lkft/linux-next-master - next-20250625 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

June 25, 2025, 8:08 a.m.

Environment
qemu-arm64
qemu-x86_64

[   28.610964] ==================================================================
[   28.611081] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   28.611141] Read of size 1 at addr fff00000c79ee001 by task kunit_try_catch/235
[   28.611703] 
[   28.611797] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250625 #1 PREEMPT 
[   28.612108] Tainted: [B]=BAD_PAGE, [N]=TEST
[   28.612154] Hardware name: linux,dummy-virt (DT)
[   28.612227] Call trace:
[   28.612335]  show_stack+0x20/0x38 (C)
[   28.612526]  dump_stack_lvl+0x8c/0xd0
[   28.612681]  print_report+0x118/0x608
[   28.612862]  kasan_report+0xdc/0x128
[   28.612951]  __asan_report_load1_noabort+0x20/0x30
[   28.613184]  mempool_oob_right_helper+0x2ac/0x2f0
[   28.613239]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   28.613321]  kunit_try_run_case+0x170/0x3f0
[   28.614238]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   28.614323]  kthread+0x328/0x630
[   28.614504]  ret_from_fork+0x10/0x20
[   28.614779] 
[   28.614905] The buggy address belongs to the physical page:
[   28.614941] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1079ec
[   28.615035] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   28.615081] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   28.615487] page_type: f8(unknown)
[   28.615530] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   28.615752] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   28.615916] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   28.616018] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   28.616068] head: 0bfffe0000000002 ffffc1ffc31e7b01 00000000ffffffff 00000000ffffffff
[   28.616179] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   28.616243] page dumped because: kasan: bad access detected
[   28.616275] 
[   28.616294] Memory state around the buggy address:
[   28.616329]  fff00000c79edf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   28.616671]  fff00000c79edf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   28.616822] >fff00000c79ee000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   28.616868]                    ^
[   28.616898]  fff00000c79ee080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   28.616940]  fff00000c79ee100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   28.616978] ==================================================================
[   28.627370] ==================================================================
[   28.627457] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   28.627743] Read of size 1 at addr fff00000c786a2bb by task kunit_try_catch/237
[   28.627920] 
[   28.627954] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250625 #1 PREEMPT 
[   28.628326] Tainted: [B]=BAD_PAGE, [N]=TEST
[   28.628488] Hardware name: linux,dummy-virt (DT)
[   28.628585] Call trace:
[   28.628610]  show_stack+0x20/0x38 (C)
[   28.628662]  dump_stack_lvl+0x8c/0xd0
[   28.628709]  print_report+0x118/0x608
[   28.628766]  kasan_report+0xdc/0x128
[   28.628927]  __asan_report_load1_noabort+0x20/0x30
[   28.628989]  mempool_oob_right_helper+0x2ac/0x2f0
[   28.629038]  mempool_slab_oob_right+0xc0/0x118
[   28.629107]  kunit_try_run_case+0x170/0x3f0
[   28.629314]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   28.629431]  kthread+0x328/0x630
[   28.629607]  ret_from_fork+0x10/0x20
[   28.629662] 
[   28.629680] Allocated by task 237:
[   28.629870]  kasan_save_stack+0x3c/0x68
[   28.629917]  kasan_save_track+0x20/0x40
[   28.629954]  kasan_save_alloc_info+0x40/0x58
[   28.629994]  __kasan_mempool_unpoison_object+0xbc/0x180
[   28.630258]  remove_element+0x16c/0x1f8
[   28.630325]  mempool_alloc_preallocated+0x58/0xc0
[   28.630383]  mempool_oob_right_helper+0x98/0x2f0
[   28.630462]  mempool_slab_oob_right+0xc0/0x118
[   28.630500]  kunit_try_run_case+0x170/0x3f0
[   28.630538]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   28.630582]  kthread+0x328/0x630
[   28.630679]  ret_from_fork+0x10/0x20
[   28.630716] 
[   28.630771] The buggy address belongs to the object at fff00000c786a240
[   28.630771]  which belongs to the cache test_cache of size 123
[   28.630916] The buggy address is located 0 bytes to the right of
[   28.630916]  allocated 123-byte region [fff00000c786a240, fff00000c786a2bb)
[   28.630980] 
[   28.631000] The buggy address belongs to the physical page:
[   28.631077] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786a
[   28.631143] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   28.631374] page_type: f5(slab)
[   28.631510] raw: 0bfffe0000000000 fff00000c790a280 dead000000000122 0000000000000000
[   28.631594] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   28.631633] page dumped because: kasan: bad access detected
[   28.631664] 
[   28.631682] Memory state around the buggy address:
[   28.631741]  fff00000c786a180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   28.631791]  fff00000c786a200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   28.631933] >fff00000c786a280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   28.631971]                                         ^
[   28.632006]  fff00000c786a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.632607]  fff00000c786a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.632655] ==================================================================
[   28.601929] ==================================================================
[   28.602010] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   28.602086] Read of size 1 at addr fff00000c5906c73 by task kunit_try_catch/233
[   28.602134] 
[   28.602178] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250625 #1 PREEMPT 
[   28.602265] Tainted: [B]=BAD_PAGE, [N]=TEST
[   28.602301] Hardware name: linux,dummy-virt (DT)
[   28.602333] Call trace:
[   28.602357]  show_stack+0x20/0x38 (C)
[   28.602423]  dump_stack_lvl+0x8c/0xd0
[   28.602473]  print_report+0x118/0x608
[   28.602524]  kasan_report+0xdc/0x128
[   28.602570]  __asan_report_load1_noabort+0x20/0x30
[   28.602617]  mempool_oob_right_helper+0x2ac/0x2f0
[   28.602668]  mempool_kmalloc_oob_right+0xc4/0x120
[   28.602718]  kunit_try_run_case+0x170/0x3f0
[   28.602767]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   28.602819]  kthread+0x328/0x630
[   28.602863]  ret_from_fork+0x10/0x20
[   28.602913] 
[   28.602932] Allocated by task 233:
[   28.602962]  kasan_save_stack+0x3c/0x68
[   28.603001]  kasan_save_track+0x20/0x40
[   28.603040]  kasan_save_alloc_info+0x40/0x58
[   28.603075]  __kasan_mempool_unpoison_object+0x11c/0x180
[   28.603119]  remove_element+0x130/0x1f8
[   28.603155]  mempool_alloc_preallocated+0x58/0xc0
[   28.603195]  mempool_oob_right_helper+0x98/0x2f0
[   28.603235]  mempool_kmalloc_oob_right+0xc4/0x120
[   28.603275]  kunit_try_run_case+0x170/0x3f0
[   28.603311]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   28.603355]  kthread+0x328/0x630
[   28.603386]  ret_from_fork+0x10/0x20
[   28.603433] 
[   28.603453] The buggy address belongs to the object at fff00000c5906c00
[   28.603453]  which belongs to the cache kmalloc-128 of size 128
[   28.603512] The buggy address is located 0 bytes to the right of
[   28.603512]  allocated 115-byte region [fff00000c5906c00, fff00000c5906c73)
[   28.603575] 
[   28.603597] The buggy address belongs to the physical page:
[   28.603633] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105906
[   28.603689] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   28.603742] page_type: f5(slab)
[   28.603783] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   28.603833] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   28.603899] page dumped because: kasan: bad access detected
[   28.603932] 
[   28.603950] Memory state around the buggy address:
[   28.603985]  fff00000c5906b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   28.604028]  fff00000c5906b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.604070] >fff00000c5906c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   28.604109]                                                              ^
[   28.604149]  fff00000c5906c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.604191]  fff00000c5906d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   28.604229] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2yzYOk343WUC6Wpt3myROi1ycEp

job_id

TEST:linaro@lkft#2yzYUHdREalZeVuTYEtZ0Vg4zyC

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2yzYUHdREalZeVuTYEtZ0Vg4zyC

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yzYQLBlrPZKRLNAwKs2gdkoA38/Image.gz
sha256sum	ecffa73d9c53e178bc58f77e3a2aaadac22dbb2340351d938f09d8930cf3c815

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yzYQLBlrPZKRLNAwKs2gdkoA38/modules.tar.xz
sha256sum	d909e31b2675c9cfa4c6c68cb67b8b55a898f72165169b4030348d19c0ca4f80

durations

tests

boot	0
kunit	168.59

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   23.276048] ==================================================================
[   23.276490] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   23.277139] Read of size 1 at addr ffff88810257ef73 by task kunit_try_catch/250
[   23.277480] 
[   23.277605] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) 
[   23.277660] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.277673] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   23.277696] Call Trace:
[   23.277710]  <TASK>
[   23.277732]  dump_stack_lvl+0x73/0xb0
[   23.277764]  print_report+0xd1/0x650
[   23.277785]  ? __virt_addr_valid+0x1db/0x2d0
[   23.277810]  ? mempool_oob_right_helper+0x318/0x380
[   23.277833]  ? kasan_complete_mode_report_info+0x2a/0x200
[   23.277858]  ? mempool_oob_right_helper+0x318/0x380
[   23.277900]  kasan_report+0x141/0x180
[   23.277920]  ? mempool_oob_right_helper+0x318/0x380
[   23.277957]  __asan_report_load1_noabort+0x18/0x20
[   23.277980]  mempool_oob_right_helper+0x318/0x380
[   23.278002]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   23.278032]  mempool_kmalloc_oob_right+0xf2/0x150
[   23.278053]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   23.278077]  ? __pfx_mempool_kmalloc+0x10/0x10
[   23.278102]  ? __pfx_mempool_kfree+0x10/0x10
[   23.278136]  ? __pfx_read_tsc+0x10/0x10
[   23.278158]  ? ktime_get_ts64+0x86/0x230
[   23.278183]  kunit_try_run_case+0x1a5/0x480
[   23.278210]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.278231]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   23.278253]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   23.278278]  ? __kthread_parkme+0x82/0x180
[   23.278300]  ? preempt_count_sub+0x50/0x80
[   23.278323]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.278345]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.278367]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   23.278390]  kthread+0x337/0x6f0
[   23.278409]  ? trace_preempt_on+0x20/0xc0
[   23.278432]  ? __pfx_kthread+0x10/0x10
[   23.278451]  ? _raw_spin_unlock_irq+0x47/0x80
[   23.278474]  ? calculate_sigpending+0x7b/0xa0
[   23.278498]  ? __pfx_kthread+0x10/0x10
[   23.278517]  ret_from_fork+0x116/0x1d0
[   23.278535]  ? __pfx_kthread+0x10/0x10
[   23.278554]  ret_from_fork_asm+0x1a/0x30
[   23.278584]  </TASK>
[   23.278596] 
[   23.287960] Allocated by task 250:
[   23.288287]  kasan_save_stack+0x45/0x70
[   23.288476]  kasan_save_track+0x18/0x40
[   23.288662]  kasan_save_alloc_info+0x3b/0x50
[   23.288971]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   23.289390]  remove_element+0x11e/0x190
[   23.289586]  mempool_alloc_preallocated+0x4d/0x90
[   23.289800]  mempool_oob_right_helper+0x8a/0x380
[   23.290022]  mempool_kmalloc_oob_right+0xf2/0x150
[   23.290461]  kunit_try_run_case+0x1a5/0x480
[   23.290627]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.290995]  kthread+0x337/0x6f0
[   23.291300]  ret_from_fork+0x116/0x1d0
[   23.291505]  ret_from_fork_asm+0x1a/0x30
[   23.291803] 
[   23.291901] The buggy address belongs to the object at ffff88810257ef00
[   23.291901]  which belongs to the cache kmalloc-128 of size 128
[   23.292648] The buggy address is located 0 bytes to the right of
[   23.292648]  allocated 115-byte region [ffff88810257ef00, ffff88810257ef73)
[   23.293336] 
[   23.293548] The buggy address belongs to the physical page:
[   23.293773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10257e
[   23.294182] flags: 0x200000000000000(node=0|zone=2)
[   23.294483] page_type: f5(slab)
[   23.294676] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   23.295103] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[   23.295432] page dumped because: kasan: bad access detected
[   23.295775] 
[   23.295964] Memory state around the buggy address:
[   23.296154]  ffff88810257ee00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   23.296601]  ffff88810257ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.296969] >ffff88810257ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   23.297429]                                                              ^
[   23.297788]  ffff88810257ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.298115]  ffff88810257f000: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc
[   23.298531] ==================================================================
[   23.329535] ==================================================================
[   23.330037] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   23.330468] Read of size 1 at addr ffff88810259a2bb by task kunit_try_catch/254
[   23.330770] 
[   23.330895] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) 
[   23.330956] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.330972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   23.330994] Call Trace:
[   23.331007]  <TASK>
[   23.331024]  dump_stack_lvl+0x73/0xb0
[   23.331102]  print_report+0xd1/0x650
[   23.331148]  ? __virt_addr_valid+0x1db/0x2d0
[   23.331173]  ? mempool_oob_right_helper+0x318/0x380
[   23.331194]  ? kasan_complete_mode_report_info+0x2a/0x200
[   23.331219]  ? mempool_oob_right_helper+0x318/0x380
[   23.331241]  kasan_report+0x141/0x180
[   23.331271]  ? mempool_oob_right_helper+0x318/0x380
[   23.331296]  __asan_report_load1_noabort+0x18/0x20
[   23.331319]  mempool_oob_right_helper+0x318/0x380
[   23.331353]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   23.331377]  ? __pfx_sched_clock_cpu+0x10/0x10
[   23.331399]  ? finish_task_switch.isra.0+0x153/0x700
[   23.331425]  mempool_slab_oob_right+0xed/0x140
[   23.331448]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   23.331473]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   23.331496]  ? __pfx_mempool_free_slab+0x10/0x10
[   23.331521]  ? __pfx_read_tsc+0x10/0x10
[   23.331542]  ? ktime_get_ts64+0x86/0x230
[   23.331566]  kunit_try_run_case+0x1a5/0x480
[   23.331592]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.331625]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   23.331645]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   23.331670]  ? __kthread_parkme+0x82/0x180
[   23.331700]  ? preempt_count_sub+0x50/0x80
[   23.331721]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.331745]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.331776]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   23.331799]  kthread+0x337/0x6f0
[   23.331818]  ? trace_preempt_on+0x20/0xc0
[   23.331851]  ? __pfx_kthread+0x10/0x10
[   23.331909]  ? _raw_spin_unlock_irq+0x47/0x80
[   23.331952]  ? calculate_sigpending+0x7b/0xa0
[   23.331976]  ? __pfx_kthread+0x10/0x10
[   23.331996]  ret_from_fork+0x116/0x1d0
[   23.332015]  ? __pfx_kthread+0x10/0x10
[   23.332034]  ret_from_fork_asm+0x1a/0x30
[   23.332063]  </TASK>
[   23.332075] 
[   23.343384] Allocated by task 254:
[   23.343557]  kasan_save_stack+0x45/0x70
[   23.343995]  kasan_save_track+0x18/0x40
[   23.344360]  kasan_save_alloc_info+0x3b/0x50
[   23.344565]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   23.344827]  remove_element+0x11e/0x190
[   23.345272]  mempool_alloc_preallocated+0x4d/0x90
[   23.345459]  mempool_oob_right_helper+0x8a/0x380
[   23.345781]  mempool_slab_oob_right+0xed/0x140
[   23.346195]  kunit_try_run_case+0x1a5/0x480
[   23.346359]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.346601]  kthread+0x337/0x6f0
[   23.346751]  ret_from_fork+0x116/0x1d0
[   23.346919]  ret_from_fork_asm+0x1a/0x30
[   23.347108] 
[   23.347560] The buggy address belongs to the object at ffff88810259a240
[   23.347560]  which belongs to the cache test_cache of size 123
[   23.348407] The buggy address is located 0 bytes to the right of
[   23.348407]  allocated 123-byte region [ffff88810259a240, ffff88810259a2bb)
[   23.349152] 
[   23.349245] The buggy address belongs to the physical page:
[   23.349671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10259a
[   23.350244] flags: 0x200000000000000(node=0|zone=2)
[   23.350584] page_type: f5(slab)
[   23.350717] raw: 0200000000000000 ffff888102598000 dead000000000122 0000000000000000
[   23.351275] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   23.351682] page dumped because: kasan: bad access detected
[   23.352064] 
[   23.352169] Memory state around the buggy address:
[   23.352380]  ffff88810259a180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   23.352857]  ffff88810259a200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   23.353283] >ffff88810259a280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   23.353670]                                         ^
[   23.353960]  ffff88810259a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.354451]  ffff88810259a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.354827] ==================================================================
[   23.301826] ==================================================================
[   23.302530] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   23.302966] Read of size 1 at addr ffff888103966001 by task kunit_try_catch/252
[   23.303733] 
[   23.303848] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250625 #1 PREEMPT(voluntary) 
[   23.304017] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.304040] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   23.304062] Call Trace:
[   23.304076]  <TASK>
[   23.304094]  dump_stack_lvl+0x73/0xb0
[   23.304124]  print_report+0xd1/0x650
[   23.304144]  ? __virt_addr_valid+0x1db/0x2d0
[   23.304170]  ? mempool_oob_right_helper+0x318/0x380
[   23.304191]  ? kasan_addr_to_slab+0x11/0xa0
[   23.304210]  ? mempool_oob_right_helper+0x318/0x380
[   23.304231]  kasan_report+0x141/0x180
[   23.304251]  ? mempool_oob_right_helper+0x318/0x380
[   23.304277]  __asan_report_load1_noabort+0x18/0x20
[   23.304299]  mempool_oob_right_helper+0x318/0x380
[   23.304321]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   23.304351]  ? __kasan_check_write+0x18/0x20
[   23.304373]  ? __pfx_sched_clock_cpu+0x10/0x10
[   23.304394]  ? finish_task_switch.isra.0+0x153/0x700
[   23.304420]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   23.304442]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   23.304468]  ? __pfx_mempool_kmalloc+0x10/0x10
[   23.304491]  ? __pfx_mempool_kfree+0x10/0x10
[   23.304513]  ? __pfx_read_tsc+0x10/0x10
[   23.304533]  ? ktime_get_ts64+0x86/0x230
[   23.304557]  kunit_try_run_case+0x1a5/0x480
[   23.304581]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.304602]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   23.304622]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   23.304646]  ? __kthread_parkme+0x82/0x180
[   23.304665]  ? preempt_count_sub+0x50/0x80
[   23.304686]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.304708]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.304732]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   23.304755]  kthread+0x337/0x6f0
[   23.304773]  ? trace_preempt_on+0x20/0xc0
[   23.304795]  ? __pfx_kthread+0x10/0x10
[   23.304816]  ? _raw_spin_unlock_irq+0x47/0x80
[   23.304837]  ? calculate_sigpending+0x7b/0xa0
[   23.304861]  ? __pfx_kthread+0x10/0x10
[   23.304881]  ret_from_fork+0x116/0x1d0
[   23.304899]  ? __pfx_kthread+0x10/0x10
[   23.304918]  ret_from_fork_asm+0x1a/0x30
[   23.304959]  </TASK>
[   23.304971] 
[   23.313295] The buggy address belongs to the physical page:
[   23.313858] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103964
[   23.314240] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   23.314900] flags: 0x200000000000040(head|node=0|zone=2)
[   23.315159] page_type: f8(unknown)
[   23.315392] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   23.315665] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   23.316648] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   23.317233] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   23.317639] head: 0200000000000002 ffffea00040e5901 00000000ffffffff 00000000ffffffff
[   23.317976] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   23.318307] page dumped because: kasan: bad access detected
[   23.318534] 
[   23.318604] Memory state around the buggy address:
[   23.318818]  ffff888103965f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.319235]  ffff888103965f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.319521] >ffff888103966000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.319961]                    ^
[   23.320105]  ffff888103966080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.320460]  ffff888103966100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.320774] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2yzYOk343WUC6Wpt3myROi1ycEp

job_id

TEST:linaro@lkft#2yzYVNT6IUjhjLdh7nstgLFd505

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2yzYVNT6IUjhjLdh7nstgLFd505

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yzYRjK4yPgWCSPteds1wuyRjxm/bzImage
sha256sum	a36e634a4a78f2929b45bc04de080bad523a4659b57f144ae08b96bb49e6195c

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yzYRjK4yPgWCSPteds1wuyRjxm/modules.tar.xz
sha256sum	20f0a98822a7ed9176a2a3211e41859c1b0cc5afa6ae6640cdcd27770eeb51ec

durations

tests

boot	0
kunit	118.62

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit