lkft/linux-mainline-master - v6.16-rc6-237-gc7de79e662b8 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

July 18, 2025, 11:11 p.m.

Environment
qemu-arm64
qemu-x86_64

[   17.332385] ==================================================================
[   17.332445] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   17.333766] Read of size 1 at addr fff00000c781a001 by task kunit_try_catch/223
[   17.333862] 
[   17.333897] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   17.333979] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.334006] Hardware name: linux,dummy-virt (DT)
[   17.334036] Call trace:
[   17.334060]  show_stack+0x20/0x38 (C)
[   17.334109]  dump_stack_lvl+0x8c/0xd0
[   17.335935]  print_report+0x118/0x5d0
[   17.336781]  kasan_report+0xdc/0x128
[   17.337034]  __asan_report_load1_noabort+0x20/0x30
[   17.337673]  mempool_oob_right_helper+0x2ac/0x2f0
[   17.337828]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   17.337878]  kunit_try_run_case+0x170/0x3f0
[   17.337926]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.337978]  kthread+0x328/0x630
[   17.338019]  ret_from_fork+0x10/0x20
[   17.339204] 
[   17.339603] The buggy address belongs to the physical page:
[   17.340070] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107818
[   17.340605] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.341038] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.341183] page_type: f8(unknown)
[   17.341226] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.341278] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.341937] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.342343] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.342961] head: 0bfffe0000000002 ffffc1ffc31e0601 00000000ffffffff 00000000ffffffff
[   17.343352] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.343401] page dumped because: kasan: bad access detected
[   17.343940] 
[   17.344120] Memory state around the buggy address:
[   17.344158]  fff00000c7819f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.344204]  fff00000c7819f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.344248] >fff00000c781a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.345130]                    ^
[   17.345422]  fff00000c781a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.345466]  fff00000c781a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.345504] ==================================================================
[   17.363299] ==================================================================
[   17.363384] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   17.363440] Read of size 1 at addr fff00000c5a8b2bb by task kunit_try_catch/225
[   17.363491] 
[   17.363524] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   17.363720] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.363753] Hardware name: linux,dummy-virt (DT)
[   17.363783] Call trace:
[   17.363808]  show_stack+0x20/0x38 (C)
[   17.363860]  dump_stack_lvl+0x8c/0xd0
[   17.363910]  print_report+0x118/0x5d0
[   17.364002]  kasan_report+0xdc/0x128
[   17.364048]  __asan_report_load1_noabort+0x20/0x30
[   17.364138]  mempool_oob_right_helper+0x2ac/0x2f0
[   17.364191]  mempool_slab_oob_right+0xc0/0x118
[   17.364253]  kunit_try_run_case+0x170/0x3f0
[   17.364311]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.364458]  kthread+0x328/0x630
[   17.364502]  ret_from_fork+0x10/0x20
[   17.364551] 
[   17.364569] Allocated by task 225:
[   17.364599]  kasan_save_stack+0x3c/0x68
[   17.364639]  kasan_save_track+0x20/0x40
[   17.364701]  kasan_save_alloc_info+0x40/0x58
[   17.364751]  __kasan_mempool_unpoison_object+0xbc/0x180
[   17.364804]  remove_element+0x16c/0x1f8
[   17.364841]  mempool_alloc_preallocated+0x58/0xc0
[   17.364879]  mempool_oob_right_helper+0x98/0x2f0
[   17.364933]  mempool_slab_oob_right+0xc0/0x118
[   17.364971]  kunit_try_run_case+0x170/0x3f0
[   17.365009]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.365053]  kthread+0x328/0x630
[   17.365085]  ret_from_fork+0x10/0x20
[   17.365122] 
[   17.365147] The buggy address belongs to the object at fff00000c5a8b240
[   17.365147]  which belongs to the cache test_cache of size 123
[   17.365213] The buggy address is located 0 bytes to the right of
[   17.365213]  allocated 123-byte region [fff00000c5a8b240, fff00000c5a8b2bb)
[   17.365284] 
[   17.365305] The buggy address belongs to the physical page:
[   17.365356] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a8b
[   17.365408] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   17.365459] page_type: f5(slab)
[   17.365498] raw: 0bfffe0000000000 fff00000c5a56280 dead000000000122 0000000000000000
[   17.365613] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   17.365659] page dumped because: kasan: bad access detected
[   17.365692] 
[   17.365829] Memory state around the buggy address:
[   17.365868]  fff00000c5a8b180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   17.365973]  fff00000c5a8b200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   17.366049] >fff00000c5a8b280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   17.366158]                                         ^
[   17.366222]  fff00000c5a8b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.366268]  fff00000c5a8b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.366307] ==================================================================
[   17.317305] ==================================================================
[   17.317402] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   17.317478] Read of size 1 at addr fff00000c7711173 by task kunit_try_catch/221
[   17.317530] 
[   17.317574] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   17.317661] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.317689] Hardware name: linux,dummy-virt (DT)
[   17.317723] Call trace:
[   17.317750]  show_stack+0x20/0x38 (C)
[   17.317801]  dump_stack_lvl+0x8c/0xd0
[   17.317852]  print_report+0x118/0x5d0
[   17.317900]  kasan_report+0xdc/0x128
[   17.317945]  __asan_report_load1_noabort+0x20/0x30
[   17.317997]  mempool_oob_right_helper+0x2ac/0x2f0
[   17.318044]  mempool_kmalloc_oob_right+0xc4/0x120
[   17.318092]  kunit_try_run_case+0x170/0x3f0
[   17.318143]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.318196]  kthread+0x328/0x630
[   17.318243]  ret_from_fork+0x10/0x20
[   17.318294] 
[   17.318312] Allocated by task 221:
[   17.318355]  kasan_save_stack+0x3c/0x68
[   17.318399]  kasan_save_track+0x20/0x40
[   17.318438]  kasan_save_alloc_info+0x40/0x58
[   17.318479]  __kasan_mempool_unpoison_object+0x11c/0x180
[   17.318523]  remove_element+0x130/0x1f8
[   17.318562]  mempool_alloc_preallocated+0x58/0xc0
[   17.318601]  mempool_oob_right_helper+0x98/0x2f0
[   17.318641]  mempool_kmalloc_oob_right+0xc4/0x120
[   17.318682]  kunit_try_run_case+0x170/0x3f0
[   17.318720]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.318763]  kthread+0x328/0x630
[   17.318797]  ret_from_fork+0x10/0x20
[   17.318833] 
[   17.318853] The buggy address belongs to the object at fff00000c7711100
[   17.318853]  which belongs to the cache kmalloc-128 of size 128
[   17.318915] The buggy address is located 0 bytes to the right of
[   17.318915]  allocated 115-byte region [fff00000c7711100, fff00000c7711173)
[   17.318979] 
[   17.319002] The buggy address belongs to the physical page:
[   17.319037] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107711
[   17.319089] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   17.319142] page_type: f5(slab)
[   17.319184] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   17.319235] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.319276] page dumped because: kasan: bad access detected
[   17.319308] 
[   17.319335] Memory state around the buggy address:
[   17.319370]  fff00000c7711000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   17.319413]  fff00000c7711080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.319456] >fff00000c7711100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   17.319493]                                                              ^
[   17.319533]  fff00000c7711180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.319575]  fff00000c7711200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   17.319613] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

304I74qE3r0xJScpa5F21DtNBKi

job_id

TEST:linaro@lkft#304IAoS8ehJbrsRCCdrQhkPrtZI

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/304IAoS8ehJbrsRCCdrQhkPrtZI

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/304I87Uo6xzzZ3NSNcslasZfSRN/Image.gz
sha256sum	2327c644062cfbec906717af44c5e27e8b69bcddd820709922f2265ba777660d

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/304I87Uo6xzzZ3NSNcslasZfSRN/modules.tar.xz
sha256sum	eeb00a0e627a7c6809728a0593d4dbfc62943b3f4d5fd935f13ba3f570db6496

durations

tests

boot	0
kunit	171.20

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   13.571573] ==================================================================
[   13.572186] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   13.572691] Read of size 1 at addr ffff8881030d9d73 by task kunit_try_catch/240
[   13.572968] 
[   13.573092] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   13.573143] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.573155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.573179] Call Trace:
[   13.573191]  <TASK>
[   13.573210]  dump_stack_lvl+0x73/0xb0
[   13.573242]  print_report+0xd1/0x610
[   13.573265]  ? __virt_addr_valid+0x1db/0x2d0
[   13.573302]  ? mempool_oob_right_helper+0x318/0x380
[   13.573326]  ? kasan_complete_mode_report_info+0x2a/0x200
[   13.573349]  ? mempool_oob_right_helper+0x318/0x380
[   13.573372]  kasan_report+0x141/0x180
[   13.573394]  ? mempool_oob_right_helper+0x318/0x380
[   13.573422]  __asan_report_load1_noabort+0x18/0x20
[   13.573446]  mempool_oob_right_helper+0x318/0x380
[   13.573770]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   13.573812]  mempool_kmalloc_oob_right+0xf2/0x150
[   13.573838]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   13.573864]  ? __pfx_mempool_kmalloc+0x10/0x10
[   13.573891]  ? __pfx_mempool_kfree+0x10/0x10
[   13.573916]  ? __pfx_read_tsc+0x10/0x10
[   13.573938]  ? ktime_get_ts64+0x86/0x230
[   13.573963]  kunit_try_run_case+0x1a5/0x480
[   13.573990]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.574012]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.574039]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.574063]  ? __kthread_parkme+0x82/0x180
[   13.574084]  ? preempt_count_sub+0x50/0x80
[   13.574108]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.574132]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.574156]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.574180]  kthread+0x337/0x6f0
[   13.574199]  ? trace_preempt_on+0x20/0xc0
[   13.574222]  ? __pfx_kthread+0x10/0x10
[   13.574242]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.574263]  ? calculate_sigpending+0x7b/0xa0
[   13.574287]  ? __pfx_kthread+0x10/0x10
[   13.574320]  ret_from_fork+0x116/0x1d0
[   13.574339]  ? __pfx_kthread+0x10/0x10
[   13.574359]  ret_from_fork_asm+0x1a/0x30
[   13.574390]  </TASK>
[   13.574400] 
[   13.584130] Allocated by task 240:
[   13.584339]  kasan_save_stack+0x45/0x70
[   13.584515]  kasan_save_track+0x18/0x40
[   13.585008]  kasan_save_alloc_info+0x3b/0x50
[   13.585199]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   13.585605]  remove_element+0x11e/0x190
[   13.585862]  mempool_alloc_preallocated+0x4d/0x90
[   13.586131]  mempool_oob_right_helper+0x8a/0x380
[   13.586433]  mempool_kmalloc_oob_right+0xf2/0x150
[   13.586632]  kunit_try_run_case+0x1a5/0x480
[   13.586959]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.587213]  kthread+0x337/0x6f0
[   13.587374]  ret_from_fork+0x116/0x1d0
[   13.587541]  ret_from_fork_asm+0x1a/0x30
[   13.587918] 
[   13.588004] The buggy address belongs to the object at ffff8881030d9d00
[   13.588004]  which belongs to the cache kmalloc-128 of size 128
[   13.588693] The buggy address is located 0 bytes to the right of
[   13.588693]  allocated 115-byte region [ffff8881030d9d00, ffff8881030d9d73)
[   13.589171] 
[   13.589271] The buggy address belongs to the physical page:
[   13.589514] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030d9
[   13.590146] flags: 0x200000000000000(node=0|zone=2)
[   13.590456] page_type: f5(slab)
[   13.590604] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   13.591044] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   13.591431] page dumped because: kasan: bad access detected
[   13.591783] 
[   13.591871] Memory state around the buggy address:
[   13.592062]  ffff8881030d9c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.592553]  ffff8881030d9c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.592856] >ffff8881030d9d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   13.593152]                                                              ^
[   13.593442]  ffff8881030d9d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.593940]  ffff8881030d9e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   13.594312] ==================================================================
[   13.622523] ==================================================================
[   13.623084] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   13.623524] Read of size 1 at addr ffff8881039e82bb by task kunit_try_catch/244
[   13.624077] 
[   13.624253] CPU: 1 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   13.624309] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.624321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.624341] Call Trace:
[   13.624353]  <TASK>
[   13.624367]  dump_stack_lvl+0x73/0xb0
[   13.624395]  print_report+0xd1/0x610
[   13.624416]  ? __virt_addr_valid+0x1db/0x2d0
[   13.624437]  ? mempool_oob_right_helper+0x318/0x380
[   13.624460]  ? kasan_complete_mode_report_info+0x2a/0x200
[   13.624483]  ? mempool_oob_right_helper+0x318/0x380
[   13.624506]  kasan_report+0x141/0x180
[   13.624527]  ? mempool_oob_right_helper+0x318/0x380
[   13.624556]  __asan_report_load1_noabort+0x18/0x20
[   13.624580]  mempool_oob_right_helper+0x318/0x380
[   13.624604]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   13.624627]  ? update_load_avg+0x1be/0x21b0
[   13.624665]  ? finish_task_switch.isra.0+0x153/0x700
[   13.624690]  mempool_slab_oob_right+0xed/0x140
[   13.624714]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   13.624740]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   13.624764]  ? __pfx_mempool_free_slab+0x10/0x10
[   13.624789]  ? __pfx_read_tsc+0x10/0x10
[   13.624808]  ? ktime_get_ts64+0x86/0x230
[   13.624832]  kunit_try_run_case+0x1a5/0x480
[   13.624856]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.624878]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.624901]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.624924]  ? __kthread_parkme+0x82/0x180
[   13.624950]  ? preempt_count_sub+0x50/0x80
[   13.624973]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.624996]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.625062]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.625088]  kthread+0x337/0x6f0
[   13.625106]  ? trace_preempt_on+0x20/0xc0
[   13.625129]  ? __pfx_kthread+0x10/0x10
[   13.625149]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.625171]  ? calculate_sigpending+0x7b/0xa0
[   13.625194]  ? __pfx_kthread+0x10/0x10
[   13.625216]  ret_from_fork+0x116/0x1d0
[   13.625233]  ? __pfx_kthread+0x10/0x10
[   13.625253]  ret_from_fork_asm+0x1a/0x30
[   13.625283]  </TASK>
[   13.625304] 
[   13.639434] Allocated by task 244:
[   13.639758]  kasan_save_stack+0x45/0x70
[   13.640148]  kasan_save_track+0x18/0x40
[   13.640505]  kasan_save_alloc_info+0x3b/0x50
[   13.640892]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   13.641254]  remove_element+0x11e/0x190
[   13.641408]  mempool_alloc_preallocated+0x4d/0x90
[   13.641607]  mempool_oob_right_helper+0x8a/0x380
[   13.642012]  mempool_slab_oob_right+0xed/0x140
[   13.642583]  kunit_try_run_case+0x1a5/0x480
[   13.642973]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.643496]  kthread+0x337/0x6f0
[   13.643881]  ret_from_fork+0x116/0x1d0
[   13.644250]  ret_from_fork_asm+0x1a/0x30
[   13.644445] 
[   13.644564] The buggy address belongs to the object at ffff8881039e8240
[   13.644564]  which belongs to the cache test_cache of size 123
[   13.644923] The buggy address is located 0 bytes to the right of
[   13.644923]  allocated 123-byte region [ffff8881039e8240, ffff8881039e82bb)
[   13.645459] 
[   13.645549] The buggy address belongs to the physical page:
[   13.645795] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e8
[   13.646250] flags: 0x200000000000000(node=0|zone=2)
[   13.646462] page_type: f5(slab)
[   13.646659] raw: 0200000000000000 ffff888101093c80 dead000000000122 0000000000000000
[   13.646955] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   13.647459] page dumped because: kasan: bad access detected
[   13.647673] 
[   13.647779] Memory state around the buggy address:
[   13.648006]  ffff8881039e8180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.648225]  ffff8881039e8200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   13.648762] >ffff8881039e8280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   13.649008]                                         ^
[   13.649230]  ffff8881039e8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.649662]  ffff8881039e8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.649936] ==================================================================
[   13.597424] ==================================================================
[   13.597829] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   13.598432] Read of size 1 at addr ffff888103a6e001 by task kunit_try_catch/242
[   13.599412] 
[   13.599658] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   13.599706] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.599719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.599741] Call Trace:
[   13.599752]  <TASK>
[   13.599768]  dump_stack_lvl+0x73/0xb0
[   13.599799]  print_report+0xd1/0x610
[   13.599821]  ? __virt_addr_valid+0x1db/0x2d0
[   13.599844]  ? mempool_oob_right_helper+0x318/0x380
[   13.599868]  ? kasan_addr_to_slab+0x11/0xa0
[   13.599889]  ? mempool_oob_right_helper+0x318/0x380
[   13.599912]  kasan_report+0x141/0x180
[   13.599933]  ? mempool_oob_right_helper+0x318/0x380
[   13.599962]  __asan_report_load1_noabort+0x18/0x20
[   13.599986]  mempool_oob_right_helper+0x318/0x380
[   13.600010]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   13.600046]  ? update_load_avg+0x1be/0x21b0
[   13.600070]  ? dequeue_entities+0x27e/0x1740
[   13.600094]  ? finish_task_switch.isra.0+0x153/0x700
[   13.600119]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   13.600144]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   13.600172]  ? __pfx_mempool_kmalloc+0x10/0x10
[   13.600196]  ? __pfx_mempool_kfree+0x10/0x10
[   13.600220]  ? __pfx_read_tsc+0x10/0x10
[   13.600241]  ? ktime_get_ts64+0x86/0x230
[   13.600265]  kunit_try_run_case+0x1a5/0x480
[   13.600302]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.600324]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.600350]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.600373]  ? __kthread_parkme+0x82/0x180
[   13.600394]  ? preempt_count_sub+0x50/0x80
[   13.600417]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.600441]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.600464]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.600565]  kthread+0x337/0x6f0
[   13.600585]  ? trace_preempt_on+0x20/0xc0
[   13.600608]  ? __pfx_kthread+0x10/0x10
[   13.600628]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.600651]  ? calculate_sigpending+0x7b/0xa0
[   13.600675]  ? __pfx_kthread+0x10/0x10
[   13.600695]  ret_from_fork+0x116/0x1d0
[   13.600715]  ? __pfx_kthread+0x10/0x10
[   13.600735]  ret_from_fork_asm+0x1a/0x30
[   13.600766]  </TASK>
[   13.600775] 
[   13.609882] The buggy address belongs to the physical page:
[   13.610183] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a6c
[   13.610504] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   13.610847] flags: 0x200000000000040(head|node=0|zone=2)
[   13.611152] page_type: f8(unknown)
[   13.611284] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   13.611795] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   13.612160] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   13.612507] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   13.612820] head: 0200000000000002 ffffea00040e9b01 00000000ffffffff 00000000ffffffff
[   13.613358] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   13.613707] page dumped because: kasan: bad access detected
[   13.613881] 
[   13.613950] Memory state around the buggy address:
[   13.614106]  ffff888103a6df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   13.614393]  ffff888103a6df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   13.614858] >ffff888103a6e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   13.615096]                    ^
[   13.615212]  ffff888103a6e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   13.615647]  ffff888103a6e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   13.615972] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

304I74qE3r0xJScpa5F21DtNBKi

job_id

TEST:linaro@lkft#304IBtjw5gAFiQFtjheOZVsLnJd

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/304IBtjw5gAFiQFtjheOZVsLnJd

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/304I8v4gAXANgVsBFBP9Xgpwo9H/bzImage
sha256sum	74b158d3087b541db14488f1c5db89bcaabd464c1e74c13c892d531ea76b1c6d

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/304I8v4gAXANgVsBFBP9Xgpwo9H/modules.tar.xz
sha256sum	82d2eca680645b0e05a8b7307d7b91914de6f6b8f19a6a17cfb131cfaa8719a0

durations

tests

boot	0
kunit	221.87

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit