lkft/linux-next-master - next-20250703 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right

Date

July 3, 2025, 10:10 a.m.

Environment
dragonboard-845c
qemu-arm64
qemu-x86_64

[   32.395637] ==================================================================
[   32.402962] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488
[   32.411163] Write of size 1 at addr ffff000080df5778 by task kunit_try_catch/251
[   32.418663] 
[   32.420202] CPU: 2 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250703 #1 PREEMPT 
[   32.420230] Tainted: [B]=BAD_PAGE, [N]=TEST
[   32.420239] Hardware name: Thundercomm Dragonboard 845c (DT)
[   32.420250] Call trace:
[   32.420257]  show_stack+0x20/0x38 (C)
[   32.420274]  dump_stack_lvl+0x8c/0xd0
[   32.420297]  print_report+0x118/0x608
[   32.420317]  kasan_report+0xdc/0x128
[   32.420335]  __asan_report_store1_noabort+0x20/0x30
[   32.420354]  kmalloc_track_caller_oob_right+0x418/0x488
[   32.420374]  kunit_try_run_case+0x170/0x3f0
[   32.420392]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.420414]  kthread+0x328/0x630
[   32.420430]  ret_from_fork+0x10/0x20
[   32.420448] 
[   32.487278] Allocated by task 251:
[   32.490738]  kasan_save_stack+0x3c/0x68
[   32.494648]  kasan_save_track+0x20/0x40
[   32.498556]  kasan_save_alloc_info+0x40/0x58
[   32.502892]  __kasan_kmalloc+0xd4/0xd8
[   32.506712]  __kmalloc_node_track_caller_noprof+0x194/0x4b8
[   32.512375]  kmalloc_track_caller_oob_right+0x184/0x488
[   32.517688]  kunit_try_run_case+0x170/0x3f0
[   32.521941]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.527511]  kthread+0x328/0x630
[   32.530803]  ret_from_fork+0x10/0x20
[   32.534440] 
[   32.535973] The buggy address belongs to the object at ffff000080df5700
[   32.535973]  which belongs to the cache kmalloc-128 of size 128
[   32.548632] The buggy address is located 0 bytes to the right of
[   32.548632]  allocated 120-byte region [ffff000080df5700, ffff000080df5778)
[   32.561737] 
[   32.563265] The buggy address belongs to the physical page:
[   32.568920] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100df4
[   32.577031] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   32.584785] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   32.591839] page_type: f5(slab)
[   32.595046] raw: 0bfffe0000000040 ffff000080002a00 dead000000000122 0000000000000000
[   32.602889] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   32.610732] head: 0bfffe0000000040 ffff000080002a00 dead000000000122 0000000000000000
[   32.618670] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   32.626611] head: 0bfffe0000000001 fffffdffc2037d01 00000000ffffffff 00000000ffffffff
[   32.634550] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   32.642485] page dumped because: kasan: bad access detected
[   32.648138] 
[   32.649668] Memory state around the buggy address:
[   32.654531]  ffff000080df5600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   32.661852]  ffff000080df5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.669174] >ffff000080df5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   32.676494]                                                                 ^
[   32.683718]  ffff000080df5780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.691030]  ffff000080df5800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.698350] ==================================================================
[   32.081276] ==================================================================
[   32.092839] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488
[   32.101042] Write of size 1 at addr ffff000080df5678 by task kunit_try_catch/251
[   32.108538] 
[   32.110075] CPU: 2 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250703 #1 PREEMPT 
[   32.110106] Tainted: [B]=BAD_PAGE, [N]=TEST
[   32.110114] Hardware name: Thundercomm Dragonboard 845c (DT)
[   32.110126] Call trace:
[   32.110132]  show_stack+0x20/0x38 (C)
[   32.110153]  dump_stack_lvl+0x8c/0xd0
[   32.110176]  print_report+0x118/0x608
[   32.110195]  kasan_report+0xdc/0x128
[   32.110214]  __asan_report_store1_noabort+0x20/0x30
[   32.110234]  kmalloc_track_caller_oob_right+0x40c/0x488
[   32.110253]  kunit_try_run_case+0x170/0x3f0
[   32.110273]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.110295]  kthread+0x328/0x630
[   32.110311]  ret_from_fork+0x10/0x20
[   32.110330] 
[   32.177174] Allocated by task 251:
[   32.180632]  kasan_save_stack+0x3c/0x68
[   32.184542]  kasan_save_track+0x20/0x40
[   32.188450]  kasan_save_alloc_info+0x40/0x58
[   32.192788]  __kasan_kmalloc+0xd4/0xd8
[   32.196609]  __kmalloc_node_track_caller_noprof+0x194/0x4b8
[   32.202268]  kmalloc_track_caller_oob_right+0xa8/0x488
[   32.207494]  kunit_try_run_case+0x170/0x3f0
[   32.211754]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.217323]  kthread+0x328/0x630
[   32.220613]  ret_from_fork+0x10/0x20
[   32.224261] 
[   32.225793] The buggy address belongs to the object at ffff000080df5600
[   32.225793]  which belongs to the cache kmalloc-128 of size 128
[   32.238454] The buggy address is located 0 bytes to the right of
[   32.238454]  allocated 120-byte region [ffff000080df5600, ffff000080df5678)
[   32.251557] 
[   32.253094] The buggy address belongs to the physical page:
[   32.258743] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100df4
[   32.266856] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   32.274610] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   32.281665] page_type: f5(slab)
[   32.284868] raw: 0bfffe0000000040 ffff000080002a00 dead000000000122 0000000000000000
[   32.292710] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   32.300554] head: 0bfffe0000000040 ffff000080002a00 dead000000000122 0000000000000000
[   32.308492] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   32.316431] head: 0bfffe0000000001 fffffdffc2037d01 00000000ffffffff 00000000ffffffff
[   32.324360] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   32.332284] page dumped because: kasan: bad access detected
[   32.337936] 
[   32.339466] Memory state around the buggy address:
[   32.344334]  ffff000080df5500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   32.351648]  ffff000080df5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.358962] >ffff000080df5600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   32.366281]                                                                 ^
[   32.373512]  ffff000080df5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.380834]  ffff000080df5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.388153] ==================================================================

Metadata Full log Test run details

[   30.711447] ==================================================================
[   30.711749] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x40c/0x488
[   30.711848] Write of size 1 at addr fff00000c58afd78 by task kunit_try_catch/174
[   30.712131] 
[   30.712214] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250703 #1 PREEMPT 
[   30.712538] Tainted: [B]=BAD_PAGE, [N]=TEST
[   30.712569] Hardware name: linux,dummy-virt (DT)
[   30.712604] Call trace:
[   30.712625]  show_stack+0x20/0x38 (C)
[   30.712819]  dump_stack_lvl+0x8c/0xd0
[   30.713161]  print_report+0x118/0x608
[   30.713212]  kasan_report+0xdc/0x128
[   30.713424]  __asan_report_store1_noabort+0x20/0x30
[   30.713602]  kmalloc_track_caller_oob_right+0x40c/0x488
[   30.713862]  kunit_try_run_case+0x170/0x3f0
[   30.714059]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   30.714250]  kthread+0x328/0x630
[   30.714398]  ret_from_fork+0x10/0x20
[   30.714705] 
[   30.714751] Allocated by task 174:
[   30.714910]  kasan_save_stack+0x3c/0x68
[   30.714979]  kasan_save_track+0x20/0x40
[   30.715172]  kasan_save_alloc_info+0x40/0x58
[   30.715397]  __kasan_kmalloc+0xd4/0xd8
[   30.715458]  __kmalloc_node_track_caller_noprof+0x194/0x4b8
[   30.715656]  kmalloc_track_caller_oob_right+0xa8/0x488
[   30.716139]  kunit_try_run_case+0x170/0x3f0
[   30.716203]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   30.716266]  kthread+0x328/0x630
[   30.716308]  ret_from_fork+0x10/0x20
[   30.716448] 
[   30.716521] The buggy address belongs to the object at fff00000c58afd00
[   30.716521]  which belongs to the cache kmalloc-128 of size 128
[   30.716771] The buggy address is located 0 bytes to the right of
[   30.716771]  allocated 120-byte region [fff00000c58afd00, fff00000c58afd78)
[   30.716972] 
[   30.717083] The buggy address belongs to the physical page:
[   30.717144] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058af
[   30.717213] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   30.717528] page_type: f5(slab)
[   30.717637] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   30.717792] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   30.717995] page dumped because: kasan: bad access detected
[   30.718030] 
[   30.718048] Memory state around the buggy address:
[   30.718124]  fff00000c58afc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   30.718175]  fff00000c58afc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.718227] >fff00000c58afd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   30.718264]                                                                 ^
[   30.718304]  fff00000c58afd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.718346]  fff00000c58afe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.718384] ==================================================================
[   30.719734] ==================================================================
[   30.719783] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x418/0x488
[   30.719853] Write of size 1 at addr fff00000c58afe78 by task kunit_try_catch/174
[   30.720240] 
[   30.720623] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250703 #1 PREEMPT 
[   30.720750] Tainted: [B]=BAD_PAGE, [N]=TEST
[   30.720795] Hardware name: linux,dummy-virt (DT)
[   30.721194] Call trace:
[   30.721268]  show_stack+0x20/0x38 (C)
[   30.721325]  dump_stack_lvl+0x8c/0xd0
[   30.721382]  print_report+0x118/0x608
[   30.721429]  kasan_report+0xdc/0x128
[   30.721775]  __asan_report_store1_noabort+0x20/0x30
[   30.721986]  kmalloc_track_caller_oob_right+0x418/0x488
[   30.722183]  kunit_try_run_case+0x170/0x3f0
[   30.722332]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   30.722387]  kthread+0x328/0x630
[   30.722570]  ret_from_fork+0x10/0x20
[   30.722823] 
[   30.722880] Allocated by task 174:
[   30.722969]  kasan_save_stack+0x3c/0x68
[   30.723107]  kasan_save_track+0x20/0x40
[   30.723165]  kasan_save_alloc_info+0x40/0x58
[   30.723367]  __kasan_kmalloc+0xd4/0xd8
[   30.723529]  __kmalloc_node_track_caller_noprof+0x194/0x4b8
[   30.723618]  kmalloc_track_caller_oob_right+0x184/0x488
[   30.723943]  kunit_try_run_case+0x170/0x3f0
[   30.724208]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   30.724401]  kthread+0x328/0x630
[   30.724564]  ret_from_fork+0x10/0x20
[   30.724765] 
[   30.724857] The buggy address belongs to the object at fff00000c58afe00
[   30.724857]  which belongs to the cache kmalloc-128 of size 128
[   30.725031] The buggy address is located 0 bytes to the right of
[   30.725031]  allocated 120-byte region [fff00000c58afe00, fff00000c58afe78)
[   30.725122] 
[   30.725141] The buggy address belongs to the physical page:
[   30.725178] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1058af
[   30.725615] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   30.725767] page_type: f5(slab)
[   30.725998] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   30.726098] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   30.726141] page dumped because: kasan: bad access detected
[   30.726589] 
[   30.726744] Memory state around the buggy address:
[   30.726925]  fff00000c58afd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   30.726999]  fff00000c58afd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.727047] >fff00000c58afe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   30.727346]                                                                 ^
[   30.727483]  fff00000c58afe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.727764]  fff00000c58aff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   30.727867] ==================================================================

Metadata Full log Test run details

[   22.561997] ==================================================================
[   22.562776] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520
[   22.563044] Write of size 1 at addr ffff888105ab1178 by task kunit_try_catch/191
[   22.563272] 
[   22.563360] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) 
[   22.563410] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.563423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   22.563446] Call Trace:
[   22.563468]  <TASK>
[   22.563487]  dump_stack_lvl+0x73/0xb0
[   22.563518]  print_report+0xd1/0x650
[   22.563540]  ? __virt_addr_valid+0x1db/0x2d0
[   22.563564]  ? kmalloc_track_caller_oob_right+0x4c8/0x520
[   22.563587]  ? kasan_complete_mode_report_info+0x2a/0x200
[   22.563612]  ? kmalloc_track_caller_oob_right+0x4c8/0x520
[   22.563636]  kasan_report+0x141/0x180
[   22.563656]  ? kmalloc_track_caller_oob_right+0x4c8/0x520
[   22.563684]  __asan_report_store1_noabort+0x1b/0x30
[   22.563708]  kmalloc_track_caller_oob_right+0x4c8/0x520
[   22.563732]  ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10
[   22.563756]  ? __schedule+0x10cc/0x2b60
[   22.563782]  ? __pfx_read_tsc+0x10/0x10
[   22.563803]  ? ktime_get_ts64+0x86/0x230
[   22.563829]  kunit_try_run_case+0x1a5/0x480
[   22.563856]  ? __pfx_kunit_try_run_case+0x10/0x10
[   22.563878]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   22.563900]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   22.563925]  ? __kthread_parkme+0x82/0x180
[   22.563946]  ? preempt_count_sub+0x50/0x80
[   22.564251]  ? __pfx_kunit_try_run_case+0x10/0x10
[   22.564276]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   22.564359]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   22.564384]  kthread+0x337/0x6f0
[   22.564478]  ? trace_preempt_on+0x20/0xc0
[   22.564506]  ? __pfx_kthread+0x10/0x10
[   22.564528]  ? _raw_spin_unlock_irq+0x47/0x80
[   22.564552]  ? calculate_sigpending+0x7b/0xa0
[   22.564576]  ? __pfx_kthread+0x10/0x10
[   22.564598]  ret_from_fork+0x116/0x1d0
[   22.564617]  ? __pfx_kthread+0x10/0x10
[   22.564637]  ret_from_fork_asm+0x1a/0x30
[   22.564668]  </TASK>
[   22.564680] 
[   22.574924] Allocated by task 191:
[   22.575116]  kasan_save_stack+0x45/0x70
[   22.575415]  kasan_save_track+0x18/0x40
[   22.575602]  kasan_save_alloc_info+0x3b/0x50
[   22.575808]  __kasan_kmalloc+0xb7/0xc0
[   22.575977]  __kmalloc_node_track_caller_noprof+0x1cb/0x500
[   22.576212]  kmalloc_track_caller_oob_right+0x99/0x520
[   22.576983]  kunit_try_run_case+0x1a5/0x480
[   22.577171]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   22.577528]  kthread+0x337/0x6f0
[   22.577690]  ret_from_fork+0x116/0x1d0
[   22.577859]  ret_from_fork_asm+0x1a/0x30
[   22.578031] 
[   22.578112] The buggy address belongs to the object at ffff888105ab1100
[   22.578112]  which belongs to the cache kmalloc-128 of size 128
[   22.579106] The buggy address is located 0 bytes to the right of
[   22.579106]  allocated 120-byte region [ffff888105ab1100, ffff888105ab1178)
[   22.579728] 
[   22.579803] The buggy address belongs to the physical page:
[   22.580030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ab1
[   22.580374] flags: 0x200000000000000(node=0|zone=2)
[   22.580590] page_type: f5(slab)
[   22.580761] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   22.581063] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.581898] page dumped because: kasan: bad access detected
[   22.582086] 
[   22.582173] Memory state around the buggy address:
[   22.582819]  ffff888105ab1000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   22.583262]  ffff888105ab1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.583723] >ffff888105ab1100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   22.584086]                                                                 ^
[   22.584571]  ffff888105ab1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.584970]  ffff888105ab1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.585360] ==================================================================
[   22.587336] ==================================================================
[   22.587666] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520
[   22.588006] Write of size 1 at addr ffff888105ab1278 by task kunit_try_catch/191
[   22.588814] 
[   22.588921] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4-next-20250703 #1 PREEMPT(voluntary) 
[   22.588971] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.588984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   22.589006] Call Trace:
[   22.589020]  <TASK>
[   22.589037]  dump_stack_lvl+0x73/0xb0
[   22.589066]  print_report+0xd1/0x650
[   22.589088]  ? __virt_addr_valid+0x1db/0x2d0
[   22.589111]  ? kmalloc_track_caller_oob_right+0x4b1/0x520
[   22.589134]  ? kasan_complete_mode_report_info+0x2a/0x200
[   22.589395]  ? kmalloc_track_caller_oob_right+0x4b1/0x520
[   22.589421]  kasan_report+0x141/0x180
[   22.589443]  ? kmalloc_track_caller_oob_right+0x4b1/0x520
[   22.589487]  __asan_report_store1_noabort+0x1b/0x30
[   22.589511]  kmalloc_track_caller_oob_right+0x4b1/0x520
[   22.589534]  ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10
[   22.589559]  ? __schedule+0x10cc/0x2b60
[   22.589587]  ? __pfx_read_tsc+0x10/0x10
[   22.589609]  ? ktime_get_ts64+0x86/0x230
[   22.589633]  kunit_try_run_case+0x1a5/0x480
[   22.589658]  ? __pfx_kunit_try_run_case+0x10/0x10
[   22.589681]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   22.589702]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   22.589727]  ? __kthread_parkme+0x82/0x180
[   22.589747]  ? preempt_count_sub+0x50/0x80
[   22.589771]  ? __pfx_kunit_try_run_case+0x10/0x10
[   22.589795]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   22.589818]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   22.589848]  kthread+0x337/0x6f0
[   22.589868]  ? trace_preempt_on+0x20/0xc0
[   22.589890]  ? __pfx_kthread+0x10/0x10
[   22.589910]  ? _raw_spin_unlock_irq+0x47/0x80
[   22.589933]  ? calculate_sigpending+0x7b/0xa0
[   22.589958]  ? __pfx_kthread+0x10/0x10
[   22.589979]  ret_from_fork+0x116/0x1d0
[   22.589998]  ? __pfx_kthread+0x10/0x10
[   22.590019]  ret_from_fork_asm+0x1a/0x30
[   22.590050]  </TASK>
[   22.590061] 
[   22.600003] Allocated by task 191:
[   22.600190]  kasan_save_stack+0x45/0x70
[   22.600714]  kasan_save_track+0x18/0x40
[   22.600888]  kasan_save_alloc_info+0x3b/0x50
[   22.601093]  __kasan_kmalloc+0xb7/0xc0
[   22.601265]  __kmalloc_node_track_caller_noprof+0x1cb/0x500
[   22.601893]  kmalloc_track_caller_oob_right+0x19a/0x520
[   22.602119]  kunit_try_run_case+0x1a5/0x480
[   22.602451]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   22.602849]  kthread+0x337/0x6f0
[   22.603023]  ret_from_fork+0x116/0x1d0
[   22.603416]  ret_from_fork_asm+0x1a/0x30
[   22.603691] 
[   22.603771] The buggy address belongs to the object at ffff888105ab1200
[   22.603771]  which belongs to the cache kmalloc-128 of size 128
[   22.604526] The buggy address is located 0 bytes to the right of
[   22.604526]  allocated 120-byte region [ffff888105ab1200, ffff888105ab1278)
[   22.605010] 
[   22.605107] The buggy address belongs to the physical page:
[   22.605334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ab1
[   22.605657] flags: 0x200000000000000(node=0|zone=2)
[   22.605888] page_type: f5(slab)
[   22.606039] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   22.606750] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.607070] page dumped because: kasan: bad access detected
[   22.607536] 
[   22.607629] Memory state around the buggy address:
[   22.607929]  ffff888105ab1100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   22.608292]  ffff888105ab1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.608710] >ffff888105ab1200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   22.609066]                                                                 ^
[   22.609523]  ffff888105ab1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.609794]  ffff888105ab1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.610107] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zMOF8s2A2UwjPib0KeBbIV61UG

job_id

TEST:linaro@lkft#2zMOKhbfzWPDwh45umdhdhUF4H1

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zMOKhbfzWPDwh45umdhdhUF4H1

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zMOHOWFJIfy24rIK923z4Yrl7h/bzImage
sha256sum	e44a7e50f99d7a9802d66068185b6905dcc4c9fd4182e425a09649a677927cc3

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zMOHOWFJIfy24rIK923z4Yrl7h/modules.tar.xz
sha256sum	dfdae765b4e29de5ab27efcfb47c5d1a2a4b5c6ed3c786764ae66cbe24c85522

durations

tests

boot	0
kunit	215.40

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - dragonboard-845c - gcc-13-lkftconfig-kunit

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit