lkft/linux-next-master - next-20250711 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right

Date

July 11, 2025, 10:11 a.m.

Environment
e850-96
qemu-arm64
qemu-x86_64

[   35.927442] ==================================================================
[   35.933889] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660
[   35.940828] Write of size 1 at addr ffff00080193a973 by task kunit_try_catch/220
[   35.948204] 
[   35.949692] CPU: 2 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G                 N  6.16.0-rc5-next-20250711 #1 PREEMPT 
[   35.949746] Tainted: [N]=TEST
[   35.949760] Hardware name: WinLink E850-96 board (DT)
[   35.949783] Call trace:
[   35.949796]  show_stack+0x20/0x38 (C)
[   35.949830]  dump_stack_lvl+0x8c/0xd0
[   35.949861]  print_report+0x118/0x5d0
[   35.949890]  kasan_report+0xdc/0x128
[   35.949918]  __asan_report_store1_noabort+0x20/0x30
[   35.949953]  kmalloc_oob_right+0x5a4/0x660
[   35.949987]  kunit_try_run_case+0x170/0x3f0
[   35.950024]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   35.950057]  kthread+0x328/0x630
[   35.950087]  ret_from_fork+0x10/0x20
[   35.950123] 
[   36.012527] Allocated by task 220:
[   36.015915]  kasan_save_stack+0x3c/0x68
[   36.019731]  kasan_save_track+0x20/0x40
[   36.023550]  kasan_save_alloc_info+0x40/0x58
[   36.027804]  __kasan_kmalloc+0xd4/0xd8
[   36.031537]  __kmalloc_cache_noprof+0x16c/0x3c0
[   36.036050]  kmalloc_oob_right+0xb0/0x660
[   36.040043]  kunit_try_run_case+0x170/0x3f0
[   36.044210]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.049678]  kthread+0x328/0x630
[   36.052890]  ret_from_fork+0x10/0x20
[   36.056449] 
[   36.057926] The buggy address belongs to the object at ffff00080193a900
[   36.057926]  which belongs to the cache kmalloc-128 of size 128
[   36.070427] The buggy address is located 0 bytes to the right of
[   36.070427]  allocated 115-byte region [ffff00080193a900, ffff00080193a973)
[   36.083358] 
[   36.084836] The buggy address belongs to the physical page:
[   36.090394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x88193a
[   36.098379] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   36.106016] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   36.112960] page_type: f5(slab)
[   36.116097] raw: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000
[   36.123815] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   36.131544] head: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000
[   36.139353] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   36.147167] head: 0bfffe0000000001 fffffdffe0064e81 00000000ffffffff 00000000ffffffff
[   36.154978] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   36.162784] page dumped because: kasan: bad access detected
[   36.168340] 
[   36.169815] Memory state around the buggy address:
[   36.174595]  ffff00080193a800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   36.181798]  ffff00080193a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.189005] >ffff00080193a900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   36.196204]                                                              ^
[   36.203065]  ffff00080193a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.210271]  ffff00080193aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.217471] ==================================================================
[   36.529555] ==================================================================
[   36.536656] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660
[   36.543594] Read of size 1 at addr ffff00080193a980 by task kunit_try_catch/220
[   36.550886] 
[   36.552370] CPU: 2 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250711 #1 PREEMPT 
[   36.552423] Tainted: [B]=BAD_PAGE, [N]=TEST
[   36.552439] Hardware name: WinLink E850-96 board (DT)
[   36.552458] Call trace:
[   36.552468]  show_stack+0x20/0x38 (C)
[   36.552502]  dump_stack_lvl+0x8c/0xd0
[   36.552534]  print_report+0x118/0x5d0
[   36.552563]  kasan_report+0xdc/0x128
[   36.552589]  __asan_report_load1_noabort+0x20/0x30
[   36.552621]  kmalloc_oob_right+0x5d0/0x660
[   36.552652]  kunit_try_run_case+0x170/0x3f0
[   36.552687]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.552718]  kthread+0x328/0x630
[   36.552746]  ret_from_fork+0x10/0x20
[   36.552779] 
[   36.616336] Allocated by task 220:
[   36.619723]  kasan_save_stack+0x3c/0x68
[   36.623541]  kasan_save_track+0x20/0x40
[   36.627361]  kasan_save_alloc_info+0x40/0x58
[   36.631614]  __kasan_kmalloc+0xd4/0xd8
[   36.635347]  __kmalloc_cache_noprof+0x16c/0x3c0
[   36.639860]  kmalloc_oob_right+0xb0/0x660
[   36.643853]  kunit_try_run_case+0x170/0x3f0
[   36.648020]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.653490]  kthread+0x328/0x630
[   36.656700]  ret_from_fork+0x10/0x20
[   36.660260] 
[   36.661736] The buggy address belongs to the object at ffff00080193a900
[   36.661736]  which belongs to the cache kmalloc-128 of size 128
[   36.674235] The buggy address is located 13 bytes to the right of
[   36.674235]  allocated 115-byte region [ffff00080193a900, ffff00080193a973)
[   36.687256] 
[   36.688734] The buggy address belongs to the physical page:
[   36.694291] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x88193a
[   36.702273] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   36.709914] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   36.716857] page_type: f5(slab)
[   36.719990] raw: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000
[   36.727713] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   36.735440] head: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000
[   36.743251] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   36.751064] head: 0bfffe0000000001 fffffdffe0064e81 00000000ffffffff 00000000ffffffff
[   36.758876] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   36.766681] page dumped because: kasan: bad access detected
[   36.772236] 
[   36.773712] Memory state around the buggy address:
[   36.778490]  ffff00080193a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.785695]  ffff00080193a900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   36.792901] >ffff00080193a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.800101]                    ^
[   36.803318]  ffff00080193aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.810521]  ffff00080193aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.817722] ==================================================================
[   36.230044] ==================================================================
[   36.237179] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660
[   36.244120] Write of size 1 at addr ffff00080193a978 by task kunit_try_catch/220
[   36.251498] 
[   36.252983] CPU: 2 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250711 #1 PREEMPT 
[   36.253037] Tainted: [B]=BAD_PAGE, [N]=TEST
[   36.253052] Hardware name: WinLink E850-96 board (DT)
[   36.253073] Call trace:
[   36.253086]  show_stack+0x20/0x38 (C)
[   36.253118]  dump_stack_lvl+0x8c/0xd0
[   36.253149]  print_report+0x118/0x5d0
[   36.253176]  kasan_report+0xdc/0x128
[   36.253202]  __asan_report_store1_noabort+0x20/0x30
[   36.253235]  kmalloc_oob_right+0x538/0x660
[   36.253263]  kunit_try_run_case+0x170/0x3f0
[   36.253299]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.253331]  kthread+0x328/0x630
[   36.253360]  ret_from_fork+0x10/0x20
[   36.253396] 
[   36.317035] Allocated by task 220:
[   36.320422]  kasan_save_stack+0x3c/0x68
[   36.324240]  kasan_save_track+0x20/0x40
[   36.328059]  kasan_save_alloc_info+0x40/0x58
[   36.332313]  __kasan_kmalloc+0xd4/0xd8
[   36.336045]  __kmalloc_cache_noprof+0x16c/0x3c0
[   36.340559]  kmalloc_oob_right+0xb0/0x660
[   36.344553]  kunit_try_run_case+0x170/0x3f0
[   36.348719]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.354187]  kthread+0x328/0x630
[   36.357399]  ret_from_fork+0x10/0x20
[   36.360958] 
[   36.362435] The buggy address belongs to the object at ffff00080193a900
[   36.362435]  which belongs to the cache kmalloc-128 of size 128
[   36.374935] The buggy address is located 5 bytes to the right of
[   36.374935]  allocated 115-byte region [ffff00080193a900, ffff00080193a973)
[   36.387869] 
[   36.389347] The buggy address belongs to the physical page:
[   36.394902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x88193a
[   36.402887] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   36.410525] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   36.417471] page_type: f5(slab)
[   36.420604] raw: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000
[   36.428325] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   36.436051] head: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000
[   36.443863] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   36.451676] head: 0bfffe0000000001 fffffdffe0064e81 00000000ffffffff 00000000ffffffff
[   36.459488] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   36.467293] page dumped because: kasan: bad access detected
[   36.472849] 
[   36.474325] Memory state around the buggy address:
[   36.479104]  ffff00080193a800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   36.486307]  ffff00080193a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.493515] >ffff00080193a900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   36.500713]                                                                 ^
[   36.507835]  ffff00080193a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.515041]  ffff00080193aa00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.522241] ==================================================================

Metadata Full log Test run details

[   30.047575] ==================================================================
[   30.047918] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660
[   30.048739] Write of size 1 at addr fff00000c91b3373 by task kunit_try_catch/167
[   30.048906] 
[   30.050334] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G                 N  6.16.0-rc5-next-20250711 #1 PREEMPT 
[   30.050506] Tainted: [N]=TEST
[   30.050539] Hardware name: linux,dummy-virt (DT)
[   30.050758] Call trace:
[   30.051618]  show_stack+0x20/0x38 (C)
[   30.051863]  dump_stack_lvl+0x8c/0xd0
[   30.051918]  print_report+0x118/0x5d0
[   30.051962]  kasan_report+0xdc/0x128
[   30.052005]  __asan_report_store1_noabort+0x20/0x30
[   30.052052]  kmalloc_oob_right+0x5a4/0x660
[   30.052098]  kunit_try_run_case+0x170/0x3f0
[   30.052150]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   30.052199]  kthread+0x328/0x630
[   30.052242]  ret_from_fork+0x10/0x20
[   30.052526] 
[   30.052657] Allocated by task 167:
[   30.052957]  kasan_save_stack+0x3c/0x68
[   30.053541]  kasan_save_track+0x20/0x40
[   30.053637]  kasan_save_alloc_info+0x40/0x58
[   30.053865]  __kasan_kmalloc+0xd4/0xd8
[   30.053902]  __kmalloc_cache_noprof+0x16c/0x3c0
[   30.053944]  kmalloc_oob_right+0xb0/0x660
[   30.053980]  kunit_try_run_case+0x170/0x3f0
[   30.054018]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   30.054057]  kthread+0x328/0x630
[   30.054090]  ret_from_fork+0x10/0x20
[   30.054470] 
[   30.054694] The buggy address belongs to the object at fff00000c91b3300
[   30.054694]  which belongs to the cache kmalloc-128 of size 128
[   30.054852] The buggy address is located 0 bytes to the right of
[   30.054852]  allocated 115-byte region [fff00000c91b3300, fff00000c91b3373)
[   30.054956] 
[   30.055297] The buggy address belongs to the physical page:
[   30.055606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1091b3
[   30.055942] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   30.056315] page_type: f5(slab)
[   30.056622] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   30.056682] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   30.056785] page dumped because: kasan: bad access detected
[   30.056824] 
[   30.056850] Memory state around the buggy address:
[   30.057073]  fff00000c91b3200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   30.057138]  fff00000c91b3280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.057189] >fff00000c91b3300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   30.057240]                                                              ^
[   30.057319]  fff00000c91b3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.057468]  fff00000c91b3400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.057546] ==================================================================
[   30.058713] ==================================================================
[   30.058773] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660
[   30.058826] Write of size 1 at addr fff00000c91b3378 by task kunit_try_catch/167
[   30.058913] 
[   30.058963] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250711 #1 PREEMPT 
[   30.059070] Tainted: [B]=BAD_PAGE, [N]=TEST
[   30.059107] Hardware name: linux,dummy-virt (DT)
[   30.059156] Call trace:
[   30.059196]  show_stack+0x20/0x38 (C)
[   30.059255]  dump_stack_lvl+0x8c/0xd0
[   30.059340]  print_report+0x118/0x5d0
[   30.059406]  kasan_report+0xdc/0x128
[   30.059487]  __asan_report_store1_noabort+0x20/0x30
[   30.059553]  kmalloc_oob_right+0x538/0x660
[   30.059620]  kunit_try_run_case+0x170/0x3f0
[   30.059668]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   30.059735]  kthread+0x328/0x630
[   30.059779]  ret_from_fork+0x10/0x20
[   30.059846] 
[   30.059874] Allocated by task 167:
[   30.059902]  kasan_save_stack+0x3c/0x68
[   30.059957]  kasan_save_track+0x20/0x40
[   30.059995]  kasan_save_alloc_info+0x40/0x58
[   30.060030]  __kasan_kmalloc+0xd4/0xd8
[   30.060153]  __kmalloc_cache_noprof+0x16c/0x3c0
[   30.060203]  kmalloc_oob_right+0xb0/0x660
[   30.060272]  kunit_try_run_case+0x170/0x3f0
[   30.060395]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   30.060461]  kthread+0x328/0x630
[   30.060495]  ret_from_fork+0x10/0x20
[   30.060590] 
[   30.060651] The buggy address belongs to the object at fff00000c91b3300
[   30.060651]  which belongs to the cache kmalloc-128 of size 128
[   30.060711] The buggy address is located 5 bytes to the right of
[   30.060711]  allocated 115-byte region [fff00000c91b3300, fff00000c91b3373)
[   30.061016] 
[   30.061062] The buggy address belongs to the physical page:
[   30.061103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1091b3
[   30.061201] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   30.061254] page_type: f5(slab)
[   30.061294] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   30.061413] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   30.061458] page dumped because: kasan: bad access detected
[   30.061489] 
[   30.061536] Memory state around the buggy address:
[   30.061843]  fff00000c91b3200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   30.061918]  fff00000c91b3280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.062063] >fff00000c91b3300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   30.062102]                                                                 ^
[   30.062142]  fff00000c91b3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.062182]  fff00000c91b3400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.062226] ==================================================================
[   30.062777] ==================================================================
[   30.062825] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660
[   30.062903] Read of size 1 at addr fff00000c91b3380 by task kunit_try_catch/167
[   30.062969] 
[   30.063007] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250711 #1 PREEMPT 
[   30.063115] Tainted: [B]=BAD_PAGE, [N]=TEST
[   30.063142] Hardware name: linux,dummy-virt (DT)
[   30.063179] Call trace:
[   30.063218]  show_stack+0x20/0x38 (C)
[   30.063284]  dump_stack_lvl+0x8c/0xd0
[   30.063344]  print_report+0x118/0x5d0
[   30.063387]  kasan_report+0xdc/0x128
[   30.063648]  __asan_report_load1_noabort+0x20/0x30
[   30.063719]  kmalloc_oob_right+0x5d0/0x660
[   30.063775]  kunit_try_run_case+0x170/0x3f0
[   30.063841]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   30.063910]  kthread+0x328/0x630
[   30.063958]  ret_from_fork+0x10/0x20
[   30.064035] 
[   30.064094] Allocated by task 167:
[   30.064141]  kasan_save_stack+0x3c/0x68
[   30.064200]  kasan_save_track+0x20/0x40
[   30.064239]  kasan_save_alloc_info+0x40/0x58
[   30.064277]  __kasan_kmalloc+0xd4/0xd8
[   30.064425]  __kmalloc_cache_noprof+0x16c/0x3c0
[   30.064466]  kmalloc_oob_right+0xb0/0x660
[   30.064546]  kunit_try_run_case+0x170/0x3f0
[   30.064594]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   30.064717]  kthread+0x328/0x630
[   30.064779]  ret_from_fork+0x10/0x20
[   30.064815] 
[   30.064833] The buggy address belongs to the object at fff00000c91b3300
[   30.064833]  which belongs to the cache kmalloc-128 of size 128
[   30.064920] The buggy address is located 13 bytes to the right of
[   30.064920]  allocated 115-byte region [fff00000c91b3300, fff00000c91b3373)
[   30.064993] 
[   30.065032] The buggy address belongs to the physical page:
[   30.065061] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1091b3
[   30.065113] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   30.065280] page_type: f5(slab)
[   30.065319] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   30.065440] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   30.065629] page dumped because: kasan: bad access detected
[   30.065744] 
[   30.065795] Memory state around the buggy address:
[   30.065884]  fff00000c91b3280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.065936]  fff00000c91b3300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   30.065977] >fff00000c91b3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.066012]                    ^
[   30.066055]  fff00000c91b3400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.066094]  fff00000c91b3480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.066131] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zizK5DpLdiSo5JTRmUPvSCnGxG

job_id

TEST:linaro@lkft#2zizOeD8Jm6gvF6WEX3HpY0Yiv3

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zizOeD8Jm6gvF6WEX3HpY0Yiv3

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zizLHXy0YY4Eb3Uvf7RBZBjPJe/Image.gz
sha256sum	37d9d8f3bf88d1e931fe46cf36571593b5a433a5d7333af6ff92cab414d2ee0c

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zizLHXy0YY4Eb3Uvf7RBZBjPJe/modules.tar.xz
sha256sum	f716ec16fb4ddf54116cb1eb73ee916ed3bd359ff95e4d969af9a161c3cb0a9f

durations

tests

boot	0
kunit	172.65

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   23.008438] ==================================================================
[   23.009187] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0
[   23.009948] Write of size 1 at addr ffff888105a7ad78 by task kunit_try_catch/186
[   23.010882] 
[   23.011091] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250711 #1 PREEMPT(voluntary) 
[   23.011210] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.011230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   23.011253] Call Trace:
[   23.011267]  <TASK>
[   23.011283]  dump_stack_lvl+0x73/0xb0
[   23.011315]  print_report+0xd1/0x610
[   23.011337]  ? __virt_addr_valid+0x1db/0x2d0
[   23.011360]  ? kmalloc_oob_right+0x6bd/0x7f0
[   23.011382]  ? kasan_complete_mode_report_info+0x2a/0x200
[   23.011667]  ? kmalloc_oob_right+0x6bd/0x7f0
[   23.011690]  kasan_report+0x141/0x180
[   23.011711]  ? kmalloc_oob_right+0x6bd/0x7f0
[   23.011748]  __asan_report_store1_noabort+0x1b/0x30
[   23.011771]  kmalloc_oob_right+0x6bd/0x7f0
[   23.011792]  ? __pfx_kmalloc_oob_right+0x10/0x10
[   23.011814]  ? __schedule+0x10cc/0x2b60
[   23.011837]  ? __pfx_read_tsc+0x10/0x10
[   23.011858]  ? ktime_get_ts64+0x86/0x230
[   23.011883]  kunit_try_run_case+0x1a5/0x480
[   23.011904]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.011924]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   23.011947]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   23.011969]  ? __kthread_parkme+0x82/0x180
[   23.011989]  ? preempt_count_sub+0x50/0x80
[   23.012012]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.012033]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.012057]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   23.012082]  kthread+0x337/0x6f0
[   23.012101]  ? trace_preempt_on+0x20/0xc0
[   23.012125]  ? __pfx_kthread+0x10/0x10
[   23.012145]  ? _raw_spin_unlock_irq+0x47/0x80
[   23.012165]  ? calculate_sigpending+0x7b/0xa0
[   23.012189]  ? __pfx_kthread+0x10/0x10
[   23.012210]  ret_from_fork+0x116/0x1d0
[   23.012228]  ? __pfx_kthread+0x10/0x10
[   23.012248]  ret_from_fork_asm+0x1a/0x30
[   23.012286]  </TASK>
[   23.012297] 
[   23.026116] Allocated by task 186:
[   23.026243]  kasan_save_stack+0x45/0x70
[   23.026377]  kasan_save_track+0x18/0x40
[   23.026798]  kasan_save_alloc_info+0x3b/0x50
[   23.027236]  __kasan_kmalloc+0xb7/0xc0
[   23.027678]  __kmalloc_cache_noprof+0x189/0x420
[   23.028201]  kmalloc_oob_right+0xa9/0x7f0
[   23.028602]  kunit_try_run_case+0x1a5/0x480
[   23.028998]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.029424]  kthread+0x337/0x6f0
[   23.029581]  ret_from_fork+0x116/0x1d0
[   23.029967]  ret_from_fork_asm+0x1a/0x30
[   23.030418] 
[   23.030524] The buggy address belongs to the object at ffff888105a7ad00
[   23.030524]  which belongs to the cache kmalloc-128 of size 128
[   23.031573] The buggy address is located 5 bytes to the right of
[   23.031573]  allocated 115-byte region [ffff888105a7ad00, ffff888105a7ad73)
[   23.032376] 
[   23.032552] The buggy address belongs to the physical page:
[   23.033235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a7a
[   23.033834] flags: 0x200000000000000(node=0|zone=2)
[   23.033989] page_type: f5(slab)
[   23.034245] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   23.035018] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   23.035820] page dumped because: kasan: bad access detected
[   23.036185] 
[   23.036249] Memory state around the buggy address:
[   23.036410]  ffff888105a7ac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   23.037213]  ffff888105a7ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.037712] >ffff888105a7ad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   23.037928]                                                                 ^
[   23.038125]  ffff888105a7ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.038322]  ffff888105a7ae00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.038908] ==================================================================
[   23.039931] ==================================================================
[   23.040387] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0
[   23.041285] Read of size 1 at addr ffff888105a7ad80 by task kunit_try_catch/186
[   23.041600] 
[   23.041817] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250711 #1 PREEMPT(voluntary) 
[   23.041870] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.041893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   23.041914] Call Trace:
[   23.041933]  <TASK>
[   23.041950]  dump_stack_lvl+0x73/0xb0
[   23.041978]  print_report+0xd1/0x610
[   23.042037]  ? __virt_addr_valid+0x1db/0x2d0
[   23.042084]  ? kmalloc_oob_right+0x68a/0x7f0
[   23.042104]  ? kasan_complete_mode_report_info+0x2a/0x200
[   23.042130]  ? kmalloc_oob_right+0x68a/0x7f0
[   23.042151]  kasan_report+0x141/0x180
[   23.042172]  ? kmalloc_oob_right+0x68a/0x7f0
[   23.042196]  __asan_report_load1_noabort+0x18/0x20
[   23.042219]  kmalloc_oob_right+0x68a/0x7f0
[   23.042240]  ? __pfx_kmalloc_oob_right+0x10/0x10
[   23.042261]  ? __schedule+0x10cc/0x2b60
[   23.042312]  ? __pfx_read_tsc+0x10/0x10
[   23.042334]  ? ktime_get_ts64+0x86/0x230
[   23.042359]  kunit_try_run_case+0x1a5/0x480
[   23.042381]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.042400]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   23.042422]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   23.042445]  ? __kthread_parkme+0x82/0x180
[   23.042465]  ? preempt_count_sub+0x50/0x80
[   23.042488]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.042509]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.042534]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   23.042558]  kthread+0x337/0x6f0
[   23.042577]  ? trace_preempt_on+0x20/0xc0
[   23.042603]  ? __pfx_kthread+0x10/0x10
[   23.042623]  ? _raw_spin_unlock_irq+0x47/0x80
[   23.042644]  ? calculate_sigpending+0x7b/0xa0
[   23.042667]  ? __pfx_kthread+0x10/0x10
[   23.042688]  ret_from_fork+0x116/0x1d0
[   23.042707]  ? __pfx_kthread+0x10/0x10
[   23.042727]  ret_from_fork_asm+0x1a/0x30
[   23.042768]  </TASK>
[   23.042779] 
[   23.055247] Allocated by task 186:
[   23.055368]  kasan_save_stack+0x45/0x70
[   23.055554]  kasan_save_track+0x18/0x40
[   23.055675]  kasan_save_alloc_info+0x3b/0x50
[   23.056112]  __kasan_kmalloc+0xb7/0xc0
[   23.056577]  __kmalloc_cache_noprof+0x189/0x420
[   23.057138]  kmalloc_oob_right+0xa9/0x7f0
[   23.057414]  kunit_try_run_case+0x1a5/0x480
[   23.057563]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.058095]  kthread+0x337/0x6f0
[   23.058547]  ret_from_fork+0x116/0x1d0
[   23.058695]  ret_from_fork_asm+0x1a/0x30
[   23.058840] 
[   23.058904] The buggy address belongs to the object at ffff888105a7ad00
[   23.058904]  which belongs to the cache kmalloc-128 of size 128
[   23.059236] The buggy address is located 13 bytes to the right of
[   23.059236]  allocated 115-byte region [ffff888105a7ad00, ffff888105a7ad73)
[   23.059582] 
[   23.059644] The buggy address belongs to the physical page:
[   23.059814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a7a
[   23.060037] flags: 0x200000000000000(node=0|zone=2)
[   23.060187] page_type: f5(slab)
[   23.060297] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   23.060515] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   23.060722] page dumped because: kasan: bad access detected
[   23.061932] 
[   23.062094] Memory state around the buggy address:
[   23.062959]  ffff888105a7ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.063285]  ffff888105a7ad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   23.064095] >ffff888105a7ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.065696]                    ^
[   23.066194]  ffff888105a7ae00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.067041]  ffff888105a7ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.067902] ==================================================================
[   22.971845] ==================================================================
[   22.972629] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0
[   22.973307] Write of size 1 at addr ffff888105a7ad73 by task kunit_try_catch/186
[   22.973696] 
[   22.974679] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G                 N  6.16.0-rc5-next-20250711 #1 PREEMPT(voluntary) 
[   22.975045] Tainted: [N]=TEST
[   22.975076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   22.975304] Call Trace:
[   22.975371]  <TASK>
[   22.975513]  dump_stack_lvl+0x73/0xb0
[   22.975604]  print_report+0xd1/0x610
[   22.975633]  ? __virt_addr_valid+0x1db/0x2d0
[   22.975659]  ? kmalloc_oob_right+0x6f0/0x7f0
[   22.975681]  ? kasan_complete_mode_report_info+0x2a/0x200
[   22.975706]  ? kmalloc_oob_right+0x6f0/0x7f0
[   22.975727]  kasan_report+0x141/0x180
[   22.975761]  ? kmalloc_oob_right+0x6f0/0x7f0
[   22.975786]  __asan_report_store1_noabort+0x1b/0x30
[   22.975809]  kmalloc_oob_right+0x6f0/0x7f0
[   22.975830]  ? __pfx_kmalloc_oob_right+0x10/0x10
[   22.975852]  ? __schedule+0x10cc/0x2b60
[   22.975876]  ? __pfx_read_tsc+0x10/0x10
[   22.975898]  ? ktime_get_ts64+0x86/0x230
[   22.975924]  kunit_try_run_case+0x1a5/0x480
[   22.975949]  ? __pfx_kunit_try_run_case+0x10/0x10
[   22.975968]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   22.975991]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   22.976014]  ? __kthread_parkme+0x82/0x180
[   22.976035]  ? preempt_count_sub+0x50/0x80
[   22.976059]  ? __pfx_kunit_try_run_case+0x10/0x10
[   22.976080]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   22.976105]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   22.976129]  kthread+0x337/0x6f0
[   22.976149]  ? trace_preempt_on+0x20/0xc0
[   22.976174]  ? __pfx_kthread+0x10/0x10
[   22.976195]  ? _raw_spin_unlock_irq+0x47/0x80
[   22.976216]  ? calculate_sigpending+0x7b/0xa0
[   22.976240]  ? __pfx_kthread+0x10/0x10
[   22.976262]  ret_from_fork+0x116/0x1d0
[   22.976295]  ? __pfx_kthread+0x10/0x10
[   22.976319]  ret_from_fork_asm+0x1a/0x30
[   22.976374]  </TASK>
[   22.976439] 
[   22.992617] Allocated by task 186:
[   22.993220]  kasan_save_stack+0x45/0x70
[   22.993724]  kasan_save_track+0x18/0x40
[   22.993934]  kasan_save_alloc_info+0x3b/0x50
[   22.994086]  __kasan_kmalloc+0xb7/0xc0
[   22.994215]  __kmalloc_cache_noprof+0x189/0x420
[   22.994377]  kmalloc_oob_right+0xa9/0x7f0
[   22.994512]  kunit_try_run_case+0x1a5/0x480
[   22.994653]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   22.994834]  kthread+0x337/0x6f0
[   22.994955]  ret_from_fork+0x116/0x1d0
[   22.995083]  ret_from_fork_asm+0x1a/0x30
[   22.995269] 
[   22.995418] The buggy address belongs to the object at ffff888105a7ad00
[   22.995418]  which belongs to the cache kmalloc-128 of size 128
[   22.996581] The buggy address is located 0 bytes to the right of
[   22.996581]  allocated 115-byte region [ffff888105a7ad00, ffff888105a7ad73)
[   22.997224] 
[   22.997602] The buggy address belongs to the physical page:
[   22.998103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a7a
[   22.999178] flags: 0x200000000000000(node=0|zone=2)
[   22.999852] page_type: f5(slab)
[   23.000289] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   23.001199] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   23.002068] page dumped because: kasan: bad access detected
[   23.002668] 
[   23.002863] Memory state around the buggy address:
[   23.003681]  ffff888105a7ac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   23.004356]  ffff888105a7ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.004878] >ffff888105a7ad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   23.005229]                                                              ^
[   23.006004]  ffff888105a7ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.006674]  ffff888105a7ae00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.006997] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zizK5DpLdiSo5JTRmUPvSCnGxG

job_id

TEST:linaro@lkft#2zizPosnQ5rY23goGLqjSSGUMDT

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zizPosnQ5rY23goGLqjSSGUMDT

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zizMF2TFo5wqp9ExxxKcu7DMgd/bzImage
sha256sum	0b86f8183e71d185ecf48e91daf338a38748221ed84c99d5fcc0aff2fb4fe4d2

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zizMF2TFo5wqp9ExxxKcu7DMgd/modules.tar.xz
sha256sum	1cecf8a22d53cbe6f1135ddb095fc53e6fe8ebbda902547c47910320c1d5aa61

durations

tests

boot	0
kunit	220.78

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - e850-96 - gcc-13-lkftconfig-kunit

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit