lkft/sashal-linus-next - v6.13-rc7-43871-g530dddedcd5a - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16

Date

July 18, 2025, 2:09 p.m.

Environment
qemu-arm64
qemu-x86_64

[   16.926025] ==================================================================
[   16.926152] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8
[   16.926433] Write of size 16 at addr fff00000c5acc080 by task kunit_try_catch/166
[   16.926486] 
[   16.926552] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.926726] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.926753] Hardware name: linux,dummy-virt (DT)
[   16.926954] Call trace:
[   16.926990]  show_stack+0x20/0x38 (C)
[   16.927117]  dump_stack_lvl+0x8c/0xd0
[   16.927235]  print_report+0x118/0x5d0
[   16.927490]  kasan_report+0xdc/0x128
[   16.927614]  __asan_report_store16_noabort+0x20/0x30
[   16.928037]  kmalloc_oob_16+0x3a0/0x3f8
[   16.928168]  kunit_try_run_case+0x170/0x3f0
[   16.928224]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.928278]  kthread+0x328/0x630
[   16.928560]  ret_from_fork+0x10/0x20
[   16.928676] 
[   16.928735] Allocated by task 166:
[   16.928773]  kasan_save_stack+0x3c/0x68
[   16.928884]  kasan_save_track+0x20/0x40
[   16.928994]  kasan_save_alloc_info+0x40/0x58
[   16.929290]  __kasan_kmalloc+0xd4/0xd8
[   16.929356]  __kmalloc_cache_noprof+0x16c/0x3c0
[   16.929464]  kmalloc_oob_16+0xb4/0x3f8
[   16.929755]  kunit_try_run_case+0x170/0x3f0
[   16.929910]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.930020]  kthread+0x328/0x630
[   16.930135]  ret_from_fork+0x10/0x20
[   16.930237] 
[   16.930286] The buggy address belongs to the object at fff00000c5acc080
[   16.930286]  which belongs to the cache kmalloc-16 of size 16
[   16.930352] The buggy address is located 0 bytes inside of
[   16.930352]  allocated 13-byte region [fff00000c5acc080, fff00000c5acc08d)
[   16.930525] 
[   16.930575] The buggy address belongs to the physical page:
[   16.930606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105acc
[   16.930783] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   16.931007] page_type: f5(slab)
[   16.931125] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000
[   16.931318] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[   16.931412] page dumped because: kasan: bad access detected
[   16.931499] 
[   16.931581] Memory state around the buggy address:
[   16.931684]  fff00000c5acbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.931773]  fff00000c5acc000: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc
[   16.931930] >fff00000c5acc080: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc
[   16.932041]                       ^
[   16.932111]  fff00000c5acc100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.932173]  fff00000c5acc180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.932555] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

303EBflBPqSbIUkiUzReBHe3YjN

job_id

TEST:linaro@lkft#303EF25Pp9Vi9nJKRzPLQTha4DW

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/303EF25Pp9Vi9nJKRzPLQTha4DW

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303ECYTm040GLO6kXFdSkAckpUQ/Image.gz
sha256sum	0cd43a55510452afcc094a9b71b52e570abcb0018a9c4b3e8c55713d88f43dcd

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303ECYTm040GLO6kXFdSkAckpUQ/modules.tar.xz
sha256sum	1123cbd40eab351130997a1b3dcec1375004e5d45c47d69105fc241be8d9036c

durations

tests

boot	0
kunit	182.38

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   16.603288] ==================================================================
[   16.603642] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8
[   16.603721] Write of size 16 at addr fff00000c5a02ba0 by task kunit_try_catch/166
[   16.603780] 
[   16.603815] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.604051] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.604112] Hardware name: linux,dummy-virt (DT)
[   16.604284] Call trace:
[   16.604340]  show_stack+0x20/0x38 (C)
[   16.604462]  dump_stack_lvl+0x8c/0xd0
[   16.604563]  print_report+0x118/0x5d0
[   16.604621]  kasan_report+0xdc/0x128
[   16.604667]  __asan_report_store16_noabort+0x20/0x30
[   16.605074]  kmalloc_oob_16+0x3a0/0x3f8
[   16.605470]  kunit_try_run_case+0x170/0x3f0
[   16.605603]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.605662]  kthread+0x328/0x630
[   16.605729]  ret_from_fork+0x10/0x20
[   16.606080] 
[   16.606136] Allocated by task 166:
[   16.606182]  kasan_save_stack+0x3c/0x68
[   16.606508]  kasan_save_track+0x20/0x40
[   16.606644]  kasan_save_alloc_info+0x40/0x58
[   16.606726]  __kasan_kmalloc+0xd4/0xd8
[   16.607020]  __kmalloc_cache_noprof+0x16c/0x3c0
[   16.607138]  kmalloc_oob_16+0xb4/0x3f8
[   16.607279]  kunit_try_run_case+0x170/0x3f0
[   16.607371]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.607739]  kthread+0x328/0x630
[   16.607824]  ret_from_fork+0x10/0x20
[   16.607895] 
[   16.607951] The buggy address belongs to the object at fff00000c5a02ba0
[   16.607951]  which belongs to the cache kmalloc-16 of size 16
[   16.608355] The buggy address is located 0 bytes inside of
[   16.608355]  allocated 13-byte region [fff00000c5a02ba0, fff00000c5a02bad)
[   16.608522] 
[   16.608591] The buggy address belongs to the physical page:
[   16.608641] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a02
[   16.608695] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   16.608743] page_type: f5(slab)
[   16.609093] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000
[   16.609253] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[   16.609298] page dumped because: kasan: bad access detected
[   16.609656] 
[   16.609777] Memory state around the buggy address:
[   16.609832]  fff00000c5a02a80: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc
[   16.609902]  fff00000c5a02b00: fa fb fc fc fa fb fc fc fa fb fc fc 00 04 fc fc
[   16.610119] >fff00000c5a02b80: fa fb fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc
[   16.610263]                                   ^
[   16.610388]  fff00000c5a02c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.610520]  fff00000c5a02c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.610598] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

303Mu3ntpbAl90E7xFJwTYkz6hg

job_id

TEST:linaro@lkft#303MxbItH1xNBq5DVzgi5f9Vk9B

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/303MxbItH1xNBq5DVzgi5f9Vk9B

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303MuvPW3SK4gLbQ1ALw5htqwSd/Image.gz
sha256sum	1d26a50b80602cf96dca0b9e5d4833d551bb9799e3e8f672f61c3fedb7c3633a

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303MuvPW3SK4gLbQ1ALw5htqwSd/modules.tar.xz
sha256sum	8d3b93659e4b7dd2c56e9a38da739978022e2707277d72909e50cc2549d4beb2

durations

tests

boot	0
kunit	169.06

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   16.613632] ==================================================================
[   16.613998] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x3a0/0x3f8
[   16.614154] Write of size 16 at addr fff00000c5755e00 by task kunit_try_catch/166
[   16.614248] 
[   16.614347] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   16.614461] Tainted: [B]=BAD_PAGE, [N]=TEST
[   16.614498] Hardware name: linux,dummy-virt (DT)
[   16.614531] Call trace:
[   16.614580]  show_stack+0x20/0x38 (C)
[   16.614992]  dump_stack_lvl+0x8c/0xd0
[   16.615308]  print_report+0x118/0x5d0
[   16.615381]  kasan_report+0xdc/0x128
[   16.615545]  __asan_report_store16_noabort+0x20/0x30
[   16.615676]  kmalloc_oob_16+0x3a0/0x3f8
[   16.615844]  kunit_try_run_case+0x170/0x3f0
[   16.616014]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.616092]  kthread+0x328/0x630
[   16.616415]  ret_from_fork+0x10/0x20
[   16.616625] 
[   16.616704] Allocated by task 166:
[   16.616878]  kasan_save_stack+0x3c/0x68
[   16.617207]  kasan_save_track+0x20/0x40
[   16.617269]  kasan_save_alloc_info+0x40/0x58
[   16.617387]  __kasan_kmalloc+0xd4/0xd8
[   16.617495]  __kmalloc_cache_noprof+0x16c/0x3c0
[   16.617710]  kmalloc_oob_16+0xb4/0x3f8
[   16.617934]  kunit_try_run_case+0x170/0x3f0
[   16.617975]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   16.618318]  kthread+0x328/0x630
[   16.618401]  ret_from_fork+0x10/0x20
[   16.618579] 
[   16.618760] The buggy address belongs to the object at fff00000c5755e00
[   16.618760]  which belongs to the cache kmalloc-16 of size 16
[   16.618936] The buggy address is located 0 bytes inside of
[   16.618936]  allocated 13-byte region [fff00000c5755e00, fff00000c5755e0d)
[   16.618998] 
[   16.619049] The buggy address belongs to the physical page:
[   16.619081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105755
[   16.619442] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   16.619622] page_type: f5(slab)
[   16.619744] raw: 0bfffe0000000000 fff00000c0001640 dead000000000122 0000000000000000
[   16.619913] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[   16.620005] page dumped because: kasan: bad access detected
[   16.620036] 
[   16.620252] Memory state around the buggy address:
[   16.620317]  fff00000c5755d00: fa fb fc fc 00 02 fc fc fa fb fc fc fa fb fc fc
[   16.620584]  fff00000c5755d80: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc
[   16.620681] >fff00000c5755e00: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc
[   16.620773]                       ^
[   16.620805]  fff00000c5755e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.620846]  fff00000c5755f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   16.620884] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

303Sxu1j8OyuX5lG527CuRMl0zm

job_id

TEST:linaro@lkft#303T1aQDgvcqrgu9gN0OeLGQz0C

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/303T1aQDgvcqrgu9gN0OeLGQz0C

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303Syw9B0zr00cacsipIIbuVtmO/Image.gz
sha256sum	5b11eefa6d464ac909c4aaf2b2e503862ad9b898749580b0c74823fda864756c

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303Syw9B0zr00cacsipIIbuVtmO/modules.tar.xz
sha256sum	5f304fbdafbe519859f7c742752446676e8da2e281160c33189afc6b1f45e458

durations

tests

boot	0
kunit	175.36

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   12.251762] ==================================================================
[   12.252587] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0
[   12.252857] Write of size 16 at addr ffff888101bcbdc0 by task kunit_try_catch/183
[   12.253221] 
[   12.253348] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   12.253395] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.253407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.253430] Call Trace:
[   12.253445]  <TASK>
[   12.253466]  dump_stack_lvl+0x73/0xb0
[   12.253500]  print_report+0xd1/0x610
[   12.253522]  ? __virt_addr_valid+0x1db/0x2d0
[   12.253547]  ? kmalloc_oob_16+0x452/0x4a0
[   12.253567]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.253590]  ? kmalloc_oob_16+0x452/0x4a0
[   12.253611]  kasan_report+0x141/0x180
[   12.253633]  ? kmalloc_oob_16+0x452/0x4a0
[   12.253660]  __asan_report_store16_noabort+0x1b/0x30
[   12.253684]  kmalloc_oob_16+0x452/0x4a0
[   12.253706]  ? __pfx_kmalloc_oob_16+0x10/0x10
[   12.253746]  ? __schedule+0x10cc/0x2b60
[   12.253770]  ? __pfx_read_tsc+0x10/0x10
[   12.253791]  ? ktime_get_ts64+0x86/0x230
[   12.253818]  kunit_try_run_case+0x1a5/0x480
[   12.253844]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.253865]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.253890]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.253923]  ? __kthread_parkme+0x82/0x180
[   12.253944]  ? preempt_count_sub+0x50/0x80
[   12.253969]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.253992]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.254016]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.254039]  kthread+0x337/0x6f0
[   12.254057]  ? trace_preempt_on+0x20/0xc0
[   12.254081]  ? __pfx_kthread+0x10/0x10
[   12.254101]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.254122]  ? calculate_sigpending+0x7b/0xa0
[   12.254146]  ? __pfx_kthread+0x10/0x10
[   12.254167]  ret_from_fork+0x116/0x1d0
[   12.254185]  ? __pfx_kthread+0x10/0x10
[   12.254205]  ret_from_fork_asm+0x1a/0x30
[   12.254238]  </TASK>
[   12.254249] 
[   12.261740] Allocated by task 183:
[   12.261937]  kasan_save_stack+0x45/0x70
[   12.262320]  kasan_save_track+0x18/0x40
[   12.262457]  kasan_save_alloc_info+0x3b/0x50
[   12.262606]  __kasan_kmalloc+0xb7/0xc0
[   12.262797]  __kmalloc_cache_noprof+0x189/0x420
[   12.263260]  kmalloc_oob_16+0xa8/0x4a0
[   12.263485]  kunit_try_run_case+0x1a5/0x480
[   12.263826]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.264164]  kthread+0x337/0x6f0
[   12.264294]  ret_from_fork+0x116/0x1d0
[   12.264494]  ret_from_fork_asm+0x1a/0x30
[   12.264680] 
[   12.264756] The buggy address belongs to the object at ffff888101bcbdc0
[   12.264756]  which belongs to the cache kmalloc-16 of size 16
[   12.265125] The buggy address is located 0 bytes inside of
[   12.265125]  allocated 13-byte region [ffff888101bcbdc0, ffff888101bcbdcd)
[   12.265901] 
[   12.265992] The buggy address belongs to the physical page:
[   12.266244] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bcb
[   12.266507] flags: 0x200000000000000(node=0|zone=2)
[   12.267087] page_type: f5(slab)
[   12.267268] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000
[   12.267522] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[   12.267871] page dumped because: kasan: bad access detected
[   12.268153] 
[   12.268231] Memory state around the buggy address:
[   12.268407]  ffff888101bcbc80: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc
[   12.268626]  ffff888101bcbd00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc
[   12.268958] >ffff888101bcbd80: fa fb fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc
[   12.269351]                                               ^
[   12.269776]  ffff888101bcbe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.270150]  ffff888101bcbe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.270427] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

303Sxu1j8OyuX5lG527CuRMl0zm

job_id

TEST:linaro@lkft#303T2OzuK6lIw4rRFlSAhCs7bnu

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/303T2OzuK6lIw4rRFlSAhCs7bnu

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303Szma0mGNAiZG6rKGjPWN7fGT/bzImage
sha256sum	42041c61d6e46ef309c371e5fe2f53a0c6849e7beec0f7e1f396b9c65c0adbb2

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303Szma0mGNAiZG6rKGjPWN7fGT/modules.tar.xz
sha256sum	02cd970151971431ac5e5e4fcd602180a5476f25314259d1f76384cd0f280f1b

durations

tests

boot	0
kunit	226.78

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   12.003945] ==================================================================
[   12.004379] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0
[   12.004696] Write of size 16 at addr ffff888101cb3c60 by task kunit_try_catch/184
[   12.004981] 
[   12.005096] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   12.005146] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.005156] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.005177] Call Trace:
[   12.005189]  <TASK>
[   12.005205]  dump_stack_lvl+0x73/0xb0
[   12.005233]  print_report+0xd1/0x610
[   12.005254]  ? __virt_addr_valid+0x1db/0x2d0
[   12.005276]  ? kmalloc_oob_16+0x452/0x4a0
[   12.005295]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.005316]  ? kmalloc_oob_16+0x452/0x4a0
[   12.005336]  kasan_report+0x141/0x180
[   12.005356]  ? kmalloc_oob_16+0x452/0x4a0
[   12.005383]  __asan_report_store16_noabort+0x1b/0x30
[   12.005406]  kmalloc_oob_16+0x452/0x4a0
[   12.005427]  ? __pfx_kmalloc_oob_16+0x10/0x10
[   12.005486]  ? __schedule+0x10cc/0x2b60
[   12.005509]  ? __pfx_read_tsc+0x10/0x10
[   12.005567]  ? ktime_get_ts64+0x86/0x230
[   12.005594]  kunit_try_run_case+0x1a5/0x480
[   12.005619]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.005640]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.005664]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.005688]  ? __kthread_parkme+0x82/0x180
[   12.005708]  ? preempt_count_sub+0x50/0x80
[   12.005732]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.005755]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.005778]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.005802]  kthread+0x337/0x6f0
[   12.005821]  ? trace_preempt_on+0x20/0xc0
[   12.005843]  ? __pfx_kthread+0x10/0x10
[   12.005863]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.005883]  ? calculate_sigpending+0x7b/0xa0
[   12.005907]  ? __pfx_kthread+0x10/0x10
[   12.005928]  ret_from_fork+0x116/0x1d0
[   12.005946]  ? __pfx_kthread+0x10/0x10
[   12.005966]  ret_from_fork_asm+0x1a/0x30
[   12.005998]  </TASK>
[   12.006007] 
[   12.014328] Allocated by task 184:
[   12.014467]  kasan_save_stack+0x45/0x70
[   12.014612]  kasan_save_track+0x18/0x40
[   12.014742]  kasan_save_alloc_info+0x3b/0x50
[   12.015008]  __kasan_kmalloc+0xb7/0xc0
[   12.015221]  __kmalloc_cache_noprof+0x189/0x420
[   12.015482]  kmalloc_oob_16+0xa8/0x4a0
[   12.015709]  kunit_try_run_case+0x1a5/0x480
[   12.015926]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.016291]  kthread+0x337/0x6f0
[   12.016562]  ret_from_fork+0x116/0x1d0
[   12.016700]  ret_from_fork_asm+0x1a/0x30
[   12.016836] 
[   12.016904] The buggy address belongs to the object at ffff888101cb3c60
[   12.016904]  which belongs to the cache kmalloc-16 of size 16
[   12.017391] The buggy address is located 0 bytes inside of
[   12.017391]  allocated 13-byte region [ffff888101cb3c60, ffff888101cb3c6d)
[   12.018270] 
[   12.018474] The buggy address belongs to the physical page:
[   12.018719] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101cb3
[   12.018976] flags: 0x200000000000000(node=0|zone=2)
[   12.019225] page_type: f5(slab)
[   12.019462] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000
[   12.019965] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[   12.020230] page dumped because: kasan: bad access detected
[   12.020551] 
[   12.020646] Memory state around the buggy address:
[   12.020902]  ffff888101cb3b00: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc
[   12.021234]  ffff888101cb3b80: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc
[   12.021660] >ffff888101cb3c00: fa fb fc fc fa fb fc fc 00 05 fc fc 00 05 fc fc
[   12.021983]                                                           ^
[   12.022222]  ffff888101cb3c80: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.022631]  ffff888101cb3d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.022945] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

303EBflBPqSbIUkiUzReBHe3YjN

job_id

TEST:linaro@lkft#303EFrR321z66uMtHD4l4dQQryi

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/303EFrR321z66uMtHD4l4dQQryi

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303EDHUQV2HWml6WToh69KJUFJb/bzImage
sha256sum	c220f70d9515ab3041e245bb6755df814c152e1bb2b5c646740fe1b3afdde8b5

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303EDHUQV2HWml6WToh69KJUFJb/modules.tar.xz
sha256sum	ab8bf28231ab6c259d2b1478935ea551409070bcef8061d01f520819ad2ce3b6

durations

tests

boot	0
kunit	217.45

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   12.151872] ==================================================================
[   12.152364] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0
[   12.152686] Write of size 16 at addr ffff888101be2e60 by task kunit_try_catch/183
[   12.153092] 
[   12.153184] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   12.153233] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.153244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.153265] Call Trace:
[   12.153277]  <TASK>
[   12.153295]  dump_stack_lvl+0x73/0xb0
[   12.153326]  print_report+0xd1/0x610
[   12.153349]  ? __virt_addr_valid+0x1db/0x2d0
[   12.153372]  ? kmalloc_oob_16+0x452/0x4a0
[   12.153392]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.153414]  ? kmalloc_oob_16+0x452/0x4a0
[   12.153434]  kasan_report+0x141/0x180
[   12.153455]  ? kmalloc_oob_16+0x452/0x4a0
[   12.153480]  __asan_report_store16_noabort+0x1b/0x30
[   12.153505]  kmalloc_oob_16+0x452/0x4a0
[   12.153525]  ? __pfx_kmalloc_oob_16+0x10/0x10
[   12.153546]  ? __schedule+0x10cc/0x2b60
[   12.153568]  ? __pfx_read_tsc+0x10/0x10
[   12.153588]  ? ktime_get_ts64+0x86/0x230
[   12.153612]  kunit_try_run_case+0x1a5/0x480
[   12.153636]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.153658]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.153681]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.153705]  ? __kthread_parkme+0x82/0x180
[   12.153725]  ? preempt_count_sub+0x50/0x80
[   12.153748]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.153772]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.153795]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.153818]  kthread+0x337/0x6f0
[   12.153836]  ? trace_preempt_on+0x20/0xc0
[   12.153859]  ? __pfx_kthread+0x10/0x10
[   12.153878]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.153898]  ? calculate_sigpending+0x7b/0xa0
[   12.153922]  ? __pfx_kthread+0x10/0x10
[   12.153942]  ret_from_fork+0x116/0x1d0
[   12.153960]  ? __pfx_kthread+0x10/0x10
[   12.153979]  ret_from_fork_asm+0x1a/0x30
[   12.154165]  </TASK>
[   12.154181] 
[   12.164432] Allocated by task 183:
[   12.164711]  kasan_save_stack+0x45/0x70
[   12.164918]  kasan_save_track+0x18/0x40
[   12.165556]  kasan_save_alloc_info+0x3b/0x50
[   12.165836]  __kasan_kmalloc+0xb7/0xc0
[   12.166372]  __kmalloc_cache_noprof+0x189/0x420
[   12.166808]  kmalloc_oob_16+0xa8/0x4a0
[   12.167240]  kunit_try_run_case+0x1a5/0x480
[   12.167695]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.167989]  kthread+0x337/0x6f0
[   12.168231]  ret_from_fork+0x116/0x1d0
[   12.168408]  ret_from_fork_asm+0x1a/0x30
[   12.168884] 
[   12.168977] The buggy address belongs to the object at ffff888101be2e60
[   12.168977]  which belongs to the cache kmalloc-16 of size 16
[   12.170237] The buggy address is located 0 bytes inside of
[   12.170237]  allocated 13-byte region [ffff888101be2e60, ffff888101be2e6d)
[   12.171213] 
[   12.171311] The buggy address belongs to the physical page:
[   12.171859] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101be2
[   12.172411] flags: 0x200000000000000(node=0|zone=2)
[   12.172858] page_type: f5(slab)
[   12.173275] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000
[   12.173911] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000
[   12.174504] page dumped because: kasan: bad access detected
[   12.174878] 
[   12.174981] Memory state around the buggy address:
[   12.175402]  ffff888101be2d00: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc
[   12.175707]  ffff888101be2d80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc
[   12.175996] >ffff888101be2e00: fa fb fc fc 00 05 fc fc fa fb fc fc 00 05 fc fc
[   12.176701]                                                           ^
[   12.177248]  ffff888101be2e80: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.177722]  ffff888101be2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.178228] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

303Mu3ntpbAl90E7xFJwTYkz6hg

job_id

TEST:linaro@lkft#303MyNrXgiUK2WQ9kAj3BzGphCF

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/303MyNrXgiUK2WQ9kAj3BzGphCF

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303MvjxJUPUp0dSFAYAM6r89zAg/bzImage
sha256sum	e715e0f52245accf83f401d29cc1c2f3b2a59bbdf3f5ad590c1c6f981a5169eb

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/303MvjxJUPUp0dSFAYAM6r89zAg/modules.tar.xz
sha256sum	a6fb5fb0c5521f1f236c8b67ce1b76fdcd44954d158362bf4d88d0d9d544c595

durations

tests

boot	0
kunit	233.03

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit