lkft/linux-next-master - next-20250708 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop

Date

July 8, 2025, 11:10 a.m.

Environment
qemu-arm64
qemu-x86_64

[   33.646058] ==================================================================
[   33.646113] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xa48/0xbc0
[   33.646773]  kasan_report+0xdc/0x128
[   33.647270]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   33.647741]  kunit_try_run_case+0x170/0x3f0
[   33.647990] The buggy address is located 8 bytes inside of
[   33.647990]  allocated 9-byte region [fff00000c79816e0, fff00000c79816e9)
[   33.649449] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zadDcsZaTNoMt5NQDMjH9XXSjo

job_id

TEST:linaro@lkft#2zadI5o4clKZiIYYjTSUQR6tPrp

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zadI5o4clKZiIYYjTSUQR6tPrp

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zadEoX75GcVmVMiGSC6ULKasfH/Image.gz
sha256sum	1ceb4687a4dcb5a790d42769a050e5ac78ce871667067fed7f3e7960550875ba

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zadEoX75GcVmVMiGSC6ULKasfH/modules.tar.xz
sha256sum	3f48606753fbd3c6f5640d868ed22ac5af7831da8fafeb95bd8b8818bbdbc1a9

durations

tests

boot	0
kunit	170.58

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   25.758161] ==================================================================
[   25.758495] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90
[   25.759108] Write of size 8 at addr ffff88810598a268 by task kunit_try_catch/309
[   25.759453] 
[   25.759549] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250708 #1 PREEMPT(voluntary) 
[   25.759602] Tainted: [B]=BAD_PAGE, [N]=TEST
[   25.759615] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   25.759638] Call Trace:
[   25.759653]  <TASK>
[   25.759683]  dump_stack_lvl+0x73/0xb0
[   25.759718]  print_report+0xd1/0x610
[   25.759754]  ? __virt_addr_valid+0x1db/0x2d0
[   25.759781]  ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90
[   25.759812]  ? kasan_complete_mode_report_info+0x2a/0x200
[   25.759863]  ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90
[   25.759894]  kasan_report+0x141/0x180
[   25.759931]  ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90
[   25.759966]  kasan_check_range+0x10c/0x1c0
[   25.759994]  __kasan_check_write+0x18/0x20
[   25.760022]  kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90
[   25.760053]  ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10
[   25.760085]  ? __kmalloc_cache_noprof+0x189/0x420
[   25.760114]  ? trace_hardirqs_on+0x37/0xe0
[   25.760139]  ? kasan_bitops_generic+0x92/0x1c0
[   25.760170]  kasan_bitops_generic+0x121/0x1c0
[   25.760197]  ? __pfx_kasan_bitops_generic+0x10/0x10
[   25.760225]  ? __pfx_read_tsc+0x10/0x10
[   25.760262]  ? ktime_get_ts64+0x86/0x230
[   25.760290]  kunit_try_run_case+0x1a5/0x480
[   25.760314]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.760337]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   25.760360]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   25.760391]  ? __kthread_parkme+0x82/0x180
[   25.760414]  ? preempt_count_sub+0x50/0x80
[   25.760440]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.760464]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.760492]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   25.760520]  kthread+0x337/0x6f0
[   25.760543]  ? trace_preempt_on+0x20/0xc0
[   25.760568]  ? __pfx_kthread+0x10/0x10
[   25.760592]  ? _raw_spin_unlock_irq+0x47/0x80
[   25.760620]  ? calculate_sigpending+0x7b/0xa0
[   25.760649]  ? __pfx_kthread+0x10/0x10
[   25.760674]  ret_from_fork+0x116/0x1d0
[   25.760696]  ? __pfx_kthread+0x10/0x10
[   25.760721]  ret_from_fork_asm+0x1a/0x30
[   25.760757]  </TASK>
[   25.760769] 
[   25.770161] Allocated by task 309:
[   25.770369]  kasan_save_stack+0x45/0x70
[   25.770603]  kasan_save_track+0x18/0x40
[   25.770773]  kasan_save_alloc_info+0x3b/0x50
[   25.771105]  __kasan_kmalloc+0xb7/0xc0
[   25.771312]  __kmalloc_cache_noprof+0x189/0x420
[   25.771469]  kasan_bitops_generic+0x92/0x1c0
[   25.771617]  kunit_try_run_case+0x1a5/0x480
[   25.771792]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.772055]  kthread+0x337/0x6f0
[   25.772234]  ret_from_fork+0x116/0x1d0
[   25.772415]  ret_from_fork_asm+0x1a/0x30
[   25.772553] 
[   25.772619] The buggy address belongs to the object at ffff88810598a260
[   25.772619]  which belongs to the cache kmalloc-16 of size 16
[   25.773519] The buggy address is located 8 bytes inside of
[   25.773519]  allocated 9-byte region [ffff88810598a260, ffff88810598a269)
[   25.774055] 
[   25.774164] The buggy address belongs to the physical page:
[   25.774411] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10598a
[   25.774720] flags: 0x200000000000000(node=0|zone=2)
[   25.775048] page_type: f5(slab)
[   25.775202] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000
[   25.775540] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[   25.775800] page dumped because: kasan: bad access detected
[   25.776079] 
[   25.776164] Memory state around the buggy address:
[   25.776369]  ffff88810598a100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[   25.776667]  ffff88810598a180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[   25.776983] >ffff88810598a200: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc
[   25.777284]                                                           ^
[   25.777562]  ffff88810598a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.777892]  ffff88810598a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.778182] ==================================================================
[   25.651258] ==================================================================
[   25.651578] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90
[   25.652497] Write of size 8 at addr ffff88810598a268 by task kunit_try_catch/309
[   25.653225] 
[   25.653363] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250708 #1 PREEMPT(voluntary) 
[   25.653418] Tainted: [B]=BAD_PAGE, [N]=TEST
[   25.653431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   25.653455] Call Trace:
[   25.653477]  <TASK>
[   25.653497]  dump_stack_lvl+0x73/0xb0
[   25.653532]  print_report+0xd1/0x610
[   25.653557]  ? __virt_addr_valid+0x1db/0x2d0
[   25.653584]  ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90
[   25.653614]  ? kasan_complete_mode_report_info+0x2a/0x200
[   25.653645]  ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90
[   25.653676]  kasan_report+0x141/0x180
[   25.653700]  ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90
[   25.653736]  kasan_check_range+0x10c/0x1c0
[   25.653762]  __kasan_check_write+0x18/0x20
[   25.653790]  kasan_bitops_test_and_modify.constprop.0+0x101/0xd90
[   25.653821]  ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10
[   25.653852]  ? __kmalloc_cache_noprof+0x189/0x420
[   25.653910]  ? trace_hardirqs_on+0x37/0xe0
[   25.653936]  ? kasan_bitops_generic+0x92/0x1c0
[   25.653967]  kasan_bitops_generic+0x121/0x1c0
[   25.653994]  ? __pfx_kasan_bitops_generic+0x10/0x10
[   25.654023]  ? __pfx_read_tsc+0x10/0x10
[   25.654050]  ? ktime_get_ts64+0x86/0x230
[   25.654078]  kunit_try_run_case+0x1a5/0x480
[   25.654103]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.654125]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   25.654148]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   25.654179]  ? __kthread_parkme+0x82/0x180
[   25.654204]  ? preempt_count_sub+0x50/0x80
[   25.654230]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.654265]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.654293]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   25.654322]  kthread+0x337/0x6f0
[   25.654345]  ? trace_preempt_on+0x20/0xc0
[   25.654370]  ? __pfx_kthread+0x10/0x10
[   25.654394]  ? _raw_spin_unlock_irq+0x47/0x80
[   25.654424]  ? calculate_sigpending+0x7b/0xa0
[   25.654453]  ? __pfx_kthread+0x10/0x10
[   25.654480]  ret_from_fork+0x116/0x1d0
[   25.654502]  ? __pfx_kthread+0x10/0x10
[   25.654526]  ret_from_fork_asm+0x1a/0x30
[   25.654562]  </TASK>
[   25.654574] 
[   25.662254] Allocated by task 309:
[   25.662424]  kasan_save_stack+0x45/0x70
[   25.662616]  kasan_save_track+0x18/0x40
[   25.662802]  kasan_save_alloc_info+0x3b/0x50
[   25.662982]  __kasan_kmalloc+0xb7/0xc0
[   25.663176]  __kmalloc_cache_noprof+0x189/0x420
[   25.663341]  kasan_bitops_generic+0x92/0x1c0
[   25.663541]  kunit_try_run_case+0x1a5/0x480
[   25.663738]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.664007]  kthread+0x337/0x6f0
[   25.664124]  ret_from_fork+0x116/0x1d0
[   25.664260]  ret_from_fork_asm+0x1a/0x30
[   25.664393] 
[   25.664457] The buggy address belongs to the object at ffff88810598a260
[   25.664457]  which belongs to the cache kmalloc-16 of size 16
[   25.664925] The buggy address is located 8 bytes inside of
[   25.664925]  allocated 9-byte region [ffff88810598a260, ffff88810598a269)
[   25.665674] 
[   25.665742] The buggy address belongs to the physical page:
[   25.665903] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10598a
[   25.666131] flags: 0x200000000000000(node=0|zone=2)
[   25.666418] page_type: f5(slab)
[   25.666584] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000
[   25.667051] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[   25.667415] page dumped because: kasan: bad access detected
[   25.667642] 
[   25.667740] Memory state around the buggy address:
[   25.667973]  ffff88810598a100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[   25.668254]  ffff88810598a180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[   25.668464] >ffff88810598a200: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc
[   25.668709]                                                           ^
[   25.668988]  ffff88810598a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.669453]  ffff88810598a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.669687] ==================================================================
[   25.800720] ==================================================================
[   25.801029] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90
[   25.801406] Read of size 8 at addr ffff88810598a268 by task kunit_try_catch/309
[   25.801692] 
[   25.801803] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250708 #1 PREEMPT(voluntary) 
[   25.801855] Tainted: [B]=BAD_PAGE, [N]=TEST
[   25.801867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   25.801890] Call Trace:
[   25.801909]  <TASK>
[   25.801928]  dump_stack_lvl+0x73/0xb0
[   25.801959]  print_report+0xd1/0x610
[   25.801984]  ? __virt_addr_valid+0x1db/0x2d0
[   25.802011]  ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90
[   25.802041]  ? kasan_complete_mode_report_info+0x2a/0x200
[   25.802071]  ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90
[   25.802101]  kasan_report+0x141/0x180
[   25.802125]  ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90
[   25.802160]  kasan_check_range+0x10c/0x1c0
[   25.802187]  __kasan_check_read+0x15/0x20
[   25.802213]  kasan_bitops_test_and_modify.constprop.0+0x557/0xd90
[   25.802676]  ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10
[   25.802721]  ? __kmalloc_cache_noprof+0x189/0x420
[   25.802749]  ? trace_hardirqs_on+0x37/0xe0
[   25.802791]  ? kasan_bitops_generic+0x92/0x1c0
[   25.802823]  kasan_bitops_generic+0x121/0x1c0
[   25.802851]  ? __pfx_kasan_bitops_generic+0x10/0x10
[   25.802879]  ? __pfx_read_tsc+0x10/0x10
[   25.802904]  ? ktime_get_ts64+0x86/0x230
[   25.802933]  kunit_try_run_case+0x1a5/0x480
[   25.802957]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.802979]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   25.803003]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   25.803033]  ? __kthread_parkme+0x82/0x180
[   25.803055]  ? preempt_count_sub+0x50/0x80
[   25.803081]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.803106]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.803134]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   25.803163]  kthread+0x337/0x6f0
[   25.803186]  ? trace_preempt_on+0x20/0xc0
[   25.803211]  ? __pfx_kthread+0x10/0x10
[   25.803235]  ? _raw_spin_unlock_irq+0x47/0x80
[   25.803278]  ? calculate_sigpending+0x7b/0xa0
[   25.803307]  ? __pfx_kthread+0x10/0x10
[   25.803332]  ret_from_fork+0x116/0x1d0
[   25.803354]  ? __pfx_kthread+0x10/0x10
[   25.803378]  ret_from_fork_asm+0x1a/0x30
[   25.803414]  </TASK>
[   25.803427] 
[   25.812661] Allocated by task 309:
[   25.812809]  kasan_save_stack+0x45/0x70
[   25.813253]  kasan_save_track+0x18/0x40
[   25.813528]  kasan_save_alloc_info+0x3b/0x50
[   25.813732]  __kasan_kmalloc+0xb7/0xc0
[   25.814048]  __kmalloc_cache_noprof+0x189/0x420
[   25.814349]  kasan_bitops_generic+0x92/0x1c0
[   25.814677]  kunit_try_run_case+0x1a5/0x480
[   25.814985]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.815228]  kthread+0x337/0x6f0
[   25.815401]  ret_from_fork+0x116/0x1d0
[   25.815576]  ret_from_fork_asm+0x1a/0x30
[   25.815756] 
[   25.815823] The buggy address belongs to the object at ffff88810598a260
[   25.815823]  which belongs to the cache kmalloc-16 of size 16
[   25.816563] The buggy address is located 8 bytes inside of
[   25.816563]  allocated 9-byte region [ffff88810598a260, ffff88810598a269)
[   25.817209] 
[   25.817317] The buggy address belongs to the physical page:
[   25.817508] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10598a
[   25.817990] flags: 0x200000000000000(node=0|zone=2)
[   25.818166] page_type: f5(slab)
[   25.818339] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000
[   25.818669] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[   25.818967] page dumped because: kasan: bad access detected
[   25.819184] 
[   25.819281] Memory state around the buggy address:
[   25.819501]  ffff88810598a100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[   25.819742]  ffff88810598a180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[   25.820052] >ffff88810598a200: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc
[   25.820585]                                                           ^
[   25.821185]  ffff88810598a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.821519]  ffff88810598a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.821812] ==================================================================
[   25.779190] ==================================================================
[   25.779758] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90
[   25.780155] Write of size 8 at addr ffff88810598a268 by task kunit_try_catch/309
[   25.780468] 
[   25.780596] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250708 #1 PREEMPT(voluntary) 
[   25.780648] Tainted: [B]=BAD_PAGE, [N]=TEST
[   25.780660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   25.780683] Call Trace:
[   25.780712]  <TASK>
[   25.780731]  dump_stack_lvl+0x73/0xb0
[   25.780764]  print_report+0xd1/0x610
[   25.780801]  ? __virt_addr_valid+0x1db/0x2d0
[   25.780837]  ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90
[   25.780877]  ? kasan_complete_mode_report_info+0x2a/0x200
[   25.780908]  ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90
[   25.780949]  kasan_report+0x141/0x180
[   25.780974]  ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90
[   25.781009]  kasan_check_range+0x10c/0x1c0
[   25.781037]  __kasan_check_write+0x18/0x20
[   25.781065]  kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90
[   25.781104]  ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10
[   25.781136]  ? __kmalloc_cache_noprof+0x189/0x420
[   25.781174]  ? trace_hardirqs_on+0x37/0xe0
[   25.781203]  ? kasan_bitops_generic+0x92/0x1c0
[   25.781234]  kasan_bitops_generic+0x121/0x1c0
[   25.781281]  ? __pfx_kasan_bitops_generic+0x10/0x10
[   25.781310]  ? __pfx_read_tsc+0x10/0x10
[   25.781336]  ? ktime_get_ts64+0x86/0x230
[   25.781375]  kunit_try_run_case+0x1a5/0x480
[   25.781399]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.781421]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   25.781444]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   25.781475]  ? __kthread_parkme+0x82/0x180
[   25.781498]  ? preempt_count_sub+0x50/0x80
[   25.781525]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.781549]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.781586]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   25.781615]  kthread+0x337/0x6f0
[   25.781638]  ? trace_preempt_on+0x20/0xc0
[   25.781674]  ? __pfx_kthread+0x10/0x10
[   25.781698]  ? _raw_spin_unlock_irq+0x47/0x80
[   25.781727]  ? calculate_sigpending+0x7b/0xa0
[   25.781756]  ? __pfx_kthread+0x10/0x10
[   25.781781]  ret_from_fork+0x116/0x1d0
[   25.781812]  ? __pfx_kthread+0x10/0x10
[   25.781845]  ret_from_fork_asm+0x1a/0x30
[   25.781891]  </TASK>
[   25.781904] 
[   25.790141] Allocated by task 309:
[   25.790294]  kasan_save_stack+0x45/0x70
[   25.790512]  kasan_save_track+0x18/0x40
[   25.790699]  kasan_save_alloc_info+0x3b/0x50
[   25.790903]  __kasan_kmalloc+0xb7/0xc0
[   25.791087]  __kmalloc_cache_noprof+0x189/0x420
[   25.791320]  kasan_bitops_generic+0x92/0x1c0
[   25.791496]  kunit_try_run_case+0x1a5/0x480
[   25.791636]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.791965]  kthread+0x337/0x6f0
[   25.792133]  ret_from_fork+0x116/0x1d0
[   25.792309]  ret_from_fork_asm+0x1a/0x30
[   25.792515] 
[   25.792604] The buggy address belongs to the object at ffff88810598a260
[   25.792604]  which belongs to the cache kmalloc-16 of size 16
[   25.793233] The buggy address is located 8 bytes inside of
[   25.793233]  allocated 9-byte region [ffff88810598a260, ffff88810598a269)
[   25.793715] 
[   25.793828] The buggy address belongs to the physical page:
[   25.794107] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10598a
[   25.794449] flags: 0x200000000000000(node=0|zone=2)
[   25.794681] page_type: f5(slab)
[   25.794833] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000
[   25.795168] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[   25.795446] page dumped because: kasan: bad access detected
[   25.795615] 
[   25.795678] Memory state around the buggy address:
[   25.795831]  ffff88810598a100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[   25.796046]  ffff88810598a180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[   25.797061] >ffff88810598a200: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc
[   25.797944]                                                           ^
[   25.798683]  ffff88810598a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.799552]  ffff88810598a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.800114] ==================================================================
[   25.823550] ==================================================================
[   25.823812] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90
[   25.824085] Read of size 8 at addr ffff88810598a268 by task kunit_try_catch/309
[   25.824313] 
[   25.824398] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250708 #1 PREEMPT(voluntary) 
[   25.824451] Tainted: [B]=BAD_PAGE, [N]=TEST
[   25.824463] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   25.824486] Call Trace:
[   25.824506]  <TASK>
[   25.824803]  dump_stack_lvl+0x73/0xb0
[   25.824857]  print_report+0xd1/0x610
[   25.825108]  ? __virt_addr_valid+0x1db/0x2d0
[   25.825137]  ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90
[   25.825168]  ? kasan_complete_mode_report_info+0x2a/0x200
[   25.825204]  ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90
[   25.825248]  kasan_report+0x141/0x180
[   25.825273]  ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90
[   25.825308]  __asan_report_load8_noabort+0x18/0x20
[   25.825336]  kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90
[   25.825367]  ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10
[   25.825398]  ? __kmalloc_cache_noprof+0x189/0x420
[   25.825426]  ? trace_hardirqs_on+0x37/0xe0
[   25.825451]  ? kasan_bitops_generic+0x92/0x1c0
[   25.825481]  kasan_bitops_generic+0x121/0x1c0
[   25.825508]  ? __pfx_kasan_bitops_generic+0x10/0x10
[   25.825536]  ? __pfx_read_tsc+0x10/0x10
[   25.825562]  ? ktime_get_ts64+0x86/0x230
[   25.825591]  kunit_try_run_case+0x1a5/0x480
[   25.825615]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.825638]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   25.825662]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   25.825692]  ? __kthread_parkme+0x82/0x180
[   25.825715]  ? preempt_count_sub+0x50/0x80
[   25.825741]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.825764]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.825793]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   25.825821]  kthread+0x337/0x6f0
[   25.825844]  ? trace_preempt_on+0x20/0xc0
[   25.825871]  ? __pfx_kthread+0x10/0x10
[   25.825895]  ? _raw_spin_unlock_irq+0x47/0x80
[   25.825923]  ? calculate_sigpending+0x7b/0xa0
[   25.825951]  ? __pfx_kthread+0x10/0x10
[   25.825975]  ret_from_fork+0x116/0x1d0
[   25.825997]  ? __pfx_kthread+0x10/0x10
[   25.826020]  ret_from_fork_asm+0x1a/0x30
[   25.826055]  </TASK>
[   25.826067] 
[   25.839535] Allocated by task 309:
[   25.839710]  kasan_save_stack+0x45/0x70
[   25.839909]  kasan_save_track+0x18/0x40
[   25.840320]  kasan_save_alloc_info+0x3b/0x50
[   25.840628]  __kasan_kmalloc+0xb7/0xc0
[   25.840778]  __kmalloc_cache_noprof+0x189/0x420
[   25.841186]  kasan_bitops_generic+0x92/0x1c0
[   25.841411]  kunit_try_run_case+0x1a5/0x480
[   25.841742]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.842108]  kthread+0x337/0x6f0
[   25.842256]  ret_from_fork+0x116/0x1d0
[   25.842611]  ret_from_fork_asm+0x1a/0x30
[   25.842777] 
[   25.842972] The buggy address belongs to the object at ffff88810598a260
[   25.842972]  which belongs to the cache kmalloc-16 of size 16
[   25.843528] The buggy address is located 8 bytes inside of
[   25.843528]  allocated 9-byte region [ffff88810598a260, ffff88810598a269)
[   25.843915] 
[   25.844035] The buggy address belongs to the physical page:
[   25.844305] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10598a
[   25.844577] flags: 0x200000000000000(node=0|zone=2)
[   25.844835] page_type: f5(slab)
[   25.844987] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000
[   25.845260] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[   25.845762] page dumped because: kasan: bad access detected
[   25.846029] 
[   25.846279] Memory state around the buggy address:
[   25.846620]  ffff88810598a100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[   25.847130]  ffff88810598a180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[   25.847537] >ffff88810598a200: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc
[   25.847937]                                                           ^
[   25.848294]  ffff88810598a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.848644]  ffff88810598a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.849031] ==================================================================
[   25.688908] ==================================================================
[   25.689280] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90
[   25.689689] Write of size 8 at addr ffff88810598a268 by task kunit_try_catch/309
[   25.690475] 
[   25.690738] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250708 #1 PREEMPT(voluntary) 
[   25.690791] Tainted: [B]=BAD_PAGE, [N]=TEST
[   25.690804] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   25.690860] Call Trace:
[   25.690880]  <TASK>
[   25.690898]  dump_stack_lvl+0x73/0xb0
[   25.690949]  print_report+0xd1/0x610
[   25.690975]  ? __virt_addr_valid+0x1db/0x2d0
[   25.691002]  ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90
[   25.691033]  ? kasan_complete_mode_report_info+0x2a/0x200
[   25.691064]  ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90
[   25.691095]  kasan_report+0x141/0x180
[   25.691138]  ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90
[   25.691173]  kasan_check_range+0x10c/0x1c0
[   25.691200]  __kasan_check_write+0x18/0x20
[   25.691228]  kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90
[   25.691273]  ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10
[   25.691321]  ? __kmalloc_cache_noprof+0x189/0x420
[   25.691349]  ? trace_hardirqs_on+0x37/0xe0
[   25.691373]  ? kasan_bitops_generic+0x92/0x1c0
[   25.691404]  kasan_bitops_generic+0x121/0x1c0
[   25.691431]  ? __pfx_kasan_bitops_generic+0x10/0x10
[   25.691460]  ? __pfx_read_tsc+0x10/0x10
[   25.691485]  ? ktime_get_ts64+0x86/0x230
[   25.691513]  kunit_try_run_case+0x1a5/0x480
[   25.691537]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.691560]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   25.691583]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   25.691614]  ? __kthread_parkme+0x82/0x180
[   25.691636]  ? preempt_count_sub+0x50/0x80
[   25.691662]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.691686]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.691715]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   25.691743]  kthread+0x337/0x6f0
[   25.691766]  ? trace_preempt_on+0x20/0xc0
[   25.691791]  ? __pfx_kthread+0x10/0x10
[   25.691815]  ? _raw_spin_unlock_irq+0x47/0x80
[   25.691844]  ? calculate_sigpending+0x7b/0xa0
[   25.691872]  ? __pfx_kthread+0x10/0x10
[   25.691898]  ret_from_fork+0x116/0x1d0
[   25.691919]  ? __pfx_kthread+0x10/0x10
[   25.691943]  ret_from_fork_asm+0x1a/0x30
[   25.691979]  </TASK>
[   25.691990] 
[   25.700339] Allocated by task 309:
[   25.700498]  kasan_save_stack+0x45/0x70
[   25.700698]  kasan_save_track+0x18/0x40
[   25.700932]  kasan_save_alloc_info+0x3b/0x50
[   25.702257]  __kasan_kmalloc+0xb7/0xc0
[   25.702420]  __kmalloc_cache_noprof+0x189/0x420
[   25.702573]  kasan_bitops_generic+0x92/0x1c0
[   25.703526]  kunit_try_run_case+0x1a5/0x480
[   25.703764]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.704023]  kthread+0x337/0x6f0
[   25.704173]  ret_from_fork+0x116/0x1d0
[   25.704362]  ret_from_fork_asm+0x1a/0x30
[   25.704541] 
[   25.704615] The buggy address belongs to the object at ffff88810598a260
[   25.704615]  which belongs to the cache kmalloc-16 of size 16
[   25.705101] The buggy address is located 8 bytes inside of
[   25.705101]  allocated 9-byte region [ffff88810598a260, ffff88810598a269)
[   25.705593] 
[   25.705689] The buggy address belongs to the physical page:
[   25.705933] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10598a
[   25.706260] flags: 0x200000000000000(node=0|zone=2)
[   25.706440] page_type: f5(slab)
[   25.706556] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000
[   25.706782] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[   25.707053] page dumped because: kasan: bad access detected
[   25.707316] 
[   25.707406] Memory state around the buggy address:
[   25.707634]  ffff88810598a100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[   25.707972]  ffff88810598a180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[   25.708310] >ffff88810598a200: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc
[   25.708623]                                                           ^
[   25.708942]  ffff88810598a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.709202]  ffff88810598a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.709452] ==================================================================
[   25.733563] ==================================================================
[   25.733986] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90
[   25.734375] Write of size 8 at addr ffff88810598a268 by task kunit_try_catch/309
[   25.734694] 
[   25.734789] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250708 #1 PREEMPT(voluntary) 
[   25.734840] Tainted: [B]=BAD_PAGE, [N]=TEST
[   25.734852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   25.734875] Call Trace:
[   25.734895]  <TASK>
[   25.734914]  dump_stack_lvl+0x73/0xb0
[   25.734946]  print_report+0xd1/0x610
[   25.734971]  ? __virt_addr_valid+0x1db/0x2d0
[   25.734996]  ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90
[   25.735028]  ? kasan_complete_mode_report_info+0x2a/0x200
[   25.735059]  ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90
[   25.735090]  kasan_report+0x141/0x180
[   25.735114]  ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90
[   25.735150]  kasan_check_range+0x10c/0x1c0
[   25.735177]  __kasan_check_write+0x18/0x20
[   25.735204]  kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90
[   25.735235]  ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10
[   25.735278]  ? __kmalloc_cache_noprof+0x189/0x420
[   25.735305]  ? trace_hardirqs_on+0x37/0xe0
[   25.735330]  ? kasan_bitops_generic+0x92/0x1c0
[   25.735361]  kasan_bitops_generic+0x121/0x1c0
[   25.735389]  ? __pfx_kasan_bitops_generic+0x10/0x10
[   25.735418]  ? __pfx_read_tsc+0x10/0x10
[   25.735444]  ? ktime_get_ts64+0x86/0x230
[   25.735472]  kunit_try_run_case+0x1a5/0x480
[   25.735496]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.735518]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   25.735542]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   25.735573]  ? __kthread_parkme+0x82/0x180
[   25.735595]  ? preempt_count_sub+0x50/0x80
[   25.735620]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.735644]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.735672]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   25.735701]  kthread+0x337/0x6f0
[   25.735724]  ? trace_preempt_on+0x20/0xc0
[   25.735749]  ? __pfx_kthread+0x10/0x10
[   25.735773]  ? _raw_spin_unlock_irq+0x47/0x80
[   25.735802]  ? calculate_sigpending+0x7b/0xa0
[   25.735850]  ? __pfx_kthread+0x10/0x10
[   25.735876]  ret_from_fork+0x116/0x1d0
[   25.735898]  ? __pfx_kthread+0x10/0x10
[   25.735922]  ret_from_fork_asm+0x1a/0x30
[   25.735958]  </TASK>
[   25.735971] 
[   25.743733] Allocated by task 309:
[   25.743863]  kasan_save_stack+0x45/0x70
[   25.744320]  kasan_save_track+0x18/0x40
[   25.744535]  kasan_save_alloc_info+0x3b/0x50
[   25.744733]  __kasan_kmalloc+0xb7/0xc0
[   25.745425]  __kmalloc_cache_noprof+0x189/0x420
[   25.745840]  kasan_bitops_generic+0x92/0x1c0
[   25.746359]  kunit_try_run_case+0x1a5/0x480
[   25.746770]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.747164]  kthread+0x337/0x6f0
[   25.747350]  ret_from_fork+0x116/0x1d0
[   25.747529]  ret_from_fork_asm+0x1a/0x30
[   25.747709] 
[   25.747794] The buggy address belongs to the object at ffff88810598a260
[   25.747794]  which belongs to the cache kmalloc-16 of size 16
[   25.748263] The buggy address is located 8 bytes inside of
[   25.748263]  allocated 9-byte region [ffff88810598a260, ffff88810598a269)
[   25.748721] 
[   25.748805] The buggy address belongs to the physical page:
[   25.749013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10598a
[   25.749812] flags: 0x200000000000000(node=0|zone=2)
[   25.750232] page_type: f5(slab)
[   25.750625] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000
[   25.751145] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[   25.751664] page dumped because: kasan: bad access detected
[   25.752104] 
[   25.752334] Memory state around the buggy address:
[   25.752824]  ffff88810598a100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[   25.753294]  ffff88810598a180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[   25.753604] >ffff88810598a200: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc
[   25.754213]                                                           ^
[   25.754634]  ffff88810598a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.755423]  ffff88810598a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.755899] ==================================================================
[   25.670460] ==================================================================
[   25.670914] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90
[   25.671304] Write of size 8 at addr ffff88810598a268 by task kunit_try_catch/309
[   25.671543] 
[   25.671627] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250708 #1 PREEMPT(voluntary) 
[   25.671678] Tainted: [B]=BAD_PAGE, [N]=TEST
[   25.671691] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   25.671713] Call Trace:
[   25.671728]  <TASK>
[   25.671745]  dump_stack_lvl+0x73/0xb0
[   25.671776]  print_report+0xd1/0x610
[   25.671800]  ? __virt_addr_valid+0x1db/0x2d0
[   25.671827]  ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90
[   25.671879]  ? kasan_complete_mode_report_info+0x2a/0x200
[   25.671909]  ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90
[   25.671940]  kasan_report+0x141/0x180
[   25.671964]  ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90
[   25.672002]  kasan_check_range+0x10c/0x1c0
[   25.672029]  __kasan_check_write+0x18/0x20
[   25.672057]  kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90
[   25.672088]  ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10
[   25.672119]  ? __kmalloc_cache_noprof+0x189/0x420
[   25.672147]  ? trace_hardirqs_on+0x37/0xe0
[   25.672172]  ? kasan_bitops_generic+0x92/0x1c0
[   25.672203]  kasan_bitops_generic+0x121/0x1c0
[   25.672230]  ? __pfx_kasan_bitops_generic+0x10/0x10
[   25.672269]  ? __pfx_read_tsc+0x10/0x10
[   25.672295]  ? ktime_get_ts64+0x86/0x230
[   25.672323]  kunit_try_run_case+0x1a5/0x480
[   25.672347]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.672386]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   25.672410]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   25.672453]  ? __kthread_parkme+0x82/0x180
[   25.672475]  ? preempt_count_sub+0x50/0x80
[   25.672501]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.672525]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.672553]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   25.672582]  kthread+0x337/0x6f0
[   25.672604]  ? trace_preempt_on+0x20/0xc0
[   25.672631]  ? __pfx_kthread+0x10/0x10
[   25.672655]  ? _raw_spin_unlock_irq+0x47/0x80
[   25.672683]  ? calculate_sigpending+0x7b/0xa0
[   25.672712]  ? __pfx_kthread+0x10/0x10
[   25.672737]  ret_from_fork+0x116/0x1d0
[   25.672758]  ? __pfx_kthread+0x10/0x10
[   25.672782]  ret_from_fork_asm+0x1a/0x30
[   25.672818]  </TASK>
[   25.672841] 
[   25.680687] Allocated by task 309:
[   25.680813]  kasan_save_stack+0x45/0x70
[   25.681024]  kasan_save_track+0x18/0x40
[   25.681207]  kasan_save_alloc_info+0x3b/0x50
[   25.681420]  __kasan_kmalloc+0xb7/0xc0
[   25.681603]  __kmalloc_cache_noprof+0x189/0x420
[   25.681814]  kasan_bitops_generic+0x92/0x1c0
[   25.681980]  kunit_try_run_case+0x1a5/0x480
[   25.682187]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.682391]  kthread+0x337/0x6f0
[   25.682506]  ret_from_fork+0x116/0x1d0
[   25.682628]  ret_from_fork_asm+0x1a/0x30
[   25.682759] 
[   25.682835] The buggy address belongs to the object at ffff88810598a260
[   25.682835]  which belongs to the cache kmalloc-16 of size 16
[   25.683346] The buggy address is located 8 bytes inside of
[   25.683346]  allocated 9-byte region [ffff88810598a260, ffff88810598a269)
[   25.683870] 
[   25.683960] The buggy address belongs to the physical page:
[   25.684177] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10598a
[   25.684415] flags: 0x200000000000000(node=0|zone=2)
[   25.684590] page_type: f5(slab)
[   25.684771] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000
[   25.685338] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[   25.685607] page dumped because: kasan: bad access detected
[   25.685839] 
[   25.685939] Memory state around the buggy address:
[   25.686101]  ffff88810598a100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[   25.686313]  ffff88810598a180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[   25.686517] >ffff88810598a200: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc
[   25.686818]                                                           ^
[   25.687099]  ffff88810598a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.687412]  ffff88810598a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.687784] ==================================================================
[   25.710000] ==================================================================
[   25.710360] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90
[   25.710767] Write of size 8 at addr ffff88810598a268 by task kunit_try_catch/309
[   25.711040] 
[   25.711152] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250708 #1 PREEMPT(voluntary) 
[   25.711202] Tainted: [B]=BAD_PAGE, [N]=TEST
[   25.711215] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   25.711608] Call Trace:
[   25.711637]  <TASK>
[   25.711658]  dump_stack_lvl+0x73/0xb0
[   25.711691]  print_report+0xd1/0x610
[   25.711715]  ? __virt_addr_valid+0x1db/0x2d0
[   25.711742]  ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90
[   25.711772]  ? kasan_complete_mode_report_info+0x2a/0x200
[   25.711827]  ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90
[   25.711858]  kasan_report+0x141/0x180
[   25.711882]  ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90
[   25.711918]  kasan_check_range+0x10c/0x1c0
[   25.711945]  __kasan_check_write+0x18/0x20
[   25.711974]  kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90
[   25.712006]  ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10
[   25.712038]  ? __kmalloc_cache_noprof+0x189/0x420
[   25.712065]  ? trace_hardirqs_on+0x37/0xe0
[   25.712091]  ? kasan_bitops_generic+0x92/0x1c0
[   25.712121]  kasan_bitops_generic+0x121/0x1c0
[   25.712149]  ? __pfx_kasan_bitops_generic+0x10/0x10
[   25.712179]  ? __pfx_read_tsc+0x10/0x10
[   25.712205]  ? ktime_get_ts64+0x86/0x230
[   25.712233]  kunit_try_run_case+0x1a5/0x480
[   25.712268]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.712290]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   25.712314]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   25.712345]  ? __kthread_parkme+0x82/0x180
[   25.712368]  ? preempt_count_sub+0x50/0x80
[   25.712395]  ? __pfx_kunit_try_run_case+0x10/0x10
[   25.712418]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.712447]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   25.712476]  kthread+0x337/0x6f0
[   25.712498]  ? trace_preempt_on+0x20/0xc0
[   25.712523]  ? __pfx_kthread+0x10/0x10
[   25.712548]  ? _raw_spin_unlock_irq+0x47/0x80
[   25.712576]  ? calculate_sigpending+0x7b/0xa0
[   25.712604]  ? __pfx_kthread+0x10/0x10
[   25.712629]  ret_from_fork+0x116/0x1d0
[   25.712651]  ? __pfx_kthread+0x10/0x10
[   25.712675]  ret_from_fork_asm+0x1a/0x30
[   25.712711]  </TASK>
[   25.712723] 
[   25.722808] Allocated by task 309:
[   25.723263]  kasan_save_stack+0x45/0x70
[   25.723511]  kasan_save_track+0x18/0x40
[   25.723754]  kasan_save_alloc_info+0x3b/0x50
[   25.724120]  __kasan_kmalloc+0xb7/0xc0
[   25.724283]  __kmalloc_cache_noprof+0x189/0x420
[   25.724641]  kasan_bitops_generic+0x92/0x1c0
[   25.724854]  kunit_try_run_case+0x1a5/0x480
[   25.725035]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.725286]  kthread+0x337/0x6f0
[   25.725449]  ret_from_fork+0x116/0x1d0
[   25.725634]  ret_from_fork_asm+0x1a/0x30
[   25.726142] 
[   25.726249] The buggy address belongs to the object at ffff88810598a260
[   25.726249]  which belongs to the cache kmalloc-16 of size 16
[   25.726704] The buggy address is located 8 bytes inside of
[   25.726704]  allocated 9-byte region [ffff88810598a260, ffff88810598a269)
[   25.727427] 
[   25.727524] The buggy address belongs to the physical page:
[   25.727973] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10598a
[   25.728376] flags: 0x200000000000000(node=0|zone=2)
[   25.728553] page_type: f5(slab)
[   25.728782] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000
[   25.729160] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[   25.729485] page dumped because: kasan: bad access detected
[   25.729710] 
[   25.729778] Memory state around the buggy address:
[   25.729967]  ffff88810598a100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[   25.730574]  ffff88810598a180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc
[   25.730981] >ffff88810598a200: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc
[   25.731250]                                                           ^
[   25.731623]  ffff88810598a280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.732032]  ffff88810598a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.732347] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zadDcsZaTNoMt5NQDMjH9XXSjo

job_id

TEST:linaro@lkft#2zadJ2rDp4QF2EanzdxmWx6xbyw

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zadJ2rDp4QF2EanzdxmWx6xbyw

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zadFlqHhTrd3zbaPMG0NfTHOqI/bzImage
sha256sum	d2e0f1ca9d9f79d7d3d3df8bfa6136f501414ea8fca61dd648f312b7af92ba7e

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zadFlqHhTrd3zbaPMG0NfTHOqI/modules.tar.xz
sha256sum	ae1650227c5d0061093609bf5a55f56383843ed1e291a338f9fc46e881212983

durations

tests

boot	0
kunit	246.46

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit