] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.499449] kthread+0x337/0x6f0 [ 15.499468] ? trace_preempt_on+0x20/0xc0 [ 15.499490] ? __pfx_kthread+0x10/0x10 [ 15.499511] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.499532] ? calculate_sigpending+0x7b/0xa0 [ 15.499556] ? __pfx_kthread+0x10/0x10 [ 15.499576] ret_from_fork+0x116/0x1d0 [ 15.499596] ? __pfx_kthread+0x10/0x10 [ 15.499616] ret_from_fork_asm+0x1a/0x30 [ 15.499647] </TASK> [ 15.499658] [ 15.508910] Allocated by task 278: [ 15.509176] kasan_save_stack+0x45/0x70 [ 15.509425] kasan_save_track+0x18/0x40 [ 15.509664] kasan_save_alloc_info+0x3b/0x50 [ 15.509875] __kasan_kmalloc+0xb7/0xc0 [ 15.510142] __kmalloc_cache_noprof+0x189/0x420 [ 15.510556] kasan_bitops_generic+0x92/0x1c0 [ 15.510779] kunit_try_run_case+0x1a5/0x480 [ 15.510974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.511366] kthread+0x337/0x6f0 [ 15.511489] ret_from_fork+0x116/0x1d0 [ 15.511643] ret_from_fork_asm+0x1a/0x30 [ 15.511938] [ 15.512022] The buggy address belongs to the object at ffff8881022bacc0 [ 15.512022] which belongs to the cache kmalloc-16 of size 16 [ 15.512449] The buggy address is located 8 bytes inside of [ 15.512449] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.513189] [ 15.513263] The buggy address belongs to the physical page: [ 15.513433] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.514053] flags: 0x200000000000000(node=0|zone=2) [ 15.514479] page_type: f5(slab) [ 15.514683] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.514947] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.515255] page dumped because: kasan: bad access detected [ 15.515758] [ 15.515880] Memory state around the buggy address: [ 15.516223] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.516551] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.516851] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.517077] ^ [ 15.517301] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.517691] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.518031] ================================================================== [ 15.437518] ================================================================== [ 15.437865] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.438714] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.439348] [ 15.439467] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.439697] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.439713] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.439736] Call Trace: [ 15.439755] <TASK> [ 15.439774] dump_stack_lvl+0x73/0xb0 [ 15.439803] print_report+0xd1/0x650 [ 15.439825] ? __virt_addr_valid+0x1db/0x2d0 [ 15.439848] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.439874] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.439899] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.439926] kasan_report+0x141/0x180 [ 15.439946] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.439977] kasan_check_range+0x10c/0x1c0 [ 15.439999] __kasan_check_write+0x18/0x20 [ 15.440018] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.440123] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.440156] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.440181] ? trace_hardirqs_on+0x37/0xe0 [ 15.440201] ? kasan_bitops_generic+0x92/0x1c0 [ 15.440228] kasan_bitops_generic+0x121/0x1c0 [ 15.440250] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.440274] ? __pfx_read_tsc+0x10/0x10 [ 15.440294] ? ktime_get_ts64+0x86/0x230 [ 15.440318] kunit_try_run_case+0x1a5/0x480 [ 15.440342] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.440362] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.440386] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.440408] ? __kthread_parkme+0x82/0x180 [ 15.440428] ? preempt_count_sub+0x50/0x80 [ 15.440450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.440473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.440513] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.440536] kthread+0x337/0x6f0 [ 15.440554] ? trace_preempt_on+0x20/0xc0 [ 15.440575] ? __pfx_kthread+0x10/0x10 [ 15.440596] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.440615] ? calculate_sigpending+0x7b/0xa0 [ 15.440638] ? __pfx_kthread+0x10/0x10 [ 15.440660] ret_from_fork+0x116/0x1d0 [ 15.440678] ? __pfx_kthread+0x10/0x10 [ 15.440697] ret_from_fork_asm+0x1a/0x30 [ 15.440727] </TASK> [ 15.440739] [ 15.453869] Allocated by task 278: [ 15.454016] kasan_save_stack+0x45/0x70 [ 15.454515] kasan_save_track+0x18/0x40 [ 15.454708] kasan_save_alloc_info+0x3b/0x50 [ 15.455013] __kasan_kmalloc+0xb7/0xc0 [ 15.455420] __kmalloc_cache_noprof+0x189/0x420 [ 15.455653] kasan_bitops_generic+0x92/0x1c0 [ 15.455864] kunit_try_run_case+0x1a5/0x480 [ 15.456070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.456666] kthread+0x337/0x6f0 [ 15.456937] ret_from_fork+0x116/0x1d0 [ 15.457440] ret_from_fork_asm+0x1a/0x30 [ 15.457761] [ 15.457864] The buggy address belongs to the object at ffff8881022bacc0 [ 15.457864] which belongs to the cache kmalloc-16 of size 16 [ 15.458688] The buggy address is located 8 bytes inside of [ 15.458688] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.459424] [ 15.459722] The buggy address belongs to the physical page: [ 15.460135] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.460659] flags: 0x200000000000000(node=0|zone=2) [ 15.460892] page_type: f5(slab) [ 15.461242] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.461842] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.462439] page dumped because: kasan: bad access detected [ 15.462705] [ 15.462780] Memory state around the buggy address: [ 15.463294] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.463797] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.464252] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.464682] ^ [ 15.464894] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.465558] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.465974] ================================================================== [ 15.518745] ================================================================== [ 15.519061] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.519499] Read of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.519868] [ 15.520069] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.520114] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.520126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.520147] Call Trace: [ 15.520166] <TASK> [ 15.520184] dump_stack_lvl+0x73/0xb0 [ 15.520211] print_report+0xd1/0x650 [ 15.520233] ? __virt_addr_valid+0x1db/0x2d0 [ 15.520256] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.520346] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.520395] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.520422] kasan_report+0x141/0x180 [ 15.520444] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.520476] __asan_report_load8_noabort+0x18/0x20 [ 15.520500] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.520527] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.520572] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.520595] ? trace_hardirqs_on+0x37/0xe0 [ 15.520616] ? kasan_bitops_generic+0x92/0x1c0 [ 15.520644] kasan_bitops_generic+0x121/0x1c0 [ 15.520666] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.520691] ? __pfx_read_tsc+0x10/0x10 [ 15.520712] ? ktime_get_ts64+0x86/0x230 [ 15.520755] kunit_try_run_case+0x1a5/0x480 [ 15.520779] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.520801] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.520824] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.520847] ? __kthread_parkme+0x82/0x180 [ 15.520868] ? preempt_count_sub+0x50/0x80 [ 15.520891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.520914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.520936] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.520960] kthread+0x337/0x6f0 [ 15.520979] ? trace_preempt_on+0x20/0xc0 [ 15.521018] ? __pfx_kthread+0x10/0x10 [ 15.521038] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.521104] ? calculate_sigpending+0x7b/0xa0 [ 15.521131] ? __pfx_kthread+0x10/0x10 [ 15.521151] ret_from_fork+0x116/0x1d0 [ 15.521170] ? __pfx_kthread+0x10/0x10 [ 15.521209] ret_from_fork_asm+0x1a/0x30 [ 15.521242] </TASK> [ 15.521253] [ 15.530912] Allocated by task 278: [ 15.531204] kasan_save_stack+0x45/0x70 [ 15.531405] kasan_save_track+0x18/0x40 [ 15.531662] kasan_save_alloc_info+0x3b/0x50 [ 15.531875] __kasan_kmalloc+0xb7/0xc0 [ 15.532054] __kmalloc_cache_noprof+0x189/0x420 [ 15.532350] kasan_bitops_generic+0x92/0x1c0 [ 15.532600] kunit_try_run_case+0x1a5/0x480 [ 15.532841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.533161] kthread+0x337/0x6f0 [ 15.533338] ret_from_fork+0x116/0x1d0 [ 15.533523] ret_from_fork_asm+0x1a/0x30 [ 15.533684] [ 15.533757] The buggy address belongs to the object at ffff8881022bacc0 [ 15.533757] which belongs to the cache kmalloc-16 of size 16 [ 15.534735] The buggy address is located 8 bytes inside of [ 15.534735] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.535441] [ 15.535561] The buggy address belongs to the physical page: [ 15.535743] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.536179] flags: 0x200000000000000(node=0|zone=2) [ 15.536447] page_type: f5(slab) [ 15.536661] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.536996] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.537421] page dumped because: kasan: bad access detected [ 15.537686] [ 15.537775] Memory state around the buggy address: [ 15.538024] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.538558] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.538821] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.539165] ^ [ 15.539410] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.539738] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.540003] ================================================================== [ 15.466735] ================================================================== [ 15.467452] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.467973] Write of size 8 at addr ffff8881022bacc8 by task kunit_try_catch/278 [ 15.468558] [ 15.468776] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc5 #1 PREEMPT(voluntary) [ 15.468824] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.468837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.468858] Call Trace: [ 15.468876] <TASK> [ 15.468894] dump_stack_lvl+0x73/0xb0 [ 15.468923] print_report+0xd1/0x650 [ 15.468944] ? __virt_addr_valid+0x1db/0x2d0 [ 15.468966] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.468993] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.469020] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.469059] kasan_report+0x141/0x180 [ 15.469080] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.469112] kasan_check_range+0x10c/0x1c0 [ 15.469135] __kasan_check_write+0x18/0x20 [ 15.469153] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.469179] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.469206] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.469230] ? trace_hardirqs_on+0x37/0xe0 [ 15.469252] ? kasan_bitops_generic+0x92/0x1c0 [ 15.469278] kasan_bitops_generic+0x121/0x1c0 [ 15.469301] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.469325] ? __pfx_read_tsc+0x10/0x10 [ 15.469346] ? ktime_get_ts64+0x86/0x230 [ 15.469370] kunit_try_run_case+0x1a5/0x480 [ 15.469394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.469415] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.469439] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.469460] ? __kthread_parkme+0x82/0x180 [ 15.469480] ? preempt_count_sub+0x50/0x80 [ 15.469503] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.469526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.469548] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.469578] kthread+0x337/0x6f0 [ 15.469596] ? trace_preempt_on+0x20/0xc0 [ 15.469618] ? __pfx_kthread+0x10/0x10 [ 15.469638] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.469659] ? calculate_sigpending+0x7b/0xa0 [ 15.469682] ? __pfx_kthread+0x10/0x10 [ 15.469703] ret_from_fork+0x116/0x1d0 [ 15.469721] ? __pfx_kthread+0x10/0x10 [ 15.469741] ret_from_fork_asm+0x1a/0x30 [ 15.469772] </TASK> [ 15.469784] [ 15.482815] Allocated by task 278: [ 15.483374] kasan_save_stack+0x45/0x70 [ 15.483666] kasan_save_track+0x18/0x40 [ 15.483960] kasan_save_alloc_info+0x3b/0x50 [ 15.484262] __kasan_kmalloc+0xb7/0xc0 [ 15.484673] __kmalloc_cache_noprof+0x189/0x420 [ 15.484887] kasan_bitops_generic+0x92/0x1c0 [ 15.485383] kunit_try_run_case+0x1a5/0x480 [ 15.485547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.485904] kthread+0x337/0x6f0 [ 15.486433] ret_from_fork+0x116/0x1d0 [ 15.486624] ret_from_fork_asm+0x1a/0x30 [ 15.486974] [ 15.487185] The buggy address belongs to the object at ffff8881022bacc0 [ 15.487185] which belongs to the cache kmalloc-16 of size 16 [ 15.487917] The buggy address is located 8 bytes inside of [ 15.487917] allocated 9-byte region [ffff8881022bacc0, ffff8881022bacc9) [ 15.488723] [ 15.488981] The buggy address belongs to the physical page: [ 15.489413] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ba [ 15.489901] flags: 0x200000000000000(node=0|zone=2) [ 15.490311] page_type: f5(slab) [ 15.490763] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.491230] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.491712] page dumped because: kasan: bad access detected [ 15.491965] [ 15.492091] Memory state around the buggy address: [ 15.492542] ffff8881022bab80: 00 04 fc fc 00 04 fc fc 00 01 fc fc 00 01 fc fc [ 15.492861] ffff8881022bac00: 00 04 fc fc 00 04 fc fc fa fb fc fc fa fb fc fc [ 15.493430] >ffff8881022bac80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.493893] ^ [ 15.494340] ffff8881022bad00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.494956] ffff8881022bad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.495567] ==================================================================