lkft/linux-next-master - next-20250724 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

July 24, 2025, 4:41 a.m.

Environment
qemu-arm64
qemu-x86_64

[   34.454730] ==================================================================
[   34.454942] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   34.455026] Read of size 1 at addr fff00000c9b6d2bb by task kunit_try_catch/256
[   34.455077] 
[   34.455117] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7-next-20250724 #1 PREEMPT 
[   34.455209] Tainted: [B]=BAD_PAGE, [N]=TEST
[   34.455236] Hardware name: linux,dummy-virt (DT)
[   34.455270] Call trace:
[   34.455296]  show_stack+0x20/0x38 (C)
[   34.455346]  dump_stack_lvl+0x8c/0xd0
[   34.455394]  print_report+0x118/0x5e8
[   34.455437]  kasan_report+0xdc/0x128
[   34.455480]  __asan_report_load1_noabort+0x20/0x30
[   34.455527]  mempool_oob_right_helper+0x2ac/0x2f0
[   34.455631]  mempool_slab_oob_right+0xc0/0x118
[   34.455825]  kunit_try_run_case+0x170/0x3f0
[   34.455975]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   34.456162]  kthread+0x328/0x630
[   34.456220]  ret_from_fork+0x10/0x20
[   34.456321] 
[   34.456354] Allocated by task 256:
[   34.456448]  kasan_save_stack+0x3c/0x68
[   34.456534]  kasan_save_track+0x20/0x40
[   34.456569]  kasan_save_alloc_info+0x40/0x58
[   34.457031]  __kasan_mempool_unpoison_object+0xbc/0x180
[   34.457206]  remove_element+0x16c/0x1f8
[   34.457493]  mempool_alloc_preallocated+0x58/0xc0
[   34.457725]  mempool_oob_right_helper+0x98/0x2f0
[   34.458105]  mempool_slab_oob_right+0xc0/0x118
[   34.458324]  kunit_try_run_case+0x170/0x3f0
[   34.458626]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   34.458899]  kthread+0x328/0x630
[   34.459051]  ret_from_fork+0x10/0x20
[   34.459093] 
[   34.459116] The buggy address belongs to the object at fff00000c9b6d240
[   34.459116]  which belongs to the cache test_cache of size 123
[   34.459178] The buggy address is located 0 bytes to the right of
[   34.459178]  allocated 123-byte region [fff00000c9b6d240, fff00000c9b6d2bb)
[   34.459243] 
[   34.459266] The buggy address belongs to the physical page:
[   34.459826] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b6d
[   34.459912] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   34.459976] page_type: f5(slab)
[   34.460044] raw: 0bfffe0000000000 fff00000c58d7a00 dead000000000122 0000000000000000
[   34.460098] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   34.460180] page dumped because: kasan: bad access detected
[   34.460243] 
[   34.460262] Memory state around the buggy address:
[   34.460385]  fff00000c9b6d180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   34.460443]  fff00000c9b6d200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   34.460557] >fff00000c9b6d280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   34.460601]                                         ^
[   34.460637]  fff00000c9b6d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   34.460679]  fff00000c9b6d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   34.460719] ==================================================================
[   34.417562] ==================================================================
[   34.417641] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   34.417716] Read of size 1 at addr fff00000c9a8b973 by task kunit_try_catch/252
[   34.417780] 
[   34.417824] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7-next-20250724 #1 PREEMPT 
[   34.417913] Tainted: [B]=BAD_PAGE, [N]=TEST
[   34.417942] Hardware name: linux,dummy-virt (DT)
[   34.417974] Call trace:
[   34.418002]  show_stack+0x20/0x38 (C)
[   34.418055]  dump_stack_lvl+0x8c/0xd0
[   34.418103]  print_report+0x118/0x5e8
[   34.418152]  kasan_report+0xdc/0x128
[   34.418193]  __asan_report_load1_noabort+0x20/0x30
[   34.418242]  mempool_oob_right_helper+0x2ac/0x2f0
[   34.418291]  mempool_kmalloc_oob_right+0xc4/0x120
[   34.418340]  kunit_try_run_case+0x170/0x3f0
[   34.418388]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   34.418441]  kthread+0x328/0x630
[   34.418484]  ret_from_fork+0x10/0x20
[   34.418535] 
[   34.418553] Allocated by task 252:
[   34.418583]  kasan_save_stack+0x3c/0x68
[   34.418620]  kasan_save_track+0x20/0x40
[   34.418656]  kasan_save_alloc_info+0x40/0x58
[   34.418692]  __kasan_mempool_unpoison_object+0x11c/0x180
[   34.418733]  remove_element+0x130/0x1f8
[   34.418782]  mempool_alloc_preallocated+0x58/0xc0
[   34.418822]  mempool_oob_right_helper+0x98/0x2f0
[   34.418863]  mempool_kmalloc_oob_right+0xc4/0x120
[   34.418907]  kunit_try_run_case+0x170/0x3f0
[   34.418943]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   34.419001]  kthread+0x328/0x630
[   34.419033]  ret_from_fork+0x10/0x20
[   34.419085] 
[   34.419112] The buggy address belongs to the object at fff00000c9a8b900
[   34.419112]  which belongs to the cache kmalloc-128 of size 128
[   34.419173] The buggy address is located 0 bytes to the right of
[   34.419173]  allocated 115-byte region [fff00000c9a8b900, fff00000c9a8b973)
[   34.419238] 
[   34.419258] The buggy address belongs to the physical page:
[   34.419300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a8b
[   34.419358] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   34.419411] page_type: f5(slab)
[   34.419455] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   34.419506] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   34.419548] page dumped because: kasan: bad access detected
[   34.419580] 
[   34.419598] Memory state around the buggy address:
[   34.419632]  fff00000c9a8b800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   34.419678]  fff00000c9a8b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   34.419721] >fff00000c9a8b900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   34.419773]                                                              ^
[   34.419814]  fff00000c9a8b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   34.419856]  fff00000c9a8ba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   34.419895] ==================================================================
[   34.431697] ==================================================================
[   34.431787] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   34.431855] Read of size 1 at addr fff00000c9b72001 by task kunit_try_catch/254
[   34.431905] 
[   34.431944] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7-next-20250724 #1 PREEMPT 
[   34.432035] Tainted: [B]=BAD_PAGE, [N]=TEST
[   34.432063] Hardware name: linux,dummy-virt (DT)
[   34.432096] Call trace:
[   34.432121]  show_stack+0x20/0x38 (C)
[   34.432171]  dump_stack_lvl+0x8c/0xd0
[   34.432217]  print_report+0x118/0x5e8
[   34.432260]  kasan_report+0xdc/0x128
[   34.432301]  __asan_report_load1_noabort+0x20/0x30
[   34.432348]  mempool_oob_right_helper+0x2ac/0x2f0
[   34.432398]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   34.432448]  kunit_try_run_case+0x170/0x3f0
[   34.432495]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   34.432546]  kthread+0x328/0x630
[   34.432589]  ret_from_fork+0x10/0x20
[   34.432637] 
[   34.432659] The buggy address belongs to the physical page:
[   34.432699] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b70
[   34.432767] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   34.432815] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   34.432874] page_type: f8(unknown)
[   34.432916] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   34.433406] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   34.434034] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   34.434372] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   34.434433] head: 0bfffe0000000002 ffffc1ffc326dc01 00000000ffffffff 00000000ffffffff
[   34.434483] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   34.434525] page dumped because: kasan: bad access detected
[   34.435191] 
[   34.435247] Memory state around the buggy address:
[   34.435474]  fff00000c9b71f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   34.435527]  fff00000c9b71f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   34.435582] >fff00000c9b72000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   34.435717]                    ^
[   34.436062]  fff00000c9b72080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   34.436305]  fff00000c9b72100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   34.436606] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

30J3nY7QtuR6zFySSP24ERynb1Z

job_id

TEST:linaro@lkft#30J3tHAcCAzoumluJGVN0kuxFDU

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/30J3tHAcCAzoumluJGVN0kuxFDU

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30J3pDsC9KNl7rr3iXBXH40Gq9W/Image.gz
sha256sum	544207c1b5a9d2840223bd62064127622ccefa2f812415650f45a51bca8475e6

rootfs

url	https://storage.tuxboot.com/debian/20250722/trixie/arm64/rootfs.ext4.xz
sha256sum	4416595f610fe19a3fb374a6dd0942354bf27ddb827c7f1e8e5524ec95492466

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30J3pDsC9KNl7rr3iXBXH40Gq9W/modules.tar.xz
sha256sum	ae69e33cdc746370be45d97b12d0ee81e77ef54ca003ba881eec2f93d7e2865c

durations

tests

boot	0
kunit	170.41

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   28.306480] ==================================================================
[   28.306956] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   28.307316] Read of size 1 at addr ffff888104c4ac73 by task kunit_try_catch/269
[   28.308007] 
[   28.308143] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) 
[   28.308279] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   28.308380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   28.308427] Call Trace:
[   28.308441]  <TASK>
[   28.308463]  dump_stack_lvl+0x73/0xb0
[   28.308518]  print_report+0xd1/0x640
[   28.308542]  ? __virt_addr_valid+0x1db/0x2d0
[   28.308569]  ? mempool_oob_right_helper+0x318/0x380
[   28.308602]  ? kasan_complete_mode_report_info+0x2a/0x200
[   28.308628]  ? mempool_oob_right_helper+0x318/0x380
[   28.308652]  kasan_report+0x141/0x180
[   28.308674]  ? mempool_oob_right_helper+0x318/0x380
[   28.308703]  __asan_report_load1_noabort+0x18/0x20
[   28.308727]  mempool_oob_right_helper+0x318/0x380
[   28.308752]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   28.308776]  ? dequeue_entities+0x23f/0x1630
[   28.308928]  ? __kasan_check_write+0x18/0x20
[   28.308953]  ? __pfx_sched_clock_cpu+0x10/0x10
[   28.308975]  ? finish_task_switch.isra.0+0x153/0x700
[   28.309002]  mempool_kmalloc_oob_right+0xf2/0x150
[   28.309026]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   28.309053]  ? __pfx_mempool_kmalloc+0x10/0x10
[   28.309078]  ? __pfx_mempool_kfree+0x10/0x10
[   28.309105]  ? __pfx_read_tsc+0x10/0x10
[   28.309127]  ? ktime_get_ts64+0x86/0x230
[   28.309153]  kunit_try_run_case+0x1a5/0x480
[   28.309180]  ? __pfx_kunit_try_run_case+0x10/0x10
[   28.309202]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   28.309229]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   28.309254]  ? __kthread_parkme+0x82/0x180
[   28.309275]  ? preempt_count_sub+0x50/0x80
[   28.309298]  ? __pfx_kunit_try_run_case+0x10/0x10
[   28.309322]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   28.309345]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   28.309369]  kthread+0x337/0x6f0
[   28.309391]  ? trace_preempt_on+0x20/0xc0
[   28.309416]  ? __pfx_kthread+0x10/0x10
[   28.309437]  ? _raw_spin_unlock_irq+0x47/0x80
[   28.309460]  ? calculate_sigpending+0x7b/0xa0
[   28.309485]  ? __pfx_kthread+0x10/0x10
[   28.309508]  ret_from_fork+0x116/0x1d0
[   28.309528]  ? __pfx_kthread+0x10/0x10
[   28.309549]  ret_from_fork_asm+0x1a/0x30
[   28.309594]  </TASK>
[   28.309604] 
[   28.321718] Allocated by task 269:
[   28.321962]  kasan_save_stack+0x45/0x70
[   28.322638]  kasan_save_track+0x18/0x40
[   28.322785]  kasan_save_alloc_info+0x3b/0x50
[   28.323187]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   28.323506]  remove_element+0x11e/0x190
[   28.323859]  mempool_alloc_preallocated+0x4d/0x90
[   28.324093]  mempool_oob_right_helper+0x8a/0x380
[   28.324448]  mempool_kmalloc_oob_right+0xf2/0x150
[   28.324836]  kunit_try_run_case+0x1a5/0x480
[   28.325093]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   28.325463]  kthread+0x337/0x6f0
[   28.325726]  ret_from_fork+0x116/0x1d0
[   28.325869]  ret_from_fork_asm+0x1a/0x30
[   28.326398] 
[   28.326481] The buggy address belongs to the object at ffff888104c4ac00
[   28.326481]  which belongs to the cache kmalloc-128 of size 128
[   28.327235] The buggy address is located 0 bytes to the right of
[   28.327235]  allocated 115-byte region [ffff888104c4ac00, ffff888104c4ac73)
[   28.328101] 
[   28.328270] The buggy address belongs to the physical page:
[   28.328545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104c4a
[   28.329089] flags: 0x200000000000000(node=0|zone=2)
[   28.329408] page_type: f5(slab)
[   28.329614] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   28.330166] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   28.330456] page dumped because: kasan: bad access detected
[   28.330720] 
[   28.330794] Memory state around the buggy address:
[   28.331658]  ffff888104c4ab00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   28.332152]  ffff888104c4ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.332524] >ffff888104c4ac00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   28.332966]                                                              ^
[   28.333379]  ffff888104c4ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.333697]  ffff888104c4ad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   28.334174] ==================================================================
[   28.338483] ==================================================================
[   28.339278] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   28.339665] Read of size 1 at addr ffff88810614a001 by task kunit_try_catch/271
[   28.340236] 
[   28.340352] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) 
[   28.340411] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   28.340426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   28.340448] Call Trace:
[   28.340462]  <TASK>
[   28.340485]  dump_stack_lvl+0x73/0xb0
[   28.340518]  print_report+0xd1/0x640
[   28.340543]  ? __virt_addr_valid+0x1db/0x2d0
[   28.340570]  ? mempool_oob_right_helper+0x318/0x380
[   28.340604]  ? kasan_addr_to_slab+0x11/0xa0
[   28.340625]  ? mempool_oob_right_helper+0x318/0x380
[   28.340647]  kasan_report+0x141/0x180
[   28.340669]  ? mempool_oob_right_helper+0x318/0x380
[   28.340698]  __asan_report_load1_noabort+0x18/0x20
[   28.340721]  mempool_oob_right_helper+0x318/0x380
[   28.340746]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   28.340770]  ? dequeue_entities+0x23f/0x1630
[   28.340809]  ? __kasan_check_write+0x18/0x20
[   28.340832]  ? __pfx_sched_clock_cpu+0x10/0x10
[   28.340856]  ? finish_task_switch.isra.0+0x153/0x700
[   28.340884]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   28.340907]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   28.340934]  ? __pfx_mempool_kmalloc+0x10/0x10
[   28.340960]  ? __pfx_mempool_kfree+0x10/0x10
[   28.340985]  ? __pfx_read_tsc+0x10/0x10
[   28.341008]  ? ktime_get_ts64+0x86/0x230
[   28.341033]  kunit_try_run_case+0x1a5/0x480
[   28.341061]  ? __pfx_kunit_try_run_case+0x10/0x10
[   28.341083]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   28.341109]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   28.341133]  ? __kthread_parkme+0x82/0x180
[   28.341154]  ? preempt_count_sub+0x50/0x80
[   28.341177]  ? __pfx_kunit_try_run_case+0x10/0x10
[   28.341200]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   28.341223]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   28.341247]  kthread+0x337/0x6f0
[   28.341266]  ? trace_preempt_on+0x20/0xc0
[   28.341291]  ? __pfx_kthread+0x10/0x10
[   28.341311]  ? _raw_spin_unlock_irq+0x47/0x80
[   28.341334]  ? calculate_sigpending+0x7b/0xa0
[   28.341358]  ? __pfx_kthread+0x10/0x10
[   28.341379]  ret_from_fork+0x116/0x1d0
[   28.341399]  ? __pfx_kthread+0x10/0x10
[   28.341420]  ret_from_fork_asm+0x1a/0x30
[   28.341452]  </TASK>
[   28.341462] 
[   28.351412] The buggy address belongs to the physical page:
[   28.351646] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106148
[   28.352065] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   28.352370] flags: 0x200000000000040(head|node=0|zone=2)
[   28.352551] page_type: f8(unknown)
[   28.352831] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   28.353294] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   28.353596] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   28.353823] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   28.354383] head: 0200000000000002 ffffea0004185201 00000000ffffffff 00000000ffffffff
[   28.354833] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   28.355495] page dumped because: kasan: bad access detected
[   28.355752] 
[   28.355818] Memory state around the buggy address:
[   28.356476]  ffff888106149f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   28.356746]  ffff888106149f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   28.357364] >ffff88810614a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   28.357674]                    ^
[   28.357824]  ffff88810614a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   28.358380]  ffff88810614a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   28.358773] ==================================================================
[   28.363414] ==================================================================
[   28.364054] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   28.364353] Read of size 1 at addr ffff88810546d2bb by task kunit_try_catch/273
[   28.364662] 
[   28.364770] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc7-next-20250724 #1 PREEMPT(voluntary) 
[   28.364825] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   28.364839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   28.364861] Call Trace:
[   28.364874]  <TASK>
[   28.364893]  dump_stack_lvl+0x73/0xb0
[   28.365326]  print_report+0xd1/0x640
[   28.365363]  ? __virt_addr_valid+0x1db/0x2d0
[   28.365390]  ? mempool_oob_right_helper+0x318/0x380
[   28.365530]  ? kasan_complete_mode_report_info+0x2a/0x200
[   28.365556]  ? mempool_oob_right_helper+0x318/0x380
[   28.365591]  kasan_report+0x141/0x180
[   28.365614]  ? mempool_oob_right_helper+0x318/0x380
[   28.365642]  __asan_report_load1_noabort+0x18/0x20
[   28.365666]  mempool_oob_right_helper+0x318/0x380
[   28.365691]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   28.365967]  ? finish_task_switch.isra.0+0x153/0x700
[   28.366002]  mempool_slab_oob_right+0xed/0x140
[   28.366027]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   28.366054]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   28.366078]  ? __pfx_mempool_free_slab+0x10/0x10
[   28.366103]  ? __pfx_read_tsc+0x10/0x10
[   28.366125]  ? ktime_get_ts64+0x86/0x230
[   28.366151]  kunit_try_run_case+0x1a5/0x480
[   28.366177]  ? __pfx_kunit_try_run_case+0x10/0x10
[   28.366199]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   28.366226]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   28.366251]  ? __kthread_parkme+0x82/0x180
[   28.366272]  ? preempt_count_sub+0x50/0x80
[   28.366294]  ? __pfx_kunit_try_run_case+0x10/0x10
[   28.366319]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   28.366342]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   28.366365]  kthread+0x337/0x6f0
[   28.366384]  ? trace_preempt_on+0x20/0xc0
[   28.366408]  ? __pfx_kthread+0x10/0x10
[   28.366427]  ? _raw_spin_unlock_irq+0x47/0x80
[   28.366450]  ? calculate_sigpending+0x7b/0xa0
[   28.366474]  ? __pfx_kthread+0x10/0x10
[   28.366495]  ret_from_fork+0x116/0x1d0
[   28.366514]  ? __pfx_kthread+0x10/0x10
[   28.366535]  ret_from_fork_asm+0x1a/0x30
[   28.366566]  </TASK>
[   28.366591] 
[   28.377533] Allocated by task 273:
[   28.377964]  kasan_save_stack+0x45/0x70
[   28.378370]  kasan_save_track+0x18/0x40
[   28.378551]  kasan_save_alloc_info+0x3b/0x50
[   28.378750]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   28.379365]  remove_element+0x11e/0x190
[   28.379538]  mempool_alloc_preallocated+0x4d/0x90
[   28.380015]  mempool_oob_right_helper+0x8a/0x380
[   28.380315]  mempool_slab_oob_right+0xed/0x140
[   28.380521]  kunit_try_run_case+0x1a5/0x480
[   28.380876]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   28.381313]  kthread+0x337/0x6f0
[   28.381465]  ret_from_fork+0x116/0x1d0
[   28.381735]  ret_from_fork_asm+0x1a/0x30
[   28.381913] 
[   28.382232] The buggy address belongs to the object at ffff88810546d240
[   28.382232]  which belongs to the cache test_cache of size 123
[   28.382932] The buggy address is located 0 bytes to the right of
[   28.382932]  allocated 123-byte region [ffff88810546d240, ffff88810546d2bb)
[   28.383470] 
[   28.383564] The buggy address belongs to the physical page:
[   28.383810] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10546d
[   28.384535] flags: 0x200000000000000(node=0|zone=2)
[   28.384920] page_type: f5(slab)
[   28.385167] raw: 0200000000000000 ffff888101d87a00 dead000000000122 0000000000000000
[   28.385616] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   28.386174] page dumped because: kasan: bad access detected
[   28.386364] 
[   28.386454] Memory state around the buggy address:
[   28.386897]  ffff88810546d180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   28.387198]  ffff88810546d200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   28.387497] >ffff88810546d280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   28.387791]                                         ^
[   28.388423]  ffff88810546d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.388691]  ffff88810546d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.389174] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

30J3nY7QtuR6zFySSP24ERynb1Z

job_id

TEST:linaro@lkft#30J3uLzhpviDmlOWY3P9BXfcBAH

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/30J3uLzhpviDmlOWY3P9BXfcBAH

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30J3qksL4GBwzrde5mtPKhFeFEL/bzImage
sha256sum	af4ccad1f72d598f267023cce1cb43d5ed4bda226a707e01686be85dd90634f7

rootfs

url	https://storage.tuxboot.com/debian/20250722/trixie/amd64/rootfs.ext4.xz
sha256sum	f011d4ee6daca8ff6eb107b3ab1eb085d1f77f9019361779f04403719dd7a135

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30J3qksL4GBwzrde5mtPKhFeFEL/modules.tar.xz
sha256sum	7c95098d7c3fc4ab7a627a48c0cdbf1fa3d50531e33653f38a4f14abeedf82da

durations

tests

boot	0
kunit	254.60

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit