lkft/linux-next-master - next-20250623 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

June 23, 2025, 7:07 a.m.

Environment
qemu-arm64
qemu-x86_64

[   35.458163] ==================================================================
[   35.458552] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   35.458713] Read of size 1 at addr fff00000c77ae001 by task kunit_try_catch/235
[   35.458914] 
[   35.459006] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250623 #1 PREEMPT 
[   35.459888] Tainted: [B]=BAD_PAGE, [N]=TEST
[   35.459955] Hardware name: linux,dummy-virt (DT)
[   35.460059] Call trace:
[   35.460119]  show_stack+0x20/0x38 (C)
[   35.460244]  dump_stack_lvl+0x8c/0xd0
[   35.461697]  print_report+0x118/0x608
[   35.461851]  kasan_report+0xdc/0x128
[   35.461918]  __asan_report_load1_noabort+0x20/0x30
[   35.461977]  mempool_oob_right_helper+0x2ac/0x2f0
[   35.462073]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   35.462182]  kunit_try_run_case+0x170/0x3f0
[   35.462247]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   35.462341]  kthread+0x328/0x630
[   35.462522]  ret_from_fork+0x10/0x20
[   35.462800] 
[   35.462856] The buggy address belongs to the physical page:
[   35.462955] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ac
[   35.463218] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   35.463520] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   35.463650] page_type: f8(unknown)
[   35.463786] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   35.463990] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   35.464343] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   35.464694] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   35.464816] head: 0bfffe0000000002 ffffc1ffc31deb01 00000000ffffffff 00000000ffffffff
[   35.464929] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   35.465023] page dumped because: kasan: bad access detected
[   35.465121] 
[   35.465173] Memory state around the buggy address:
[   35.465327]  fff00000c77adf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   35.465497]  fff00000c77adf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   35.465616] >fff00000c77ae000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   35.465720]                    ^
[   35.465792]  fff00000c77ae080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   35.466075]  fff00000c77ae100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   35.466257] ==================================================================
[   35.420200] ==================================================================
[   35.420325] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   35.420475] Read of size 1 at addr fff00000c63f0c73 by task kunit_try_catch/233
[   35.420590] 
[   35.420700] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250623 #1 PREEMPT 
[   35.421558] Tainted: [B]=BAD_PAGE, [N]=TEST
[   35.422022] Hardware name: linux,dummy-virt (DT)
[   35.422136] Call trace:
[   35.422206]  show_stack+0x20/0x38 (C)
[   35.423157]  dump_stack_lvl+0x8c/0xd0
[   35.423440]  print_report+0x118/0x608
[   35.423839]  kasan_report+0xdc/0x128
[   35.424015]  __asan_report_load1_noabort+0x20/0x30
[   35.424242]  mempool_oob_right_helper+0x2ac/0x2f0
[   35.424408]  mempool_kmalloc_oob_right+0xc4/0x120
[   35.424539]  kunit_try_run_case+0x170/0x3f0
[   35.424662]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   35.424813]  kthread+0x328/0x630
[   35.425106]  ret_from_fork+0x10/0x20
[   35.425509] 
[   35.425559] Allocated by task 233:
[   35.425932]  kasan_save_stack+0x3c/0x68
[   35.426065]  kasan_save_track+0x20/0x40
[   35.426187]  kasan_save_alloc_info+0x40/0x58
[   35.426450]  __kasan_mempool_unpoison_object+0x11c/0x180
[   35.426631]  remove_element+0x130/0x1f8
[   35.426825]  mempool_alloc_preallocated+0x58/0xc0
[   35.427182]  mempool_oob_right_helper+0x98/0x2f0
[   35.427470]  mempool_kmalloc_oob_right+0xc4/0x120
[   35.427769]  kunit_try_run_case+0x170/0x3f0
[   35.428278]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   35.428397]  kthread+0x328/0x630
[   35.428483]  ret_from_fork+0x10/0x20
[   35.428577] 
[   35.428653] The buggy address belongs to the object at fff00000c63f0c00
[   35.428653]  which belongs to the cache kmalloc-128 of size 128
[   35.429042] The buggy address is located 0 bytes to the right of
[   35.429042]  allocated 115-byte region [fff00000c63f0c00, fff00000c63f0c73)
[   35.429351] 
[   35.429413] The buggy address belongs to the physical page:
[   35.429506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063f0
[   35.429644] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   35.429768] page_type: f5(slab)
[   35.429867] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   35.429980] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   35.430756] page dumped because: kasan: bad access detected
[   35.430863] 
[   35.431260] Memory state around the buggy address:
[   35.431379]  fff00000c63f0b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   35.431690]  fff00000c63f0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   35.431819] >fff00000c63f0c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   35.431914]                                                              ^
[   35.432841]  fff00000c63f0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   35.432974]  fff00000c63f0d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   35.433116] ==================================================================
[   35.489653] ==================================================================
[   35.489938] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   35.490251] Read of size 1 at addr fff00000c76d92bb by task kunit_try_catch/237
[   35.490551] 
[   35.490717] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250623 #1 PREEMPT 
[   35.491076] Tainted: [B]=BAD_PAGE, [N]=TEST
[   35.491175] Hardware name: linux,dummy-virt (DT)
[   35.491255] Call trace:
[   35.491654]  show_stack+0x20/0x38 (C)
[   35.491786]  dump_stack_lvl+0x8c/0xd0
[   35.491966]  print_report+0x118/0x608
[   35.492158]  kasan_report+0xdc/0x128
[   35.492376]  __asan_report_load1_noabort+0x20/0x30
[   35.492686]  mempool_oob_right_helper+0x2ac/0x2f0
[   35.492850]  mempool_slab_oob_right+0xc0/0x118
[   35.492975]  kunit_try_run_case+0x170/0x3f0
[   35.493123]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   35.493427]  kthread+0x328/0x630
[   35.493564]  ret_from_fork+0x10/0x20
[   35.493684] 
[   35.493728] Allocated by task 237:
[   35.493799]  kasan_save_stack+0x3c/0x68
[   35.493898]  kasan_save_track+0x20/0x40
[   35.493989]  kasan_save_alloc_info+0x40/0x58
[   35.494108]  __kasan_mempool_unpoison_object+0xbc/0x180
[   35.494235]  remove_element+0x16c/0x1f8
[   35.494351]  mempool_alloc_preallocated+0x58/0xc0
[   35.494454]  mempool_oob_right_helper+0x98/0x2f0
[   35.494551]  mempool_slab_oob_right+0xc0/0x118
[   35.494659]  kunit_try_run_case+0x170/0x3f0
[   35.494812]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   35.494991]  kthread+0x328/0x630
[   35.495502]  ret_from_fork+0x10/0x20
[   35.495620] 
[   35.495676] The buggy address belongs to the object at fff00000c76d9240
[   35.495676]  which belongs to the cache test_cache of size 123
[   35.495820] The buggy address is located 0 bytes to the right of
[   35.495820]  allocated 123-byte region [fff00000c76d9240, fff00000c76d92bb)
[   35.496457] 
[   35.496586] The buggy address belongs to the physical page:
[   35.496737] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076d9
[   35.497217] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   35.497395] page_type: f5(slab)
[   35.497496] raw: 0bfffe0000000000 fff00000c598fa00 dead000000000122 0000000000000000
[   35.497609] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   35.497701] page dumped because: kasan: bad access detected
[   35.497786] 
[   35.497834] Memory state around the buggy address:
[   35.497909]  fff00000c76d9180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   35.498260]  fff00000c76d9200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   35.498885] >fff00000c76d9280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   35.499223]                                         ^
[   35.499431]  fff00000c76d9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   35.499695]  fff00000c76d9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   35.501080] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2ytmowJu277AggRMV0akIntCcBb

job_id

TEST:linaro@lkft#2ytmtaMTLcPEn4w4FcozR6WSC8v

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2ytmtaMTLcPEn4w4FcozR6WSC8v

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ytmq2ZJyYwoO1zRFnnOdOncGpy/Image.gz
sha256sum	8babb9b25d008158739b204767b25f2683bd6714a94fb69277dbb95712e03026

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ytmq2ZJyYwoO1zRFnnOdOncGpy/modules.tar.xz
sha256sum	6a716a814d9729621b3aef13f694d9d6b53e23d3c12c6a026a54d81f80d3f12c

durations

tests

boot	0
kunit	290.50

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   23.346876] ==================================================================
[   23.347334] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   23.347848] Read of size 1 at addr ffff888102c182bb by task kunit_try_catch/254
[   23.348338] 
[   23.348556] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250623 #1 PREEMPT(voluntary) 
[   23.348647] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.348670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   23.348700] Call Trace:
[   23.348720]  <TASK>
[   23.348744]  dump_stack_lvl+0x73/0xb0
[   23.348792]  print_report+0xd1/0x650
[   23.348822]  ? __virt_addr_valid+0x1db/0x2d0
[   23.348854]  ? mempool_oob_right_helper+0x318/0x380
[   23.348887]  ? kasan_complete_mode_report_info+0x2a/0x200
[   23.348925]  ? mempool_oob_right_helper+0x318/0x380
[   23.349011]  kasan_report+0x141/0x180
[   23.349066]  ? mempool_oob_right_helper+0x318/0x380
[   23.349107]  __asan_report_load1_noabort+0x18/0x20
[   23.349143]  mempool_oob_right_helper+0x318/0x380
[   23.349182]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   23.349227]  ? __pfx_sched_clock_cpu+0x10/0x10
[   23.349266]  ? irqentry_exit+0x2a/0x60
[   23.349304]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   23.349340]  mempool_slab_oob_right+0xed/0x140
[   23.349371]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   23.349424]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   23.349460]  ? __pfx_mempool_free_slab+0x10/0x10
[   23.349497]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   23.349537]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   23.349619]  kunit_try_run_case+0x1a5/0x480
[   23.349662]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.349695]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   23.349732]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   23.349774]  ? __kthread_parkme+0x82/0x180
[   23.349810]  ? preempt_count_sub+0x50/0x80
[   23.349875]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.349914]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.349952]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   23.349992]  kthread+0x337/0x6f0
[   23.350022]  ? trace_preempt_on+0x20/0xc0
[   23.350077]  ? __pfx_kthread+0x10/0x10
[   23.350115]  ? _raw_spin_unlock_irq+0x47/0x80
[   23.350145]  ? calculate_sigpending+0x7b/0xa0
[   23.350182]  ? __pfx_kthread+0x10/0x10
[   23.350209]  ret_from_fork+0x116/0x1d0
[   23.350228]  ? __pfx_kthread+0x10/0x10
[   23.350245]  ret_from_fork_asm+0x1a/0x30
[   23.350272]  </TASK>
[   23.350285] 
[   23.360565] Allocated by task 254:
[   23.360809]  kasan_save_stack+0x45/0x70
[   23.361172]  kasan_save_track+0x18/0x40
[   23.361637]  kasan_save_alloc_info+0x3b/0x50
[   23.361978]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   23.362430]  remove_element+0x11e/0x190
[   23.362751]  mempool_alloc_preallocated+0x4d/0x90
[   23.363039]  mempool_oob_right_helper+0x8a/0x380
[   23.363205]  mempool_slab_oob_right+0xed/0x140
[   23.363363]  kunit_try_run_case+0x1a5/0x480
[   23.363673]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.364241]  kthread+0x337/0x6f0
[   23.364527]  ret_from_fork+0x116/0x1d0
[   23.364807]  ret_from_fork_asm+0x1a/0x30
[   23.365267] 
[   23.365433] The buggy address belongs to the object at ffff888102c18240
[   23.365433]  which belongs to the cache test_cache of size 123
[   23.366226] The buggy address is located 0 bytes to the right of
[   23.366226]  allocated 123-byte region [ffff888102c18240, ffff888102c182bb)
[   23.366634] 
[   23.366733] The buggy address belongs to the physical page:
[   23.366920] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c18
[   23.367435] flags: 0x200000000000000(node=0|zone=2)
[   23.367832] page_type: f5(slab)
[   23.368343] raw: 0200000000000000 ffff888102c11140 dead000000000122 0000000000000000
[   23.368885] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   23.369327] page dumped because: kasan: bad access detected
[   23.369521] 
[   23.369603] Memory state around the buggy address:
[   23.369766]  ffff888102c18180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   23.369975]  ffff888102c18200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   23.370254] >ffff888102c18280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   23.370916]                                         ^
[   23.371291]  ffff888102c18300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.371891]  ffff888102c18380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.372359] ==================================================================
[   23.313753] ==================================================================
[   23.314415] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   23.314920] Read of size 1 at addr ffff888103a92001 by task kunit_try_catch/252
[   23.315790] 
[   23.316001] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250623 #1 PREEMPT(voluntary) 
[   23.316094] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.316115] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   23.316156] Call Trace:
[   23.316183]  <TASK>
[   23.316411]  dump_stack_lvl+0x73/0xb0
[   23.316495]  print_report+0xd1/0x650
[   23.316533]  ? __virt_addr_valid+0x1db/0x2d0
[   23.316571]  ? mempool_oob_right_helper+0x318/0x380
[   23.316607]  ? kasan_addr_to_slab+0x11/0xa0
[   23.316641]  ? mempool_oob_right_helper+0x318/0x380
[   23.316681]  kasan_report+0x141/0x180
[   23.316724]  ? mempool_oob_right_helper+0x318/0x380
[   23.316777]  __asan_report_load1_noabort+0x18/0x20
[   23.316805]  mempool_oob_right_helper+0x318/0x380
[   23.316828]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   23.316875]  ? update_load_avg+0x1be/0x21b0
[   23.316903]  ? dequeue_entities+0x27e/0x1740
[   23.316927]  ? finish_task_switch.isra.0+0x153/0x700
[   23.316950]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   23.316973]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   23.316997]  ? __pfx_mempool_kmalloc+0x10/0x10
[   23.317021]  ? __pfx_mempool_kfree+0x10/0x10
[   23.317043]  ? __pfx_read_tsc+0x10/0x10
[   23.317064]  ? ktime_get_ts64+0x86/0x230
[   23.317101]  kunit_try_run_case+0x1a5/0x480
[   23.317138]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.317170]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   23.317200]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   23.317221]  ? __kthread_parkme+0x82/0x180
[   23.317242]  ? preempt_count_sub+0x50/0x80
[   23.317262]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.317283]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.317305]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   23.317327]  kthread+0x337/0x6f0
[   23.317344]  ? trace_preempt_on+0x20/0xc0
[   23.317366]  ? __pfx_kthread+0x10/0x10
[   23.317402]  ? _raw_spin_unlock_irq+0x47/0x80
[   23.317423]  ? calculate_sigpending+0x7b/0xa0
[   23.317448]  ? __pfx_kthread+0x10/0x10
[   23.317468]  ret_from_fork+0x116/0x1d0
[   23.317485]  ? __pfx_kthread+0x10/0x10
[   23.317504]  ret_from_fork_asm+0x1a/0x30
[   23.317534]  </TASK>
[   23.317546] 
[   23.330491] The buggy address belongs to the physical page:
[   23.330754] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a90
[   23.331459] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   23.331931] flags: 0x200000000000040(head|node=0|zone=2)
[   23.332818] page_type: f8(unknown)
[   23.333089] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   23.333685] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   23.334215] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   23.335070] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   23.335608] head: 0200000000000002 ffffea00040ea401 00000000ffffffff 00000000ffffffff
[   23.336651] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   23.336978] page dumped because: kasan: bad access detected
[   23.337316] 
[   23.337472] Memory state around the buggy address:
[   23.337656]  ffff888103a91f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.338176]  ffff888103a91f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.338677] >ffff888103a92000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.339230]                    ^
[   23.339506]  ffff888103a92080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.339990]  ffff888103a92100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   23.340246] ==================================================================
[   23.281857] ==================================================================
[   23.282300] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   23.283177] Read of size 1 at addr ffff888102c14173 by task kunit_try_catch/250
[   23.283408] 
[   23.283538] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250623 #1 PREEMPT(voluntary) 
[   23.283633] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.283654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   23.283713] Call Trace:
[   23.283740]  <TASK>
[   23.283784]  dump_stack_lvl+0x73/0xb0
[   23.283860]  print_report+0xd1/0x650
[   23.283905]  ? __virt_addr_valid+0x1db/0x2d0
[   23.283952]  ? mempool_oob_right_helper+0x318/0x380
[   23.283995]  ? kasan_complete_mode_report_info+0x2a/0x200
[   23.284040]  ? mempool_oob_right_helper+0x318/0x380
[   23.284083]  kasan_report+0x141/0x180
[   23.284121]  ? mempool_oob_right_helper+0x318/0x380
[   23.284173]  __asan_report_load1_noabort+0x18/0x20
[   23.284205]  mempool_oob_right_helper+0x318/0x380
[   23.284253]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   23.284278]  ? __pfx_sched_clock_cpu+0x10/0x10
[   23.284297]  ? irqentry_exit+0x2a/0x60
[   23.284317]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   23.284338]  mempool_kmalloc_oob_right+0xf2/0x150
[   23.284358]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   23.284395]  ? __pfx_mempool_kmalloc+0x10/0x10
[   23.284420]  ? __pfx_mempool_kfree+0x10/0x10
[   23.284440]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   23.284462]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   23.284483]  kunit_try_run_case+0x1a5/0x480
[   23.284507]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.284525]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   23.284545]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   23.284564]  ? __kthread_parkme+0x82/0x180
[   23.284583]  ? preempt_count_sub+0x50/0x80
[   23.284603]  ? __pfx_kunit_try_run_case+0x10/0x10
[   23.284624]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.284643]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   23.284663]  kthread+0x337/0x6f0
[   23.284679]  ? trace_preempt_on+0x20/0xc0
[   23.284700]  ? __pfx_kthread+0x10/0x10
[   23.284717]  ? _raw_spin_unlock_irq+0x47/0x80
[   23.284735]  ? calculate_sigpending+0x7b/0xa0
[   23.284756]  ? __pfx_kthread+0x10/0x10
[   23.284773]  ret_from_fork+0x116/0x1d0
[   23.284791]  ? __pfx_kthread+0x10/0x10
[   23.284808]  ret_from_fork_asm+0x1a/0x30
[   23.284847]  </TASK>
[   23.284860] 
[   23.297117] Allocated by task 250:
[   23.297277]  kasan_save_stack+0x45/0x70
[   23.297464]  kasan_save_track+0x18/0x40
[   23.297633]  kasan_save_alloc_info+0x3b/0x50
[   23.297815]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   23.298548]  remove_element+0x11e/0x190
[   23.298747]  mempool_alloc_preallocated+0x4d/0x90
[   23.298928]  mempool_oob_right_helper+0x8a/0x380
[   23.299146]  mempool_kmalloc_oob_right+0xf2/0x150
[   23.299348]  kunit_try_run_case+0x1a5/0x480
[   23.299488]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   23.299662]  kthread+0x337/0x6f0
[   23.299845]  ret_from_fork+0x116/0x1d0
[   23.300206]  ret_from_fork_asm+0x1a/0x30
[   23.300499] 
[   23.300634] The buggy address belongs to the object at ffff888102c14100
[   23.300634]  which belongs to the cache kmalloc-128 of size 128
[   23.302164] The buggy address is located 0 bytes to the right of
[   23.302164]  allocated 115-byte region [ffff888102c14100, ffff888102c14173)
[   23.302649] 
[   23.302801] The buggy address belongs to the physical page:
[   23.303085] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c14
[   23.303506] flags: 0x200000000000000(node=0|zone=2)
[   23.304164] page_type: f5(slab)
[   23.304307] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   23.304582] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   23.304710] page dumped because: kasan: bad access detected
[   23.304799] 
[   23.305165] Memory state around the buggy address:
[   23.305400]  ffff888102c14000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   23.305811]  ffff888102c14080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.306552] >ffff888102c14100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   23.306801]                                                              ^
[   23.307292]  ffff888102c14180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   23.307589]  ffff888102c14200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   23.308468] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2ytmowJu277AggRMV0akIntCcBb

job_id

TEST:linaro@lkft#2ytmubRIV1JPUllhZ47JmxJvXDc

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2ytmubRIV1JPUllhZ47JmxJvXDc

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ytmr5So17mjebl2Ct1tTXuuGxA/bzImage
sha256sum	b03452fcb75b3b14cf8383cc19f407b3f7a1f0ee70432185dec0e489b10cb3a4

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ytmr5So17mjebl2Ct1tTXuuGxA/modules.tar.xz
sha256sum	e4532e2fb00e2e4b26601276ccbbe81c48edd0570f10fd066f50509a42a73673

durations

tests

boot	0
kunit	172.25

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit