lkft/linux-next-master - next-20250319 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

March 19, 2025, 10:35 a.m.

Environment
qemu-arm64
qemu-x86_64

[   37.063660] ==================================================================
[   37.063934] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   37.064205] Read of size 1 at addr fff00000c5da6073 by task kunit_try_catch/223
[   37.064418] 
[   37.064536] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G    B            N  6.14.0-rc7-next-20250319 #1 PREEMPT 
[   37.065076] Tainted: [B]=BAD_PAGE, [N]=TEST
[   37.065212] Hardware name: linux,dummy-virt (DT)
[   37.065271] Call trace:
[   37.065314]  show_stack+0x20/0x38 (C)
[   37.065407]  dump_stack_lvl+0x8c/0xd0
[   37.065491]  print_report+0x118/0x5f0
[   37.065565]  kasan_report+0xc8/0x118
[   37.065642]  __asan_report_load1_noabort+0x20/0x30
[   37.065726]  mempool_oob_right_helper+0x2ac/0x2f0
[   37.065807]  mempool_kmalloc_oob_right+0xbc/0x118
[   37.065892]  kunit_try_run_case+0x14c/0x3d0
[   37.065977]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   37.066095]  kthread+0x318/0x618
[   37.066260]  ret_from_fork+0x10/0x20
[   37.066439] 
[   37.066536] Allocated by task 223:
[   37.066632]  kasan_save_stack+0x3c/0x68
[   37.066762]  kasan_save_track+0x20/0x40
[   37.066878]  kasan_save_alloc_info+0x40/0x58
[   37.067015]  __kasan_mempool_unpoison_object+0x11c/0x180
[   37.067165]  remove_element+0x130/0x1f8
[   37.067319]  mempool_alloc_preallocated+0x58/0xc0
[   37.067543]  mempool_oob_right_helper+0x98/0x2f0
[   37.067765]  mempool_kmalloc_oob_right+0xbc/0x118
[   37.067975]  kunit_try_run_case+0x14c/0x3d0
[   37.068141]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   37.068275]  kthread+0x318/0x618
[   37.068795]  ret_from_fork+0x10/0x20
[   37.068962] 
[   37.069083] The buggy address belongs to the object at fff00000c5da6000
[   37.069083]  which belongs to the cache kmalloc-128 of size 128
[   37.069278] The buggy address is located 0 bytes to the right of
[   37.069278]  allocated 115-byte region [fff00000c5da6000, fff00000c5da6073)
[   37.069475] 
[   37.069565] The buggy address belongs to the physical page:
[   37.069672] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105da6
[   37.069850] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   37.070021] page_type: f5(slab)
[   37.070244] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   37.070509] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   37.070704] page dumped because: kasan: bad access detected
[   37.070806] 
[   37.070898] Memory state around the buggy address:
[   37.071088]  fff00000c5da5f00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[   37.071232]  fff00000c5da5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   37.071366] >fff00000c5da6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   37.071491]                                                              ^
[   37.071979]  fff00000c5da6080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   37.072379]  fff00000c5da6100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   37.072555] ==================================================================
[   37.141797] ==================================================================
[   37.142021] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   37.142249] Read of size 1 at addr fff00000c5daa2bb by task kunit_try_catch/227
[   37.142450] 
[   37.142592] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G    B            N  6.14.0-rc7-next-20250319 #1 PREEMPT 
[   37.142940] Tainted: [B]=BAD_PAGE, [N]=TEST
[   37.143038] Hardware name: linux,dummy-virt (DT)
[   37.143176] Call trace:
[   37.143284]  show_stack+0x20/0x38 (C)
[   37.143466]  dump_stack_lvl+0x8c/0xd0
[   37.143669]  print_report+0x118/0x5f0
[   37.143890]  kasan_report+0xc8/0x118
[   37.144109]  __asan_report_load1_noabort+0x20/0x30
[   37.144258]  mempool_oob_right_helper+0x2ac/0x2f0
[   37.144650]  mempool_slab_oob_right+0xb8/0x110
[   37.144845]  kunit_try_run_case+0x14c/0x3d0
[   37.145012]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   37.145209]  kthread+0x318/0x618
[   37.145432]  ret_from_fork+0x10/0x20
[   37.145578] 
[   37.145634] Allocated by task 227:
[   37.145930]  kasan_save_stack+0x3c/0x68
[   37.146080]  kasan_save_track+0x20/0x40
[   37.146206]  kasan_save_alloc_info+0x40/0x58
[   37.146352]  __kasan_mempool_unpoison_object+0xbc/0x180
[   37.146495]  remove_element+0x16c/0x1f8
[   37.146698]  mempool_alloc_preallocated+0x58/0xc0
[   37.146837]  mempool_oob_right_helper+0x98/0x2f0
[   37.146976]  mempool_slab_oob_right+0xb8/0x110
[   37.147126]  kunit_try_run_case+0x14c/0x3d0
[   37.147248]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   37.147390]  kthread+0x318/0x618
[   37.147515]  ret_from_fork+0x10/0x20
[   37.147631] 
[   37.147688] The buggy address belongs to the object at fff00000c5daa240
[   37.147688]  which belongs to the cache test_cache of size 123
[   37.147901] The buggy address is located 0 bytes to the right of
[   37.147901]  allocated 123-byte region [fff00000c5daa240, fff00000c5daa2bb)
[   37.148441] 
[   37.148553] The buggy address belongs to the physical page:
[   37.148764] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105daa
[   37.149002] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   37.149288] page_type: f5(slab)
[   37.149450] raw: 0bfffe0000000000 fff00000c5d9a640 dead000000000122 0000000000000000
[   37.149628] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   37.149755] page dumped because: kasan: bad access detected
[   37.150544] 
[   37.150637] Memory state around the buggy address:
[   37.150913]  fff00000c5daa180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   37.151127]  fff00000c5daa200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   37.151285] >fff00000c5daa280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   37.151437]                                         ^
[   37.151630]  fff00000c5daa300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   37.151857]  fff00000c5daa380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   37.152006] ==================================================================
[   37.099859] ==================================================================
[   37.100040] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   37.100225] Read of size 1 at addr fff00000c7802001 by task kunit_try_catch/225
[   37.100473] 
[   37.100577] CPU: 1 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G    B            N  6.14.0-rc7-next-20250319 #1 PREEMPT 
[   37.101129] Tainted: [B]=BAD_PAGE, [N]=TEST
[   37.101255] Hardware name: linux,dummy-virt (DT)
[   37.101352] Call trace:
[   37.101396]  show_stack+0x20/0x38 (C)
[   37.101480]  dump_stack_lvl+0x8c/0xd0
[   37.101560]  print_report+0x118/0x5f0
[   37.101632]  kasan_report+0xc8/0x118
[   37.101705]  __asan_report_load1_noabort+0x20/0x30
[   37.101784]  mempool_oob_right_helper+0x2ac/0x2f0
[   37.101868]  mempool_kmalloc_large_oob_right+0xbc/0x118
[   37.101951]  kunit_try_run_case+0x14c/0x3d0
[   37.102030]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   37.102229]  kthread+0x318/0x618
[   37.103280]  ret_from_fork+0x10/0x20
[   37.103485] 
[   37.103553] The buggy address belongs to the physical page:
[   37.103657] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107800
[   37.104125] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   37.104305] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   37.104965] page_type: f8(unknown)
[   37.105141] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   37.105770] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   37.105949] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   37.106135] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   37.106303] head: 0bfffe0000000002 ffffc1ffc31e0001 00000000ffffffff 00000000ffffffff
[   37.106468] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   37.106609] page dumped because: kasan: bad access detected
[   37.106706] 
[   37.106771] Memory state around the buggy address:
[   37.106877]  fff00000c7801f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   37.107035]  fff00000c7801f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   37.109164] >fff00000c7802000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   37.109419]                    ^
[   37.109644]  fff00000c7802080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   37.110183]  fff00000c7802100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   37.110549] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2uX2DZIoykoCuhH4arMoBy977bK

job_id

TEST:linaro@lkft#2uX2IY2MFMbCeXxVlYVKThLK0vG

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2uX2IY2MFMbCeXxVlYVKThLK0vG

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2uX2F32dFREZpt738DwHKERJ1NE/Image.gz
sha256sum	7e21ea2b066793bfb239769397e1ca6d991d8341932b5c259d0b5291ae716875

rootfs

url	https://storage.tuxboot.com/debian/trixie/arm64/rootfs.ext4.xz
sha256sum	71bcc7bc8dbd4ac7d02d52aed8886662999d6e6c790f9b9e5220beaf580ccfc1

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2uX2F32dFREZpt738DwHKERJ1NE/modules.tar.xz
sha256sum	def6cc6c2dd7d82317a0ac9ef5e9628af2e72f9fd52e222ac4d2bca68256cb99

durations

tests

boot	0
kunit	148.31

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.2.1+ds-1

[   23.954441] ==================================================================
[   23.955532] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   23.956627] Read of size 1 at addr ffff88810391a001 by task kunit_try_catch/244
[   23.957637] 
[   23.958007] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G    B            N  6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) 
[   23.958166] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.958206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   23.958267] Call Trace:
[   23.958302]  <TASK>
[   23.958329]  dump_stack_lvl+0x73/0xb0
[   23.958378]  print_report+0xd1/0x660
[   23.958433]  ? __virt_addr_valid+0x1db/0x2d0
[   23.958512]  ? kasan_addr_to_slab+0x11/0xa0
[   23.958547]  kasan_report+0x104/0x140
[   23.958577]  ? mempool_oob_right_helper+0x318/0x380
[   23.958615]  ? mempool_oob_right_helper+0x318/0x380
[   23.958658]  __asan_report_load1_noabort+0x18/0x20
[   23.958688]  mempool_oob_right_helper+0x318/0x380
[   23.958919]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   23.959051]  ? finish_task_switch.isra.0+0x153/0x730
[   23.959152]  mempool_kmalloc_large_oob_right+0xb5/0x100
[   23.959196]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   23.959233]  ? __switch_to+0x5d9/0xf70
[   23.959270]  ? __pfx_mempool_kmalloc+0x10/0x10
[   23.959302]  ? __pfx_mempool_kfree+0x10/0x10
[   23.959335]  ? __pfx_read_tsc+0x10/0x10
[   23.959366]  ? ktime_get_ts64+0x86/0x240
[   23.959404]  kunit_try_run_case+0x1b2/0x490
[   23.959442]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.959475]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   23.959508]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   23.959541]  ? __kthread_parkme+0x82/0x160
[   23.959572]  ? preempt_count_sub+0x50/0x80
[   23.959635]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.959670]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.959764]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   23.959840]  kthread+0x323/0x710
[   23.959891]  ? trace_preempt_on+0x20/0xc0
[   23.959929]  ? __pfx_kthread+0x10/0x10
[   23.959974]  ? _raw_spin_unlock_irq+0x47/0x80
[   23.960004]  ? calculate_sigpending+0x7b/0xa0
[   23.960038]  ? __pfx_kthread+0x10/0x10
[   23.960070]  ret_from_fork+0x41/0x80
[   23.960102]  ? __pfx_kthread+0x10/0x10
[   23.960183]  ret_from_fork_asm+0x1a/0x30
[   23.960233]  </TASK>
[   23.960249] 
[   23.977978] The buggy address belongs to the physical page:
[   23.978962] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103918
[   23.980038] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   23.981081] flags: 0x200000000000040(head|node=0|zone=2)
[   23.981882] page_type: f8(unknown)
[   23.982174] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   23.983139] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   23.984246] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   23.985181] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   23.986171] head: 0200000000000002 ffffea00040e4601 00000000ffffffff 00000000ffffffff
[   23.986581] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   23.987505] page dumped because: kasan: bad access detected
[   23.988399] 
[   23.988622] Memory state around the buggy address:
[   23.989364]  ffff888103919f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.990195]  ffff888103919f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.990840] >ffff88810391a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.991241]                    ^
[   23.991635]  ffff88810391a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.992881]  ffff88810391a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.993549] ==================================================================
[   23.894229] ==================================================================
[   23.895450] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   23.896779] Read of size 1 at addr ffff888103210673 by task kunit_try_catch/242
[   23.897554] 
[   23.898539] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G    B            N  6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) 
[   23.898624] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.898642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   23.898675] Call Trace:
[   23.898694]  <TASK>
[   23.898751]  dump_stack_lvl+0x73/0xb0
[   23.898808]  print_report+0xd1/0x660
[   23.898843]  ? __virt_addr_valid+0x1db/0x2d0
[   23.898913]  ? kasan_complete_mode_report_info+0x2a/0x200
[   23.898950]  kasan_report+0x104/0x140
[   23.898980]  ? mempool_oob_right_helper+0x318/0x380
[   23.899017]  ? mempool_oob_right_helper+0x318/0x380
[   23.899060]  __asan_report_load1_noabort+0x18/0x20
[   23.899090]  mempool_oob_right_helper+0x318/0x380
[   23.899150]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   23.899185]  ? update_load_avg+0x1c3/0x2170
[   23.899221]  ? update_curr+0x80/0x810
[   23.899257]  ? finish_task_switch.isra.0+0x153/0x730
[   23.899295]  mempool_kmalloc_oob_right+0xb5/0x100
[   23.899330]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   23.899363]  ? __switch_to+0x5d9/0xf70
[   23.899398]  ? __pfx_mempool_kmalloc+0x10/0x10
[   23.899429]  ? __pfx_mempool_kfree+0x10/0x10
[   23.899462]  ? __pfx_read_tsc+0x10/0x10
[   23.899492]  ? ktime_get_ts64+0x86/0x240
[   23.899529]  kunit_try_run_case+0x1b2/0x490
[   23.899567]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.899624]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   23.899657]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   23.899689]  ? __kthread_parkme+0x82/0x160
[   23.899754]  ? preempt_count_sub+0x50/0x80
[   23.899794]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.899829]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.899864]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   23.899898]  kthread+0x323/0x710
[   23.899940]  ? trace_preempt_on+0x20/0xc0
[   23.899975]  ? __pfx_kthread+0x10/0x10
[   23.900006]  ? _raw_spin_unlock_irq+0x47/0x80
[   23.900036]  ? calculate_sigpending+0x7b/0xa0
[   23.900068]  ? __pfx_kthread+0x10/0x10
[   23.900100]  ret_from_fork+0x41/0x80
[   23.900153]  ? __pfx_kthread+0x10/0x10
[   23.900184]  ret_from_fork_asm+0x1a/0x30
[   23.900234]  </TASK>
[   23.900251] 
[   23.921857] Allocated by task 242:
[   23.922134]  kasan_save_stack+0x3d/0x60
[   23.922575]  kasan_save_track+0x18/0x40
[   23.926159]  kasan_save_alloc_info+0x3b/0x50
[   23.926464]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   23.927068]  remove_element+0x11e/0x190
[   23.927421]  mempool_alloc_preallocated+0x4d/0x90
[   23.927884]  mempool_oob_right_helper+0x8a/0x380
[   23.928996]  mempool_kmalloc_oob_right+0xb5/0x100
[   23.929420]  kunit_try_run_case+0x1b2/0x490
[   23.929886]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.930337]  kthread+0x323/0x710
[   23.930668]  ret_from_fork+0x41/0x80
[   23.932205]  ret_from_fork_asm+0x1a/0x30
[   23.932586] 
[   23.932751] The buggy address belongs to the object at ffff888103210600
[   23.932751]  which belongs to the cache kmalloc-128 of size 128
[   23.933715] The buggy address is located 0 bytes to the right of
[   23.933715]  allocated 115-byte region [ffff888103210600, ffff888103210673)
[   23.935205] 
[   23.935441] The buggy address belongs to the physical page:
[   23.936237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103210
[   23.937289] flags: 0x200000000000000(node=0|zone=2)
[   23.938091] page_type: f5(slab)
[   23.938357] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   23.939553] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   23.940515] page dumped because: kasan: bad access detected
[   23.941069] 
[   23.941268] Memory state around the buggy address:
[   23.941675]  ffff888103210500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   23.943004]  ffff888103210580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.943673] >ffff888103210600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   23.944523]                                                              ^
[   23.945579]  ffff888103210680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.946464]  ffff888103210700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   23.947130] ==================================================================
[   24.004249] ==================================================================
[   24.005565] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   24.006486] Read of size 1 at addr ffff88810322d2bb by task kunit_try_catch/246
[   24.007685] 
[   24.007972] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G    B            N  6.14.0-rc7-next-20250319 #1 PREEMPT(voluntary) 
[   24.008103] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.008165] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   24.008229] Call Trace:
[   24.008263]  <TASK>
[   24.008288]  dump_stack_lvl+0x73/0xb0
[   24.008336]  print_report+0xd1/0x660
[   24.008371]  ? __virt_addr_valid+0x1db/0x2d0
[   24.008465]  ? kasan_complete_mode_report_info+0x2a/0x200
[   24.008504]  kasan_report+0x104/0x140
[   24.008535]  ? mempool_oob_right_helper+0x318/0x380
[   24.008574]  ? mempool_oob_right_helper+0x318/0x380
[   24.008616]  __asan_report_load1_noabort+0x18/0x20
[   24.008647]  mempool_oob_right_helper+0x318/0x380
[   24.008873]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   24.009036]  ? finish_task_switch.isra.0+0x153/0x730
[   24.009171]  mempool_slab_oob_right+0xb0/0x100
[   24.009252]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   24.009319]  ? __switch_to+0x5d9/0xf70
[   24.009376]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   24.009410]  ? __pfx_mempool_free_slab+0x10/0x10
[   24.009445]  ? __pfx_read_tsc+0x10/0x10
[   24.009476]  ? ktime_get_ts64+0x86/0x240
[   24.009514]  kunit_try_run_case+0x1b2/0x490
[   24.009553]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.009585]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   24.009617]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   24.009649]  ? __kthread_parkme+0x82/0x160
[   24.009725]  ? preempt_count_sub+0x50/0x80
[   24.009796]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.009858]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.009918]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   24.009977]  kthread+0x323/0x710
[   24.010028]  ? trace_preempt_on+0x20/0xc0
[   24.010089]  ? __pfx_kthread+0x10/0x10
[   24.010170]  ? _raw_spin_unlock_irq+0x47/0x80
[   24.010201]  ? calculate_sigpending+0x7b/0xa0
[   24.010235]  ? __pfx_kthread+0x10/0x10
[   24.010268]  ret_from_fork+0x41/0x80
[   24.010301]  ? __pfx_kthread+0x10/0x10
[   24.010332]  ret_from_fork_asm+0x1a/0x30
[   24.010380]  </TASK>
[   24.010395] 
[   24.028626] Allocated by task 246:
[   24.029056]  kasan_save_stack+0x3d/0x60
[   24.029363]  kasan_save_track+0x18/0x40
[   24.030019]  kasan_save_alloc_info+0x3b/0x50
[   24.030580]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   24.031382]  remove_element+0x11e/0x190
[   24.032062]  mempool_alloc_preallocated+0x4d/0x90
[   24.032574]  mempool_oob_right_helper+0x8a/0x380
[   24.033585]  mempool_slab_oob_right+0xb0/0x100
[   24.034134]  kunit_try_run_case+0x1b2/0x490
[   24.034983]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.035423]  kthread+0x323/0x710
[   24.036023]  ret_from_fork+0x41/0x80
[   24.036478]  ret_from_fork_asm+0x1a/0x30
[   24.036942] 
[   24.037130] The buggy address belongs to the object at ffff88810322d240
[   24.037130]  which belongs to the cache test_cache of size 123
[   24.038502] The buggy address is located 0 bytes to the right of
[   24.038502]  allocated 123-byte region [ffff88810322d240, ffff88810322d2bb)
[   24.040018] 
[   24.040258] The buggy address belongs to the physical page:
[   24.040918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10322d
[   24.042415] flags: 0x200000000000000(node=0|zone=2)
[   24.042954] page_type: f5(slab)
[   24.043385] raw: 0200000000000000 ffff8881020e8dc0 dead000000000122 0000000000000000
[   24.044614] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   24.045560] page dumped because: kasan: bad access detected
[   24.046079] 
[   24.046284] Memory state around the buggy address:
[   24.047408]  ffff88810322d180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   24.048389]  ffff88810322d200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   24.048840] >ffff88810322d280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   24.050093]                                         ^
[   24.051045]  ffff88810322d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.051689]  ffff88810322d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.053015] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2uX2DZIoykoCuhH4arMoBy977bK

job_id

TEST:linaro@lkft#2uX2JXgeaQCkFWN6K2jCSXXvmhK

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2uX2JXgeaQCkFWN6K2jCSXXvmhK

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2uX2GLAurqOjIK7d0WUOat3cllr/bzImage
sha256sum	2bc7cc1a2590cb344ef11815bf2840b058232038476951f62f559ac8b93bacea

rootfs

url	https://storage.tuxboot.com/debian/trixie/amd64/rootfs.ext4.xz
sha256sum	c0721a415598e62660bcf524e126ecf297cac7ec4f7068a53fb00c57f9cd4051

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2uX2GLAurqOjIK7d0WUOat3cllr/modules.tar.xz
sha256sum	d7478c4852fdaca9c987642c2f409eace66511759906fa95e3a9d660c25bf7f6

durations

tests

boot	0
kunit	63.53

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.2.1+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit