Date
July 20, 2025, 8:11 p.m.
| Environment | |
|---|---|
| qemu-arm64 | |
| qemu-x86_64 |
[ 17.606688] ================================================================== [ 17.606858] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0 [ 17.607128] Call trace: [ 17.607552] kasan_bitops_test_and_modify.constprop.0+0x25c/0xbc0 [ 17.607750] kunit_try_run_case+0x170/0x3f0 [ 17.607808] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.608405] ret_from_fork+0x10/0x20 [ 17.609178] kasan_bitops_generic+0xa0/0x1c8 [ 17.609419] kunit_generic_run_threadfn_adapter+0x88/0x100 [ 17.609843] [ 17.610061] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.610208] page_type: f5(slab) [ 17.610305] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.610359] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.610403] page dumped because: kasan: bad access detected [ 17.610520] fff00000c43b3b80: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 17.610750] >fff00000c43b3c80: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.610940] fff00000c43b3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.611112] ================================================================== [ 17.621326] ================================================================== [ 17.621381] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0 [ 17.621715] Read of size 8 at addr fff00000c43b3ca8 by task kunit_try_catch/262 [ 17.621776] [ 17.621808] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.621913] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.621950] Hardware name: linux,dummy-virt (DT) [ 17.621985] Call trace: [ 17.622009] show_stack+0x20/0x38 (C) [ 17.622059] dump_stack_lvl+0x8c/0xd0 [ 17.622128] print_report+0x118/0x5d0 [ 17.622180] kasan_report+0xdc/0x128 [ 17.622263] __asan_report_load8_noabort+0x20/0x30 [ 17.622326] kasan_bitops_test_and_modify.constprop.0+0xa3c/0xbc0 [ 17.622385] kasan_bitops_generic+0x11c/0x1c8 [ 17.622436] kunit_try_run_case+0x170/0x3f0 [ 17.622540] kthread+0x328/0x630 [ 17.623038] kasan_bitops_generic+0xa0/0x1c8 [ 17.623255] [ 17.623347] The buggy address is located 8 bytes inside of [ 17.623347] allocated 9-byte region [fff00000c43b3ca0, fff00000c43b3ca9) [ 17.623487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1043b3 [ 17.623772] [ 17.623834] fff00000c43b3b80: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 17.623890] fff00000c43b3c00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.623976] >fff00000c43b3c80: 00 04 fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.624070] fff00000c43b3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.624324] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa84/0xbc0 [ 17.624426] [ 17.624782] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.624868] Call trace: [ 17.625269] kasan_bitops_generic+0x11c/0x1c8 [ 17.625422] kthread+0x328/0x630 [ 17.625608] kasan_save_track+0x20/0x40 [ 17.625931] __kmalloc_cache_noprof+0x16c/0x3c0 [ 17.626111] kunit_try_run_case+0x170/0x3f0 [ 17.626213] kthread+0x328/0x630 [ 17.626388] The buggy address is located 8 bytes inside of [ 17.626388] allocated 9-byte region [fff00000c43b3ca0, fff00000c43b3ca9) [ 17.626462] [ 17.626550] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1043b3 [ 17.626639] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.626728] page_type: f5(slab) [ 17.626774] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000 [ 17.626830] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.627390] fff00000c43b3b80: 00 05 fc fc fa fb fc fc 00 02 fc fc fa fb fc fc [ 17.627458] fff00000c43b3c00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.627614] ^ [ 17.627784] fff00000c43b3d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.632583] ok 63 kasan_bitops_generic [ 17.635171] ok 64 kasan_bitops_tags # SKIP Test requires CONFIG_KASAN_GENERIC=n [ 17.636528] Read of size 4 at addr fff00000c767ae30 by task kunit_try_catch/266 [ 17.636615] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT [ 17.636982] __asan_report_load4_noabort+0x20/0x30 [ 17.638142] kthread+0x328/0x630 [ 17.638418] [ 17.638648] kasan_save_alloc_info+0x40/0x58 [ 17.639305] kthread+0x328/0x630 [ 17.639352] ret_from_fork+0x10/0x20 [ 17.639800] The buggy address is located 0 bytes to the right of [ 17.639800] allocated 48-byte region [fff00000c767ae00, fff00000c767ae30) [ 17.639977] [ 17.640037] The buggy address belongs to the physical page: [ 17.640106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10767a [ 17.640293] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff) [ 17.640502] page_type: f5(slab) [ 17.640624] raw: 0bfffe0000000000 fff00000c00018c0 dead000000000122 0000000000000000 [ 17.640748] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.640973] [ 17.641125] fff00000c767ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.641392] ^ [ 17.641708] fff00000c767af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.643482] ==================================================================
[ 15.176172] ================================================================== [ 15.176560] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.177122] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.177406] [ 15.177535] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.177582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.177594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.177615] Call Trace: [ 15.177632] <TASK> [ 15.177648] dump_stack_lvl+0x73/0xb0 [ 15.177679] print_report+0xd1/0x610 [ 15.177702] ? __virt_addr_valid+0x1db/0x2d0 [ 15.177725] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.177753] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.177775] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.177803] kasan_report+0x141/0x180 [ 15.177825] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.177857] kasan_check_range+0x10c/0x1c0 [ 15.177880] __kasan_check_write+0x18/0x20 [ 15.177901] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 15.177936] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.177965] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.177989] ? trace_hardirqs_on+0x37/0xe0 [ 15.178011] ? kasan_bitops_generic+0x92/0x1c0 [ 15.178039] kasan_bitops_generic+0x121/0x1c0 [ 15.178063] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.178088] ? __pfx_read_tsc+0x10/0x10 [ 15.178114] ? ktime_get_ts64+0x86/0x230 [ 15.178139] kunit_try_run_case+0x1a5/0x480 [ 15.178163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.178186] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.178211] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.178236] ? __kthread_parkme+0x82/0x180 [ 15.178257] ? preempt_count_sub+0x50/0x80 [ 15.178281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.178305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.178329] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.178353] kthread+0x337/0x6f0 [ 15.178372] ? trace_preempt_on+0x20/0xc0 [ 15.178395] ? __pfx_kthread+0x10/0x10 [ 15.178416] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.178438] ? calculate_sigpending+0x7b/0xa0 [ 15.178462] ? __pfx_kthread+0x10/0x10 [ 15.178495] ret_from_fork+0x116/0x1d0 [ 15.178514] ? __pfx_kthread+0x10/0x10 [ 15.178535] ret_from_fork_asm+0x1a/0x30 [ 15.178566] </TASK> [ 15.178575] [ 15.193694] Allocated by task 279: [ 15.194189] kasan_save_stack+0x45/0x70 [ 15.194416] kasan_save_track+0x18/0x40 [ 15.194582] kasan_save_alloc_info+0x3b/0x50 [ 15.195041] __kasan_kmalloc+0xb7/0xc0 [ 15.195336] __kmalloc_cache_noprof+0x189/0x420 [ 15.195586] kasan_bitops_generic+0x92/0x1c0 [ 15.195925] kunit_try_run_case+0x1a5/0x480 [ 15.196224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.196605] kthread+0x337/0x6f0 [ 15.196907] ret_from_fork+0x116/0x1d0 [ 15.197075] ret_from_fork_asm+0x1a/0x30 [ 15.197312] [ 15.197607] The buggy address belongs to the object at ffff888102641aa0 [ 15.197607] which belongs to the cache kmalloc-16 of size 16 [ 15.198384] The buggy address is located 8 bytes inside of [ 15.198384] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.199059] [ 15.199269] The buggy address belongs to the physical page: [ 15.199562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.200093] flags: 0x200000000000000(node=0|zone=2) [ 15.200418] page_type: f5(slab) [ 15.200631] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.201091] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.201531] page dumped because: kasan: bad access detected [ 15.201920] [ 15.202002] Memory state around the buggy address: [ 15.202238] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.202574] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.203143] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.203510] ^ [ 15.203784] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.204088] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.204590] ================================================================== [ 15.266465] ================================================================== [ 15.266851] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.267318] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.267628] [ 15.267739] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.267804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.267816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.267837] Call Trace: [ 15.267854] <TASK> [ 15.267868] dump_stack_lvl+0x73/0xb0 [ 15.267897] print_report+0xd1/0x610 [ 15.267919] ? __virt_addr_valid+0x1db/0x2d0 [ 15.267942] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.267969] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.267992] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.268043] kasan_report+0x141/0x180 [ 15.268066] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.268098] kasan_check_range+0x10c/0x1c0 [ 15.268138] __kasan_check_write+0x18/0x20 [ 15.268158] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 15.268186] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.268230] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.268255] ? trace_hardirqs_on+0x37/0xe0 [ 15.268277] ? kasan_bitops_generic+0x92/0x1c0 [ 15.268321] kasan_bitops_generic+0x121/0x1c0 [ 15.268345] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.268371] ? __pfx_read_tsc+0x10/0x10 [ 15.268392] ? ktime_get_ts64+0x86/0x230 [ 15.268416] kunit_try_run_case+0x1a5/0x480 [ 15.268440] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.268463] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.268497] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.268520] ? __kthread_parkme+0x82/0x180 [ 15.268541] ? preempt_count_sub+0x50/0x80 [ 15.268564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.268589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.268612] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.268635] kthread+0x337/0x6f0 [ 15.268656] ? trace_preempt_on+0x20/0xc0 [ 15.268678] ? __pfx_kthread+0x10/0x10 [ 15.268699] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.268721] ? calculate_sigpending+0x7b/0xa0 [ 15.268744] ? __pfx_kthread+0x10/0x10 [ 15.268801] ret_from_fork+0x116/0x1d0 [ 15.268821] ? __pfx_kthread+0x10/0x10 [ 15.268842] ret_from_fork_asm+0x1a/0x30 [ 15.268872] </TASK> [ 15.268882] [ 15.277391] Allocated by task 279: [ 15.277624] kasan_save_stack+0x45/0x70 [ 15.277775] kasan_save_track+0x18/0x40 [ 15.277970] kasan_save_alloc_info+0x3b/0x50 [ 15.278191] __kasan_kmalloc+0xb7/0xc0 [ 15.278348] __kmalloc_cache_noprof+0x189/0x420 [ 15.278624] kasan_bitops_generic+0x92/0x1c0 [ 15.278881] kunit_try_run_case+0x1a5/0x480 [ 15.279100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.279314] kthread+0x337/0x6f0 [ 15.279436] ret_from_fork+0x116/0x1d0 [ 15.279580] ret_from_fork_asm+0x1a/0x30 [ 15.279738] [ 15.279890] The buggy address belongs to the object at ffff888102641aa0 [ 15.279890] which belongs to the cache kmalloc-16 of size 16 [ 15.281952] The buggy address is located 8 bytes inside of [ 15.281952] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.282666] [ 15.282782] The buggy address belongs to the physical page: [ 15.283197] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.283544] flags: 0x200000000000000(node=0|zone=2) [ 15.284038] page_type: f5(slab) [ 15.284216] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.284638] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.285246] page dumped because: kasan: bad access detected [ 15.285615] [ 15.285866] Memory state around the buggy address: [ 15.286184] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.286578] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.287096] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.287579] ^ [ 15.287967] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.288438] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.288880] ================================================================== [ 15.336942] ================================================================== [ 15.337402] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.337796] Read of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.338146] [ 15.338265] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.338311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.338322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.338347] Call Trace: [ 15.338364] <TASK> [ 15.338379] dump_stack_lvl+0x73/0xb0 [ 15.338411] print_report+0xd1/0x610 [ 15.338434] ? __virt_addr_valid+0x1db/0x2d0 [ 15.338458] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.338501] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.338524] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.338552] kasan_report+0x141/0x180 [ 15.338574] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.338608] __asan_report_load8_noabort+0x18/0x20 [ 15.338633] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 15.338661] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.338690] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.338715] ? trace_hardirqs_on+0x37/0xe0 [ 15.338737] ? kasan_bitops_generic+0x92/0x1c0 [ 15.338765] kasan_bitops_generic+0x121/0x1c0 [ 15.338796] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.338823] ? __pfx_read_tsc+0x10/0x10 [ 15.338845] ? ktime_get_ts64+0x86/0x230 [ 15.338869] kunit_try_run_case+0x1a5/0x480 [ 15.338894] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.338917] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.338941] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.338967] ? __kthread_parkme+0x82/0x180 [ 15.338988] ? preempt_count_sub+0x50/0x80 [ 15.339012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.339037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.339061] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.339085] kthread+0x337/0x6f0 [ 15.339105] ? trace_preempt_on+0x20/0xc0 [ 15.339128] ? __pfx_kthread+0x10/0x10 [ 15.339149] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.339172] ? calculate_sigpending+0x7b/0xa0 [ 15.339196] ? __pfx_kthread+0x10/0x10 [ 15.339218] ret_from_fork+0x116/0x1d0 [ 15.339237] ? __pfx_kthread+0x10/0x10 [ 15.339259] ret_from_fork_asm+0x1a/0x30 [ 15.339290] </TASK> [ 15.339300] [ 15.347277] Allocated by task 279: [ 15.347454] kasan_save_stack+0x45/0x70 [ 15.347631] kasan_save_track+0x18/0x40 [ 15.347866] kasan_save_alloc_info+0x3b/0x50 [ 15.348045] __kasan_kmalloc+0xb7/0xc0 [ 15.348198] __kmalloc_cache_noprof+0x189/0x420 [ 15.348415] kasan_bitops_generic+0x92/0x1c0 [ 15.348630] kunit_try_run_case+0x1a5/0x480 [ 15.348877] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.349091] kthread+0x337/0x6f0 [ 15.349241] ret_from_fork+0x116/0x1d0 [ 15.349378] ret_from_fork_asm+0x1a/0x30 [ 15.349533] [ 15.349607] The buggy address belongs to the object at ffff888102641aa0 [ 15.349607] which belongs to the cache kmalloc-16 of size 16 [ 15.349964] The buggy address is located 8 bytes inside of [ 15.349964] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.350326] [ 15.350401] The buggy address belongs to the physical page: [ 15.350742] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.351536] flags: 0x200000000000000(node=0|zone=2) [ 15.351788] page_type: f5(slab) [ 15.351961] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.352311] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.352666] page dumped because: kasan: bad access detected [ 15.353097] [ 15.353170] Memory state around the buggy address: [ 15.353329] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.353558] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.353791] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.354132] ^ [ 15.354356] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.354703] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.355377] ================================================================== [ 15.246271] ================================================================== [ 15.246711] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.247146] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.247484] [ 15.247604] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.247651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.247663] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.247685] Call Trace: [ 15.247702] <TASK> [ 15.247718] dump_stack_lvl+0x73/0xb0 [ 15.247747] print_report+0xd1/0x610 [ 15.247778] ? __virt_addr_valid+0x1db/0x2d0 [ 15.247802] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.247830] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.247853] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.247881] kasan_report+0x141/0x180 [ 15.247903] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.247936] kasan_check_range+0x10c/0x1c0 [ 15.247959] __kasan_check_write+0x18/0x20 [ 15.247979] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 15.248007] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.248036] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.248062] ? trace_hardirqs_on+0x37/0xe0 [ 15.248084] ? kasan_bitops_generic+0x92/0x1c0 [ 15.248112] kasan_bitops_generic+0x121/0x1c0 [ 15.248135] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.248161] ? __pfx_read_tsc+0x10/0x10 [ 15.248182] ? ktime_get_ts64+0x86/0x230 [ 15.248206] kunit_try_run_case+0x1a5/0x480 [ 15.248230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.248254] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.248279] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.248303] ? __kthread_parkme+0x82/0x180 [ 15.248323] ? preempt_count_sub+0x50/0x80 [ 15.248347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.248372] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.248395] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.248419] kthread+0x337/0x6f0 [ 15.248438] ? trace_preempt_on+0x20/0xc0 [ 15.248461] ? __pfx_kthread+0x10/0x10 [ 15.248534] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.248556] ? calculate_sigpending+0x7b/0xa0 [ 15.248580] ? __pfx_kthread+0x10/0x10 [ 15.248603] ret_from_fork+0x116/0x1d0 [ 15.248622] ? __pfx_kthread+0x10/0x10 [ 15.248644] ret_from_fork_asm+0x1a/0x30 [ 15.248676] </TASK> [ 15.248686] [ 15.257492] Allocated by task 279: [ 15.257682] kasan_save_stack+0x45/0x70 [ 15.257943] kasan_save_track+0x18/0x40 [ 15.258122] kasan_save_alloc_info+0x3b/0x50 [ 15.258362] __kasan_kmalloc+0xb7/0xc0 [ 15.258555] __kmalloc_cache_noprof+0x189/0x420 [ 15.258814] kasan_bitops_generic+0x92/0x1c0 [ 15.259050] kunit_try_run_case+0x1a5/0x480 [ 15.259242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.259514] kthread+0x337/0x6f0 [ 15.259691] ret_from_fork+0x116/0x1d0 [ 15.259910] ret_from_fork_asm+0x1a/0x30 [ 15.260116] [ 15.260214] The buggy address belongs to the object at ffff888102641aa0 [ 15.260214] which belongs to the cache kmalloc-16 of size 16 [ 15.260716] The buggy address is located 8 bytes inside of [ 15.260716] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.261329] [ 15.261448] The buggy address belongs to the physical page: [ 15.261743] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.262149] flags: 0x200000000000000(node=0|zone=2) [ 15.262393] page_type: f5(slab) [ 15.262577] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.262962] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.263312] page dumped because: kasan: bad access detected [ 15.263584] [ 15.263681] Memory state around the buggy address: [ 15.263938] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.264270] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.264520] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.264820] ^ [ 15.265064] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.265392] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.265746] ================================================================== [ 15.289703] ================================================================== [ 15.290010] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.290372] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.291305] [ 15.291408] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.291652] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.291665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.291690] Call Trace: [ 15.291706] <TASK> [ 15.291721] dump_stack_lvl+0x73/0xb0 [ 15.291755] print_report+0xd1/0x610 [ 15.291788] ? __virt_addr_valid+0x1db/0x2d0 [ 15.291812] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.291840] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.291862] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.291890] kasan_report+0x141/0x180 [ 15.291913] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.291946] kasan_check_range+0x10c/0x1c0 [ 15.291970] __kasan_check_write+0x18/0x20 [ 15.291989] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 15.292016] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.292045] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.292069] ? trace_hardirqs_on+0x37/0xe0 [ 15.292092] ? kasan_bitops_generic+0x92/0x1c0 [ 15.292120] kasan_bitops_generic+0x121/0x1c0 [ 15.292143] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.292168] ? __pfx_read_tsc+0x10/0x10 [ 15.292191] ? ktime_get_ts64+0x86/0x230 [ 15.292215] kunit_try_run_case+0x1a5/0x480 [ 15.292241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.292264] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.292288] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.292312] ? __kthread_parkme+0x82/0x180 [ 15.292334] ? preempt_count_sub+0x50/0x80 [ 15.292357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.292382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.292405] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.292429] kthread+0x337/0x6f0 [ 15.292449] ? trace_preempt_on+0x20/0xc0 [ 15.292484] ? __pfx_kthread+0x10/0x10 [ 15.292506] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.292528] ? calculate_sigpending+0x7b/0xa0 [ 15.292552] ? __pfx_kthread+0x10/0x10 [ 15.292574] ret_from_fork+0x116/0x1d0 [ 15.292594] ? __pfx_kthread+0x10/0x10 [ 15.292615] ret_from_fork_asm+0x1a/0x30 [ 15.292646] </TASK> [ 15.292656] [ 15.305350] Allocated by task 279: [ 15.305585] kasan_save_stack+0x45/0x70 [ 15.305973] kasan_save_track+0x18/0x40 [ 15.306282] kasan_save_alloc_info+0x3b/0x50 [ 15.306623] __kasan_kmalloc+0xb7/0xc0 [ 15.307027] __kmalloc_cache_noprof+0x189/0x420 [ 15.307346] kasan_bitops_generic+0x92/0x1c0 [ 15.307566] kunit_try_run_case+0x1a5/0x480 [ 15.307766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.308263] kthread+0x337/0x6f0 [ 15.308519] ret_from_fork+0x116/0x1d0 [ 15.308854] ret_from_fork_asm+0x1a/0x30 [ 15.309077] [ 15.309183] The buggy address belongs to the object at ffff888102641aa0 [ 15.309183] which belongs to the cache kmalloc-16 of size 16 [ 15.310094] The buggy address is located 8 bytes inside of [ 15.310094] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.310729] [ 15.310834] The buggy address belongs to the physical page: [ 15.311168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.311509] flags: 0x200000000000000(node=0|zone=2) [ 15.311758] page_type: f5(slab) [ 15.312191] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.312601] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.313161] page dumped because: kasan: bad access detected [ 15.313536] [ 15.313649] Memory state around the buggy address: [ 15.314056] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.314487] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.314986] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.315410] ^ [ 15.315735] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.316246] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.316684] ================================================================== [ 15.226631] ================================================================== [ 15.227072] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.227522] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.227865] [ 15.227974] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.228018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.228029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.228049] Call Trace: [ 15.228065] <TASK> [ 15.228080] dump_stack_lvl+0x73/0xb0 [ 15.228110] print_report+0xd1/0x610 [ 15.228132] ? __virt_addr_valid+0x1db/0x2d0 [ 15.228156] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.228183] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.228205] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.228233] kasan_report+0x141/0x180 [ 15.228256] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.228309] kasan_check_range+0x10c/0x1c0 [ 15.228333] __kasan_check_write+0x18/0x20 [ 15.228352] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 15.228397] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.228426] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.228450] ? trace_hardirqs_on+0x37/0xe0 [ 15.228496] ? kasan_bitops_generic+0x92/0x1c0 [ 15.228524] kasan_bitops_generic+0x121/0x1c0 [ 15.228547] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.228572] ? __pfx_read_tsc+0x10/0x10 [ 15.228594] ? ktime_get_ts64+0x86/0x230 [ 15.228617] kunit_try_run_case+0x1a5/0x480 [ 15.228641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.228680] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.228705] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.228729] ? __kthread_parkme+0x82/0x180 [ 15.228749] ? preempt_count_sub+0x50/0x80 [ 15.228808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.228845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.228883] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.228920] kthread+0x337/0x6f0 [ 15.228941] ? trace_preempt_on+0x20/0xc0 [ 15.228963] ? __pfx_kthread+0x10/0x10 [ 15.228983] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.229005] ? calculate_sigpending+0x7b/0xa0 [ 15.229028] ? __pfx_kthread+0x10/0x10 [ 15.229050] ret_from_fork+0x116/0x1d0 [ 15.229068] ? __pfx_kthread+0x10/0x10 [ 15.229089] ret_from_fork_asm+0x1a/0x30 [ 15.229119] </TASK> [ 15.229129] [ 15.237567] Allocated by task 279: [ 15.237806] kasan_save_stack+0x45/0x70 [ 15.238056] kasan_save_track+0x18/0x40 [ 15.238259] kasan_save_alloc_info+0x3b/0x50 [ 15.238489] __kasan_kmalloc+0xb7/0xc0 [ 15.238684] __kmalloc_cache_noprof+0x189/0x420 [ 15.238945] kasan_bitops_generic+0x92/0x1c0 [ 15.239164] kunit_try_run_case+0x1a5/0x480 [ 15.239367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.239621] kthread+0x337/0x6f0 [ 15.239829] ret_from_fork+0x116/0x1d0 [ 15.240034] ret_from_fork_asm+0x1a/0x30 [ 15.240221] [ 15.240319] The buggy address belongs to the object at ffff888102641aa0 [ 15.240319] which belongs to the cache kmalloc-16 of size 16 [ 15.240885] The buggy address is located 8 bytes inside of [ 15.240885] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.241380] [ 15.241496] The buggy address belongs to the physical page: [ 15.241737] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.242124] flags: 0x200000000000000(node=0|zone=2) [ 15.242364] page_type: f5(slab) [ 15.242519] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.242796] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.243180] page dumped because: kasan: bad access detected [ 15.243452] [ 15.243558] Memory state around the buggy address: [ 15.243821] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.244152] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.244423] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.244656] ^ [ 15.244838] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.245164] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.245528] ================================================================== [ 15.205602] ================================================================== [ 15.206219] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.206756] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.207282] [ 15.207400] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.207447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.207606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.207630] Call Trace: [ 15.207642] <TASK> [ 15.207658] dump_stack_lvl+0x73/0xb0 [ 15.207691] print_report+0xd1/0x610 [ 15.207714] ? __virt_addr_valid+0x1db/0x2d0 [ 15.207737] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.207790] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.207813] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.207840] kasan_report+0x141/0x180 [ 15.207862] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.207894] kasan_check_range+0x10c/0x1c0 [ 15.207918] __kasan_check_write+0x18/0x20 [ 15.207937] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 15.207964] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.207992] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.208016] ? trace_hardirqs_on+0x37/0xe0 [ 15.208038] ? kasan_bitops_generic+0x92/0x1c0 [ 15.208065] kasan_bitops_generic+0x121/0x1c0 [ 15.208088] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.208113] ? __pfx_read_tsc+0x10/0x10 [ 15.208135] ? ktime_get_ts64+0x86/0x230 [ 15.208159] kunit_try_run_case+0x1a5/0x480 [ 15.208184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.208206] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.208230] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.208254] ? __kthread_parkme+0x82/0x180 [ 15.208275] ? preempt_count_sub+0x50/0x80 [ 15.208298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.208322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.208345] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.208369] kthread+0x337/0x6f0 [ 15.208389] ? trace_preempt_on+0x20/0xc0 [ 15.208411] ? __pfx_kthread+0x10/0x10 [ 15.208432] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.208453] ? calculate_sigpending+0x7b/0xa0 [ 15.208486] ? __pfx_kthread+0x10/0x10 [ 15.208508] ret_from_fork+0x116/0x1d0 [ 15.208526] ? __pfx_kthread+0x10/0x10 [ 15.208547] ret_from_fork_asm+0x1a/0x30 [ 15.208578] </TASK> [ 15.208587] [ 15.217868] Allocated by task 279: [ 15.218056] kasan_save_stack+0x45/0x70 [ 15.218223] kasan_save_track+0x18/0x40 [ 15.218369] kasan_save_alloc_info+0x3b/0x50 [ 15.218599] __kasan_kmalloc+0xb7/0xc0 [ 15.218840] __kmalloc_cache_noprof+0x189/0x420 [ 15.219103] kasan_bitops_generic+0x92/0x1c0 [ 15.219324] kunit_try_run_case+0x1a5/0x480 [ 15.219488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.219789] kthread+0x337/0x6f0 [ 15.219985] ret_from_fork+0x116/0x1d0 [ 15.220193] ret_from_fork_asm+0x1a/0x30 [ 15.220386] [ 15.220508] The buggy address belongs to the object at ffff888102641aa0 [ 15.220508] which belongs to the cache kmalloc-16 of size 16 [ 15.221009] The buggy address is located 8 bytes inside of [ 15.221009] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.221540] [ 15.221670] The buggy address belongs to the physical page: [ 15.221966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.222369] flags: 0x200000000000000(node=0|zone=2) [ 15.222628] page_type: f5(slab) [ 15.222831] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.223174] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.223530] page dumped because: kasan: bad access detected [ 15.223817] [ 15.223912] Memory state around the buggy address: [ 15.224138] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.224443] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.224798] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.225121] ^ [ 15.225339] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.225641] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.225888] ================================================================== [ 15.155459] ================================================================== [ 15.155774] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.156644] Write of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.156950] [ 15.157061] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.157107] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.157118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.157141] Call Trace: [ 15.157158] <TASK> [ 15.157173] dump_stack_lvl+0x73/0xb0 [ 15.157205] print_report+0xd1/0x610 [ 15.157228] ? __virt_addr_valid+0x1db/0x2d0 [ 15.157251] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.157279] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.157302] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.157329] kasan_report+0x141/0x180 [ 15.157351] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.157383] kasan_check_range+0x10c/0x1c0 [ 15.157406] __kasan_check_write+0x18/0x20 [ 15.157426] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 15.157453] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.157493] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.157584] ? trace_hardirqs_on+0x37/0xe0 [ 15.157606] ? kasan_bitops_generic+0x92/0x1c0 [ 15.157634] kasan_bitops_generic+0x121/0x1c0 [ 15.157657] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.157682] ? __pfx_read_tsc+0x10/0x10 [ 15.157704] ? ktime_get_ts64+0x86/0x230 [ 15.157728] kunit_try_run_case+0x1a5/0x480 [ 15.157752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.157775] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.157799] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.157822] ? __kthread_parkme+0x82/0x180 [ 15.157843] ? preempt_count_sub+0x50/0x80 [ 15.157866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.157891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.157914] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.157938] kthread+0x337/0x6f0 [ 15.157957] ? trace_preempt_on+0x20/0xc0 [ 15.157979] ? __pfx_kthread+0x10/0x10 [ 15.158000] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.158021] ? calculate_sigpending+0x7b/0xa0 [ 15.158045] ? __pfx_kthread+0x10/0x10 [ 15.158066] ret_from_fork+0x116/0x1d0 [ 15.158085] ? __pfx_kthread+0x10/0x10 [ 15.158112] ret_from_fork_asm+0x1a/0x30 [ 15.158143] </TASK> [ 15.158152] [ 15.166515] Allocated by task 279: [ 15.166702] kasan_save_stack+0x45/0x70 [ 15.166906] kasan_save_track+0x18/0x40 [ 15.167102] kasan_save_alloc_info+0x3b/0x50 [ 15.167502] __kasan_kmalloc+0xb7/0xc0 [ 15.167696] __kmalloc_cache_noprof+0x189/0x420 [ 15.168124] kasan_bitops_generic+0x92/0x1c0 [ 15.168344] kunit_try_run_case+0x1a5/0x480 [ 15.168567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.168879] kthread+0x337/0x6f0 [ 15.169051] ret_from_fork+0x116/0x1d0 [ 15.169244] ret_from_fork_asm+0x1a/0x30 [ 15.169447] [ 15.169553] The buggy address belongs to the object at ffff888102641aa0 [ 15.169553] which belongs to the cache kmalloc-16 of size 16 [ 15.170098] The buggy address is located 8 bytes inside of [ 15.170098] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.170592] [ 15.170675] The buggy address belongs to the physical page: [ 15.171071] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.171435] flags: 0x200000000000000(node=0|zone=2) [ 15.171671] page_type: f5(slab) [ 15.171850] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.172137] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.172377] page dumped because: kasan: bad access detected [ 15.172611] [ 15.172710] Memory state around the buggy address: [ 15.173023] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.173374] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.173614] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.173838] ^ [ 15.174000] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.174344] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.174697] ================================================================== [ 15.317522] ================================================================== [ 15.318226] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.318638] Read of size 8 at addr ffff888102641aa8 by task kunit_try_catch/279 [ 15.319330] [ 15.319671] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.16.0-rc6 #1 PREEMPT(voluntary) [ 15.319726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.319738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.319761] Call Trace: [ 15.319782] <TASK> [ 15.319799] dump_stack_lvl+0x73/0xb0 [ 15.319832] print_report+0xd1/0x610 [ 15.319856] ? __virt_addr_valid+0x1db/0x2d0 [ 15.319879] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.319907] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.319931] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.319960] kasan_report+0x141/0x180 [ 15.319983] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.320016] kasan_check_range+0x10c/0x1c0 [ 15.320040] __kasan_check_read+0x15/0x20 [ 15.320059] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 15.320088] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.320117] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.320141] ? trace_hardirqs_on+0x37/0xe0 [ 15.320164] ? kasan_bitops_generic+0x92/0x1c0 [ 15.320191] kasan_bitops_generic+0x121/0x1c0 [ 15.320215] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.320241] ? __pfx_read_tsc+0x10/0x10 [ 15.320262] ? ktime_get_ts64+0x86/0x230 [ 15.320286] kunit_try_run_case+0x1a5/0x480 [ 15.320311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.320333] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.320359] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.320382] ? __kthread_parkme+0x82/0x180 [ 15.320403] ? preempt_count_sub+0x50/0x80 [ 15.320427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.320451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.320490] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.320516] kthread+0x337/0x6f0 [ 15.320536] ? trace_preempt_on+0x20/0xc0 [ 15.320558] ? __pfx_kthread+0x10/0x10 [ 15.320578] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.320600] ? calculate_sigpending+0x7b/0xa0 [ 15.320625] ? __pfx_kthread+0x10/0x10 [ 15.320647] ret_from_fork+0x116/0x1d0 [ 15.320668] ? __pfx_kthread+0x10/0x10 [ 15.320689] ret_from_fork_asm+0x1a/0x30 [ 15.320721] </TASK> [ 15.320731] [ 15.328760] Allocated by task 279: [ 15.328934] kasan_save_stack+0x45/0x70 [ 15.329130] kasan_save_track+0x18/0x40 [ 15.329301] kasan_save_alloc_info+0x3b/0x50 [ 15.329504] __kasan_kmalloc+0xb7/0xc0 [ 15.329672] __kmalloc_cache_noprof+0x189/0x420 [ 15.329945] kasan_bitops_generic+0x92/0x1c0 [ 15.330151] kunit_try_run_case+0x1a5/0x480 [ 15.330343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.330566] kthread+0x337/0x6f0 [ 15.330705] ret_from_fork+0x116/0x1d0 [ 15.330908] ret_from_fork_asm+0x1a/0x30 [ 15.331116] [ 15.331217] The buggy address belongs to the object at ffff888102641aa0 [ 15.331217] which belongs to the cache kmalloc-16 of size 16 [ 15.331596] The buggy address is located 8 bytes inside of [ 15.331596] allocated 9-byte region [ffff888102641aa0, ffff888102641aa9) [ 15.331954] [ 15.332029] The buggy address belongs to the physical page: [ 15.332207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102641 [ 15.332564] flags: 0x200000000000000(node=0|zone=2) [ 15.332975] page_type: f5(slab) [ 15.333149] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.333508] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.333959] page dumped because: kasan: bad access detected [ 15.334187] [ 15.334260] Memory state around the buggy address: [ 15.334420] ffff888102641980: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 15.334651] ffff888102641a00: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 15.334871] >ffff888102641a80: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 15.335202] ^ [ 15.335429] ffff888102641b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.335769] ffff888102641b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.336158] ==================================================================