lkft/linux-next-master - next-20241122 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

Nov. 22, 2024, 6:35 a.m.

Environment
qemu-arm64
qemu-x86_64

[   36.086125] ==================================================================
[   36.087481] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   36.088355] Read of size 1 at addr fff00000c6a99073 by task kunit_try_catch/210
[   36.089313] 
[   36.089692] CPU: 0 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241122 #1
[   36.091603] Tainted: [B]=BAD_PAGE, [N]=TEST
[   36.092193] Hardware name: linux,dummy-virt (DT)
[   36.093272] Call trace:
[   36.093713]  show_stack+0x20/0x38 (C)
[   36.094333]  dump_stack_lvl+0x8c/0xd0
[   36.094883]  print_report+0x118/0x5e0
[   36.095577]  kasan_report+0xc8/0x118
[   36.096156]  __asan_report_load1_noabort+0x20/0x30
[   36.097410]  mempool_oob_right_helper+0x2ac/0x2f0
[   36.098155]  mempool_kmalloc_oob_right+0xbc/0x118
[   36.098582]  kunit_try_run_case+0x14c/0x3d0
[   36.099269]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.100150]  kthread+0x24c/0x2d0
[   36.100923]  ret_from_fork+0x10/0x20
[   36.101959] 
[   36.102388] Allocated by task 210:
[   36.102983]  kasan_save_stack+0x3c/0x68
[   36.103648]  kasan_save_track+0x20/0x40
[   36.104341]  kasan_save_alloc_info+0x40/0x58
[   36.105391]  __kasan_mempool_unpoison_object+0x11c/0x180
[   36.106297]  remove_element+0x130/0x1f8
[   36.106860]  mempool_alloc_preallocated+0x58/0xc0
[   36.107552]  mempool_oob_right_helper+0x98/0x2f0
[   36.108331]  mempool_kmalloc_oob_right+0xbc/0x118
[   36.109666]  kunit_try_run_case+0x14c/0x3d0
[   36.110266]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.111111]  kthread+0x24c/0x2d0
[   36.111609]  ret_from_fork+0x10/0x20
[   36.112154] 
[   36.112899] The buggy address belongs to the object at fff00000c6a99000
[   36.112899]  which belongs to the cache kmalloc-128 of size 128
[   36.114394] The buggy address is located 0 bytes to the right of
[   36.114394]  allocated 115-byte region [fff00000c6a99000, fff00000c6a99073)
[   36.116169] 
[   36.117023] The buggy address belongs to the physical page:
[   36.117872] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106a99
[   36.118787] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   36.119832] page_type: f5(slab)
[   36.120313] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   36.121744] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   36.122599] page dumped because: kasan: bad access detected
[   36.123279] 
[   36.123587] Memory state around the buggy address:
[   36.124259]  fff00000c6a98f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.125668]  fff00000c6a98f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.126694] >fff00000c6a99000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   36.127593]                                                              ^
[   36.129026]  fff00000c6a99080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.129782]  fff00000c6a99100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   36.130621] ==================================================================
[   36.195325] ==================================================================
[   36.197702] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   36.198662] Read of size 1 at addr fff00000c63312bb by task kunit_try_catch/214
[   36.199772] 
[   36.200153] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241122 #1
[   36.201911] Tainted: [B]=BAD_PAGE, [N]=TEST
[   36.202849] Hardware name: linux,dummy-virt (DT)
[   36.203399] Call trace:
[   36.203825]  show_stack+0x20/0x38 (C)
[   36.204391]  dump_stack_lvl+0x8c/0xd0
[   36.205187]  print_report+0x118/0x5e0
[   36.206256]  kasan_report+0xc8/0x118
[   36.207041]  __asan_report_load1_noabort+0x20/0x30
[   36.207717]  mempool_oob_right_helper+0x2ac/0x2f0
[   36.208533]  mempool_slab_oob_right+0xb8/0x110
[   36.209355]  kunit_try_run_case+0x14c/0x3d0
[   36.210311]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.211135]  kthread+0x24c/0x2d0
[   36.211751]  ret_from_fork+0x10/0x20
[   36.212514] 
[   36.213026] Allocated by task 214:
[   36.213500]  kasan_save_stack+0x3c/0x68
[   36.214355]  kasan_save_track+0x20/0x40
[   36.215367]  kasan_save_alloc_info+0x40/0x58
[   36.216274]  __kasan_mempool_unpoison_object+0xbc/0x180
[   36.217381]  remove_element+0x16c/0x1f8
[   36.218371]  mempool_alloc_preallocated+0x58/0xc0
[   36.219048]  mempool_oob_right_helper+0x98/0x2f0
[   36.219889]  mempool_slab_oob_right+0xb8/0x110
[   36.220891]  kunit_try_run_case+0x14c/0x3d0
[   36.221482]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.222849]  kthread+0x24c/0x2d0
[   36.223819]  ret_from_fork+0x10/0x20
[   36.224572] 
[   36.224867] The buggy address belongs to the object at fff00000c6331240
[   36.224867]  which belongs to the cache test_cache of size 123
[   36.226396] The buggy address is located 0 bytes to the right of
[   36.226396]  allocated 123-byte region [fff00000c6331240, fff00000c63312bb)
[   36.228177] 
[   36.228715] The buggy address belongs to the physical page:
[   36.229543] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106331
[   36.230947] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   36.232133] page_type: f5(slab)
[   36.232725] raw: 0bfffe0000000000 fff00000c408ca00 dead000000000122 0000000000000000
[   36.234236] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000
[   36.235105] page dumped because: kasan: bad access detected
[   36.236395] 
[   36.236830] Memory state around the buggy address:
[   36.237612]  fff00000c6331180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   36.238911]  fff00000c6331200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   36.239555] >fff00000c6331280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   36.241144]                                         ^
[   36.241969]  fff00000c6331300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.243242]  fff00000c6331380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   36.244146] ==================================================================
[   36.143749] ==================================================================
[   36.145051] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   36.145937] Read of size 1 at addr fff00000c6b82001 by task kunit_try_catch/212
[   36.147026] 
[   36.147360] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241122 #1
[   36.149953] Tainted: [B]=BAD_PAGE, [N]=TEST
[   36.150666] Hardware name: linux,dummy-virt (DT)
[   36.151304] Call trace:
[   36.151726]  show_stack+0x20/0x38 (C)
[   36.152304]  dump_stack_lvl+0x8c/0xd0
[   36.153506]  print_report+0x118/0x5e0
[   36.154270]  kasan_report+0xc8/0x118
[   36.155068]  __asan_report_load1_noabort+0x20/0x30
[   36.155803]  mempool_oob_right_helper+0x2ac/0x2f0
[   36.156459]  mempool_kmalloc_large_oob_right+0xbc/0x118
[   36.157213]  kunit_try_run_case+0x14c/0x3d0
[   36.158320]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   36.159059]  kthread+0x24c/0x2d0
[   36.159682]  ret_from_fork+0x10/0x20
[   36.160261] 
[   36.160654] The buggy address belongs to the physical page:
[   36.161733] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106b80
[   36.162657] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   36.163516] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   36.164380] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   36.166350] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   36.167778] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   36.169035] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   36.170400] head: 0bfffe0000000002 ffffc1ffc31ae001 ffffffffffffffff 0000000000000000
[   36.171507] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   36.172409] page dumped because: kasan: bad access detected
[   36.173552] 
[   36.173957] Memory state around the buggy address:
[   36.174782]  fff00000c6b81f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   36.175802]  fff00000c6b81f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   36.177175] >fff00000c6b82000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   36.178225]                    ^
[   36.178791]  fff00000c6b82080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   36.179676]  fff00000c6b82100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   36.180910] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2pC5b8oaJWXHgnXV09vT5LVgOaw

job_id

TEST:linaro@lkft#2pC5fJPu1U0syxXCEatKhpHAVGc

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2pC5fJPu1U0syxXCEatKhpHAVGc

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pC5cJkcKwJlHcbGFpkgrIsh5rv/Image.gz
sha256sum	c7dd7dbcf7d483b1d1dd11cc623170a05fa77e79300cd8b3c90dab3ce454e75a

rootfs

url	https://storage.tuxboot.com/debian/trixie/arm64/rootfs.ext4.xz
sha256sum	f592205e64add7389d8a1055c235aa3685e13c7cfdfdbe5f212ab22afdbeb656

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pC5cJkcKwJlHcbGFpkgrIsh5rv/modules.tar.xz
sha256sum	5eca046fbd2122c8407be146a89207cf131b2811a5bb49c1bd70a7799382ee91

durations

tests

boot	412.61
kunit	528.55

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.1.1+ds-5

[   27.182292] ==================================================================
[   27.183006] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380
[   27.183918] Read of size 1 at addr ffff888102d22001 by task kunit_try_catch/231
[   27.184383] 
[   27.184698] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241122 #1
[   27.185594] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.186302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.186751] Call Trace:
[   27.186984]  <TASK>
[   27.187382]  dump_stack_lvl+0x73/0xb0
[   27.187863]  print_report+0xd1/0x640
[   27.188486]  ? __virt_addr_valid+0x1db/0x2d0
[   27.188804]  ? kasan_addr_to_slab+0x11/0xa0
[   27.189342]  kasan_report+0x102/0x140
[   27.189884]  ? mempool_oob_right_helper+0x31a/0x380
[   27.190332]  ? mempool_oob_right_helper+0x31a/0x380
[   27.190744]  __asan_report_load1_noabort+0x18/0x20
[   27.191084]  mempool_oob_right_helper+0x31a/0x380
[   27.191848]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   27.192418]  ? finish_task_switch.isra.0+0x153/0x700
[   27.193483]  mempool_kmalloc_large_oob_right+0xb6/0x100
[   27.193928]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   27.194377]  ? __switch_to+0x5d9/0xf60
[   27.194893]  ? __pfx_mempool_kmalloc+0x10/0x10
[   27.195397]  ? __pfx_mempool_kfree+0x10/0x10
[   27.196264]  ? __pfx_read_tsc+0x10/0x10
[   27.196694]  ? ktime_get_ts64+0x84/0x230
[   27.197015]  kunit_try_run_case+0x1b3/0x490
[   27.197587]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.198391]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.199128]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.199476]  ? __kthread_parkme+0x82/0x160
[   27.199761]  ? preempt_count_sub+0x50/0x80
[   27.200513]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.201197]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.201811]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.202359]  kthread+0x257/0x310
[   27.202836]  ? __pfx_kthread+0x10/0x10
[   27.203151]  ret_from_fork+0x41/0x80
[   27.203738]  ? __pfx_kthread+0x10/0x10
[   27.204287]  ret_from_fork_asm+0x1a/0x30
[   27.204673]  </TASK>
[   27.204883] 
[   27.205366] The buggy address belongs to the physical page:
[   27.205937] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d20
[   27.206901] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.207556] flags: 0x200000000000040(head|node=0|zone=2)
[   27.208225] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.209338] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.209737] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.210504] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   27.211371] head: 0200000000000002 ffffea00040b4801 ffffffffffffffff 0000000000000000
[   27.211757] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   27.212722] page dumped because: kasan: bad access detected
[   27.213602] 
[   27.213842] Memory state around the buggy address:
[   27.214200]  ffff888102d21f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.214964]  ffff888102d21f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.215748] >ffff888102d22000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.216263]                    ^
[   27.216488]  ffff888102d22080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.216889]  ffff888102d22100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.217762] ==================================================================
[   27.122445] ==================================================================
[   27.123398] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380
[   27.124316] Read of size 1 at addr ffff888102a17373 by task kunit_try_catch/229
[   27.124810] 
[   27.125287] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241122 #1
[   27.126493] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.127137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.127796] Call Trace:
[   27.128556]  <TASK>
[   27.128778]  dump_stack_lvl+0x73/0xb0
[   27.129093]  print_report+0xd1/0x640
[   27.129514]  ? __virt_addr_valid+0x1db/0x2d0
[   27.130114]  ? kasan_complete_mode_report_info+0x2a/0x200
[   27.130530]  kasan_report+0x102/0x140
[   27.130806]  ? mempool_oob_right_helper+0x31a/0x380
[   27.131568]  ? mempool_oob_right_helper+0x31a/0x380
[   27.132283]  __asan_report_load1_noabort+0x18/0x20
[   27.132701]  mempool_oob_right_helper+0x31a/0x380
[   27.133391]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   27.134492]  ? update_load_avg+0x1c3/0x2110
[   27.135220]  ? update_curr+0x7d/0x5a0
[   27.135673]  ? update_curr+0x7d/0x5a0
[   27.136287]  ? finish_task_switch.isra.0+0x153/0x700
[   27.136802]  mempool_kmalloc_oob_right+0xb6/0x100
[   27.137481]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   27.138157]  ? __switch_to+0x5d9/0xf60
[   27.138657]  ? __pfx_mempool_kmalloc+0x10/0x10
[   27.139662]  ? __pfx_mempool_kfree+0x10/0x10
[   27.140151]  ? __pfx_read_tsc+0x10/0x10
[   27.140515]  ? ktime_get_ts64+0x84/0x230
[   27.141144]  kunit_try_run_case+0x1b3/0x490
[   27.141591]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.142307]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.142757]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.143505]  ? __kthread_parkme+0x82/0x160
[   27.144040]  ? preempt_count_sub+0x50/0x80
[   27.144559]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.145662]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.146293]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.147090]  kthread+0x257/0x310
[   27.147358]  ? __pfx_kthread+0x10/0x10
[   27.147884]  ret_from_fork+0x41/0x80
[   27.148733]  ? __pfx_kthread+0x10/0x10
[   27.149636]  ret_from_fork_asm+0x1a/0x30
[   27.150160]  </TASK>
[   27.150774] 
[   27.151574] Allocated by task 229:
[   27.151915]  kasan_save_stack+0x3d/0x60
[   27.152305]  kasan_save_track+0x18/0x40
[   27.152723]  kasan_save_alloc_info+0x3b/0x50
[   27.153170]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   27.154186]  remove_element+0x11e/0x190
[   27.155278]  mempool_alloc_preallocated+0x4d/0x90
[   27.155615]  mempool_oob_right_helper+0x8b/0x380
[   27.155948]  mempool_kmalloc_oob_right+0xb6/0x100
[   27.156922]  kunit_try_run_case+0x1b3/0x490
[   27.157552]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.158221]  kthread+0x257/0x310
[   27.158745]  ret_from_fork+0x41/0x80
[   27.159334]  ret_from_fork_asm+0x1a/0x30
[   27.159962] 
[   27.160287] The buggy address belongs to the object at ffff888102a17300
[   27.160287]  which belongs to the cache kmalloc-128 of size 128
[   27.161814] The buggy address is located 0 bytes to the right of
[   27.161814]  allocated 115-byte region [ffff888102a17300, ffff888102a17373)
[   27.163038] 
[   27.163412] The buggy address belongs to the physical page:
[   27.164049] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a17
[   27.164473] flags: 0x200000000000000(node=0|zone=2)
[   27.165101] page_type: f5(slab)
[   27.165579] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   27.166939] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000
[   27.167496] page dumped because: kasan: bad access detected
[   27.167923] 
[   27.168192] Memory state around the buggy address:
[   27.168613]  ffff888102a17200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   27.169411]  ffff888102a17280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.169886] >ffff888102a17300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   27.170387]                                                              ^
[   27.171104]  ffff888102a17380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.171936]  ffff888102a17400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   27.172433] ==================================================================
[   27.229055] ==================================================================
[   27.230043] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380
[   27.230863] Read of size 1 at addr ffff888101abb2bb by task kunit_try_catch/233
[   27.231555] 
[   27.231756] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G    B            N 6.12.0-next-20241122 #1
[   27.232213] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.232801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.234264] Call Trace:
[   27.234610]  <TASK>
[   27.234922]  dump_stack_lvl+0x73/0xb0
[   27.235382]  print_report+0xd1/0x640
[   27.236303]  ? __virt_addr_valid+0x1db/0x2d0
[   27.236711]  ? kasan_complete_mode_report_info+0x2a/0x200
[   27.237246]  kasan_report+0x102/0x140
[   27.239200]  ? mempool_oob_right_helper+0x31a/0x380
[   27.239783]  ? mempool_oob_right_helper+0x31a/0x380
[   27.240519]  __asan_report_load1_noabort+0x18/0x20
[   27.241189]  mempool_oob_right_helper+0x31a/0x380
[   27.241943]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   27.242591]  ? finish_task_switch.isra.0+0x153/0x700
[   27.243330]  mempool_slab_oob_right+0xb1/0x100
[   27.243936]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   27.244403]  ? __switch_to+0x5d9/0xf60
[   27.244948]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   27.245649]  ? __pfx_mempool_free_slab+0x10/0x10
[   27.246292]  ? __pfx_read_tsc+0x10/0x10
[   27.246611]  ? ktime_get_ts64+0x84/0x230
[   27.247077]  kunit_try_run_case+0x1b3/0x490
[   27.247782]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.248519]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   27.249055]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.249673]  ? __kthread_parkme+0x82/0x160
[   27.250225]  ? preempt_count_sub+0x50/0x80
[   27.250855]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.251240]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.252335]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.252816]  kthread+0x257/0x310
[   27.253223]  ? __pfx_kthread+0x10/0x10
[   27.254118]  ret_from_fork+0x41/0x80
[   27.254476]  ? __pfx_kthread+0x10/0x10
[   27.254764]  ret_from_fork_asm+0x1a/0x30
[   27.255253]  </TASK>
[   27.256052] 
[   27.256234] Allocated by task 233:
[   27.256430]  kasan_save_stack+0x3d/0x60
[   27.256680]  kasan_save_track+0x18/0x40
[   27.257376]  kasan_save_alloc_info+0x3b/0x50
[   27.257813]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   27.258154]  remove_element+0x11e/0x190
[   27.258668]  mempool_alloc_preallocated+0x4d/0x90
[   27.259421]  mempool_oob_right_helper+0x8b/0x380
[   27.260633]  mempool_slab_oob_right+0xb1/0x100
[   27.261264]  kunit_try_run_case+0x1b3/0x490
[   27.261705]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.262174]  kthread+0x257/0x310
[   27.262786]  ret_from_fork+0x41/0x80
[   27.263204]  ret_from_fork_asm+0x1a/0x30
[   27.263597] 
[   27.263748] The buggy address belongs to the object at ffff888101abb240
[   27.263748]  which belongs to the cache test_cache of size 123
[   27.265698] The buggy address is located 0 bytes to the right of
[   27.265698]  allocated 123-byte region [ffff888101abb240, ffff888101abb2bb)
[   27.267787] 
[   27.268054] The buggy address belongs to the physical page:
[   27.268452] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101abb
[   27.270102] flags: 0x200000000000000(node=0|zone=2)
[   27.270768] page_type: f5(slab)
[   27.271359] raw: 0200000000000000 ffff888101a67780 dead000000000122 0000000000000000
[   27.272356] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000
[   27.272837] page dumped because: kasan: bad access detected
[   27.273438] 
[   27.273924] Memory state around the buggy address:
[   27.274533]  ffff888101abb180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   27.275305]  ffff888101abb200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   27.276360] >ffff888101abb280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   27.276944]                                         ^
[   27.277422]  ffff888101abb300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.278169]  ffff888101abb380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.279094] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2pC5b8oaJWXHgnXV09vT5LVgOaw

job_id

TEST:linaro@lkft#2pC5gJrOhOMCPVCTwF6RWUbKkzV

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2pC5gJrOhOMCPVCTwF6RWUbKkzV

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pC5d8hM9aExmiriR2zCnDddb2O/bzImage
sha256sum	9e430a5c45c1c4d501e13019c577f1fb3e738d06e3c62c75693b9374ef9b548d

rootfs

url	https://storage.tuxboot.com/debian/trixie/amd64/rootfs.ext4.xz
sha256sum	c6ceed53712217894b72c37cdc18ddb1157eb9bca95bb5bb312b9c30db3bb83b

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2pC5d8hM9aExmiriR2zCnDddb2O/modules.tar.xz
sha256sum	342d3a3609bc12bfde714988d31ce95ccf57861e8edbfa31f0f2d2d1be459952

durations

tests

boot	362.79
kunit	484.51

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.1.1+ds-5

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit