lkft/linux-next-master - next-20250717 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

July 17, 2025, 10:12 a.m.

Environment
qemu-arm64
qemu-x86_64

[   31.607403] ==================================================================
[   31.607465] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   31.607521] Read of size 1 at addr fff00000c99f02bb by task kunit_try_catch/256
[   31.607571] 
[   31.607604] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250717 #1 PREEMPT 
[   31.607693] Tainted: [B]=BAD_PAGE, [N]=TEST
[   31.607721] Hardware name: linux,dummy-virt (DT)
[   31.607752] Call trace:
[   31.607776]  show_stack+0x20/0x38 (C)
[   31.607844]  dump_stack_lvl+0x8c/0xd0
[   31.607897]  print_report+0x118/0x5d0
[   31.607942]  kasan_report+0xdc/0x128
[   31.607985]  __asan_report_load1_noabort+0x20/0x30
[   31.608065]  mempool_oob_right_helper+0x2ac/0x2f0
[   31.608828]  mempool_slab_oob_right+0xc0/0x118
[   31.609037]  kunit_try_run_case+0x170/0x3f0
[   31.609299]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.609477]  kthread+0x328/0x630
[   31.609557]  ret_from_fork+0x10/0x20
[   31.609706] 
[   31.609855] Allocated by task 256:
[   31.609885]  kasan_save_stack+0x3c/0x68
[   31.610077]  kasan_save_track+0x20/0x40
[   31.610217]  kasan_save_alloc_info+0x40/0x58
[   31.610322]  __kasan_mempool_unpoison_object+0xbc/0x180
[   31.610448]  remove_element+0x16c/0x1f8
[   31.610533]  mempool_alloc_preallocated+0x58/0xc0
[   31.610719]  mempool_oob_right_helper+0x98/0x2f0
[   31.610838]  mempool_slab_oob_right+0xc0/0x118
[   31.610974]  kunit_try_run_case+0x170/0x3f0
[   31.611268]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.611420]  kthread+0x328/0x630
[   31.611575]  ret_from_fork+0x10/0x20
[   31.611716] 
[   31.611766] The buggy address belongs to the object at fff00000c99f0240
[   31.611766]  which belongs to the cache test_cache of size 123
[   31.611982] The buggy address is located 0 bytes to the right of
[   31.611982]  allocated 123-byte region [fff00000c99f0240, fff00000c99f02bb)
[   31.612186] 
[   31.612430] The buggy address belongs to the physical page:
[   31.612558] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1099f0
[   31.612693] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   31.612836] page_type: f5(slab)
[   31.612897] raw: 0bfffe0000000000 fff00000c3f2dc80 dead000000000122 0000000000000000
[   31.612969] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   31.613173] page dumped because: kasan: bad access detected
[   31.613294] 
[   31.613349] Memory state around the buggy address:
[   31.613529]  fff00000c99f0180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   31.613652]  fff00000c99f0200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   31.613723] >fff00000c99f0280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   31.613815]                                         ^
[   31.613878]  fff00000c99f0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   31.613953]  fff00000c99f0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   31.614119] ==================================================================
[   31.587938] ==================================================================
[   31.589379] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   31.589510] Read of size 1 at addr fff00000c9b86001 by task kunit_try_catch/254
[   31.589566] 
[   31.589597] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250717 #1 PREEMPT 
[   31.589969] Tainted: [B]=BAD_PAGE, [N]=TEST
[   31.590001] Hardware name: linux,dummy-virt (DT)
[   31.590163] Call trace:
[   31.590243]  show_stack+0x20/0x38 (C)
[   31.590661]  dump_stack_lvl+0x8c/0xd0
[   31.591045]  print_report+0x118/0x5d0
[   31.591100]  kasan_report+0xdc/0x128
[   31.591635]  __asan_report_load1_noabort+0x20/0x30
[   31.591758]  mempool_oob_right_helper+0x2ac/0x2f0
[   31.592005]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   31.592259]  kunit_try_run_case+0x170/0x3f0
[   31.592309]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.592361]  kthread+0x328/0x630
[   31.592760]  ret_from_fork+0x10/0x20
[   31.593015] 
[   31.593038] The buggy address belongs to the physical page:
[   31.593083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b84
[   31.593483] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   31.593752] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   31.593865] page_type: f8(unknown)
[   31.594291] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   31.594563] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   31.594617] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   31.595008] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   31.595319] head: 0bfffe0000000002 ffffc1ffc326e101 00000000ffffffff 00000000ffffffff
[   31.595400] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   31.595487] page dumped because: kasan: bad access detected
[   31.595539] 
[   31.595612] Memory state around the buggy address:
[   31.595752]  fff00000c9b85f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   31.595880]  fff00000c9b85f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   31.595972] >fff00000c9b86000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   31.596097]                    ^
[   31.596150]  fff00000c9b86080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   31.596193]  fff00000c9b86100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   31.596461] ==================================================================
[   31.567014] ==================================================================
[   31.567100] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   31.567172] Read of size 1 at addr fff00000c3f63d73 by task kunit_try_catch/252
[   31.567224] 
[   31.567265] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250717 #1 PREEMPT 
[   31.567355] Tainted: [B]=BAD_PAGE, [N]=TEST
[   31.567381] Hardware name: linux,dummy-virt (DT)
[   31.567415] Call trace:
[   31.567439]  show_stack+0x20/0x38 (C)
[   31.567492]  dump_stack_lvl+0x8c/0xd0
[   31.567544]  print_report+0x118/0x5d0
[   31.567587]  kasan_report+0xdc/0x128
[   31.567631]  __asan_report_load1_noabort+0x20/0x30
[   31.567679]  mempool_oob_right_helper+0x2ac/0x2f0
[   31.567728]  mempool_kmalloc_oob_right+0xc4/0x120
[   31.567779]  kunit_try_run_case+0x170/0x3f0
[   31.567830]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.567882]  kthread+0x328/0x630
[   31.567924]  ret_from_fork+0x10/0x20
[   31.567971] 
[   31.567991] Allocated by task 252:
[   31.568021]  kasan_save_stack+0x3c/0x68
[   31.568072]  kasan_save_track+0x20/0x40
[   31.568106]  kasan_save_alloc_info+0x40/0x58
[   31.568145]  __kasan_mempool_unpoison_object+0x11c/0x180
[   31.568186]  remove_element+0x130/0x1f8
[   31.568230]  mempool_alloc_preallocated+0x58/0xc0
[   31.568272]  mempool_oob_right_helper+0x98/0x2f0
[   31.568313]  mempool_kmalloc_oob_right+0xc4/0x120
[   31.568354]  kunit_try_run_case+0x170/0x3f0
[   31.568417]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.568460]  kthread+0x328/0x630
[   31.568492]  ret_from_fork+0x10/0x20
[   31.568528] 
[   31.568550] The buggy address belongs to the object at fff00000c3f63d00
[   31.568550]  which belongs to the cache kmalloc-128 of size 128
[   31.568609] The buggy address is located 0 bytes to the right of
[   31.568609]  allocated 115-byte region [fff00000c3f63d00, fff00000c3f63d73)
[   31.568671] 
[   31.568694] The buggy address belongs to the physical page:
[   31.568726] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103f63
[   31.568784] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   31.568836] page_type: f5(slab)
[   31.568879] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   31.568930] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   31.568971] page dumped because: kasan: bad access detected
[   31.569003] 
[   31.569021] Memory state around the buggy address:
[   31.569069]  fff00000c3f63c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   31.569113]  fff00000c3f63c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   31.569157] >fff00000c3f63d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   31.569196]                                                              ^
[   31.569236]  fff00000c3f63d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   31.569278]  fff00000c3f63e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   31.569316] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zzwDWobl1PenKrl7aC3Q4y8R2x

job_id

TEST:linaro@lkft#2zzwI23tpQTBG8fCn9UxRxbb3tr

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zzwI23tpQTBG8fCn9UxRxbb3tr

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zzwEZAurXarO00lL6IwIbO30zH/Image.gz
sha256sum	96fb88d4d7e7c3e6152876915e22498e21d41ed7aff45eb77676039904c4d08c

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zzwEZAurXarO00lL6IwIbO30zH/modules.tar.xz
sha256sum	dcc013962c933691dd3d8528b3dca35a1d1690294b48c5891b1bcdd298eff6aa

durations

tests

boot	0
kunit	174.13

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   27.130109] ==================================================================
[   27.130649] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   27.130956] Read of size 1 at addr ffff8881061872bb by task kunit_try_catch/274
[   27.131260] 
[   27.131362] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250717 #1 PREEMPT(voluntary) 
[   27.131411] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.131422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.131442] Call Trace:
[   27.131454]  <TASK>
[   27.131469]  dump_stack_lvl+0x73/0xb0
[   27.131499]  print_report+0xd1/0x610
[   27.131521]  ? __virt_addr_valid+0x1db/0x2d0
[   27.131546]  ? mempool_oob_right_helper+0x318/0x380
[   27.131569]  ? kasan_complete_mode_report_info+0x2a/0x200
[   27.131595]  ? mempool_oob_right_helper+0x318/0x380
[   27.131618]  kasan_report+0x141/0x180
[   27.131640]  ? mempool_oob_right_helper+0x318/0x380
[   27.131667]  __asan_report_load1_noabort+0x18/0x20
[   27.131691]  mempool_oob_right_helper+0x318/0x380
[   27.131715]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   27.131741]  ? __pfx_sched_clock_cpu+0x10/0x10
[   27.131761]  ? finish_task_switch.isra.0+0x153/0x700
[   27.131786]  mempool_slab_oob_right+0xed/0x140
[   27.131810]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   27.131837]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   27.131861]  ? __pfx_mempool_free_slab+0x10/0x10
[   27.131887]  ? __pfx_read_tsc+0x10/0x10
[   27.131908]  ? ktime_get_ts64+0x86/0x230
[   27.131933]  kunit_try_run_case+0x1a5/0x480
[   27.131965]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.131988]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   27.132040]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.132064]  ? __kthread_parkme+0x82/0x180
[   27.132098]  ? preempt_count_sub+0x50/0x80
[   27.132121]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.132145]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.132168]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.132190]  kthread+0x337/0x6f0
[   27.132209]  ? trace_preempt_on+0x20/0xc0
[   27.132233]  ? __pfx_kthread+0x10/0x10
[   27.132253]  ? _raw_spin_unlock_irq+0x47/0x80
[   27.132275]  ? calculate_sigpending+0x7b/0xa0
[   27.132298]  ? __pfx_kthread+0x10/0x10
[   27.132319]  ret_from_fork+0x116/0x1d0
[   27.132338]  ? __pfx_kthread+0x10/0x10
[   27.132358]  ret_from_fork_asm+0x1a/0x30
[   27.132398]  </TASK>
[   27.132408] 
[   27.140226] Allocated by task 274:
[   27.140456]  kasan_save_stack+0x45/0x70
[   27.140654]  kasan_save_track+0x18/0x40
[   27.140830]  kasan_save_alloc_info+0x3b/0x50
[   27.140985]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   27.141163]  remove_element+0x11e/0x190
[   27.141543]  mempool_alloc_preallocated+0x4d/0x90
[   27.141776]  mempool_oob_right_helper+0x8a/0x380
[   27.142007]  mempool_slab_oob_right+0xed/0x140
[   27.142201]  kunit_try_run_case+0x1a5/0x480
[   27.142440]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.142650]  kthread+0x337/0x6f0
[   27.142809]  ret_from_fork+0x116/0x1d0
[   27.142964]  ret_from_fork_asm+0x1a/0x30
[   27.143159] 
[   27.143224] The buggy address belongs to the object at ffff888106187240
[   27.143224]  which belongs to the cache test_cache of size 123
[   27.143786] The buggy address is located 0 bytes to the right of
[   27.143786]  allocated 123-byte region [ffff888106187240, ffff8881061872bb)
[   27.144451] 
[   27.144555] The buggy address belongs to the physical page:
[   27.144766] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106187
[   27.145003] flags: 0x200000000000000(node=0|zone=2)
[   27.145173] page_type: f5(slab)
[   27.145289] raw: 0200000000000000 ffff888101e9e8c0 dead000000000122 0000000000000000
[   27.145543] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   27.145864] page dumped because: kasan: bad access detected
[   27.146120] 
[   27.146226] Memory state around the buggy address:
[   27.146521]  ffff888106187180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   27.146732]  ffff888106187200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   27.146937] >ffff888106187280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   27.147364]                                         ^
[   27.147608]  ffff888106187300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.147931]  ffff888106187380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.148283] ==================================================================
[   27.109053] ==================================================================
[   27.109883] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   27.110315] Read of size 1 at addr ffff8881060ae001 by task kunit_try_catch/272
[   27.110648] 
[   27.110739] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250717 #1 PREEMPT(voluntary) 
[   27.110788] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.110799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.110821] Call Trace:
[   27.110834]  <TASK>
[   27.110850]  dump_stack_lvl+0x73/0xb0
[   27.110881]  print_report+0xd1/0x610
[   27.110903]  ? __virt_addr_valid+0x1db/0x2d0
[   27.110928]  ? mempool_oob_right_helper+0x318/0x380
[   27.110950]  ? kasan_addr_to_slab+0x11/0xa0
[   27.110970]  ? mempool_oob_right_helper+0x318/0x380
[   27.110992]  kasan_report+0x141/0x180
[   27.111014]  ? mempool_oob_right_helper+0x318/0x380
[   27.111042]  __asan_report_load1_noabort+0x18/0x20
[   27.111066]  mempool_oob_right_helper+0x318/0x380
[   27.111105]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   27.111132]  ? dequeue_entities+0x23f/0x1630
[   27.111155]  ? __kasan_check_write+0x18/0x20
[   27.111178]  ? __pfx_sched_clock_cpu+0x10/0x10
[   27.111199]  ? finish_task_switch.isra.0+0x153/0x700
[   27.111223]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   27.111247]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   27.111274]  ? __pfx_mempool_kmalloc+0x10/0x10
[   27.111298]  ? __pfx_mempool_kfree+0x10/0x10
[   27.111323]  ? __pfx_read_tsc+0x10/0x10
[   27.111344]  ? ktime_get_ts64+0x86/0x230
[   27.111372]  kunit_try_run_case+0x1a5/0x480
[   27.111397]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.111439]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   27.111463]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.111485]  ? __kthread_parkme+0x82/0x180
[   27.111510]  ? preempt_count_sub+0x50/0x80
[   27.111532]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.111555]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.111577]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.111600]  kthread+0x337/0x6f0
[   27.111619]  ? trace_preempt_on+0x20/0xc0
[   27.111643]  ? __pfx_kthread+0x10/0x10
[   27.111662]  ? _raw_spin_unlock_irq+0x47/0x80
[   27.111683]  ? calculate_sigpending+0x7b/0xa0
[   27.111707]  ? __pfx_kthread+0x10/0x10
[   27.111727]  ret_from_fork+0x116/0x1d0
[   27.111746]  ? __pfx_kthread+0x10/0x10
[   27.111765]  ret_from_fork_asm+0x1a/0x30
[   27.111797]  </TASK>
[   27.111808] 
[   27.120014] The buggy address belongs to the physical page:
[   27.120203] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060ac
[   27.120689] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.121032] flags: 0x200000000000040(head|node=0|zone=2)
[   27.121415] page_type: f8(unknown)
[   27.121600] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.121957] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   27.122196] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.122950] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   27.123292] head: 0200000000000002 ffffea0004182b01 00000000ffffffff 00000000ffffffff
[   27.123783] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   27.124038] page dumped because: kasan: bad access detected
[   27.124213] 
[   27.124276] Memory state around the buggy address:
[   27.124424]  ffff8881060adf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.124738]  ffff8881060adf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.125054] >ffff8881060ae000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.125479]                    ^
[   27.125640]  ffff8881060ae080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.125886]  ffff8881060ae100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.126125] ==================================================================
[   27.080673] ==================================================================
[   27.081875] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   27.082512] Read of size 1 at addr ffff88810553dc73 by task kunit_try_catch/270
[   27.082786] 
[   27.082880] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250717 #1 PREEMPT(voluntary) 
[   27.082941] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.082953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.082977] Call Trace:
[   27.082992]  <TASK>
[   27.083013]  dump_stack_lvl+0x73/0xb0
[   27.083050]  print_report+0xd1/0x610
[   27.083074]  ? __virt_addr_valid+0x1db/0x2d0
[   27.083117]  ? mempool_oob_right_helper+0x318/0x380
[   27.083152]  ? kasan_complete_mode_report_info+0x2a/0x200
[   27.083179]  ? mempool_oob_right_helper+0x318/0x380
[   27.083203]  kasan_report+0x141/0x180
[   27.083225]  ? mempool_oob_right_helper+0x318/0x380
[   27.083254]  __asan_report_load1_noabort+0x18/0x20
[   27.083292]  mempool_oob_right_helper+0x318/0x380
[   27.083317]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   27.083341]  ? dequeue_entities+0x23f/0x1630
[   27.083405]  ? __kasan_check_write+0x18/0x20
[   27.083431]  ? __pfx_sched_clock_cpu+0x10/0x10
[   27.083452]  ? irqentry_exit+0x2a/0x60
[   27.083479]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   27.083508]  mempool_kmalloc_oob_right+0xf2/0x150
[   27.083532]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   27.083559]  ? __pfx_mempool_kmalloc+0x10/0x10
[   27.083586]  ? __pfx_mempool_kfree+0x10/0x10
[   27.083611]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   27.083637]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   27.083663]  kunit_try_run_case+0x1a5/0x480
[   27.083691]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.083714]  ? _raw_spin_lock_irqsave+0xf9/0x100
[   27.083741]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.083765]  ? __kthread_parkme+0x82/0x180
[   27.083793]  ? preempt_count_sub+0x50/0x80
[   27.083818]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.083843]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.083866]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.083890]  kthread+0x337/0x6f0
[   27.083911]  ? trace_preempt_on+0x20/0xc0
[   27.083940]  ? __pfx_kthread+0x10/0x10
[   27.083962]  ? _raw_spin_unlock_irq+0x47/0x80
[   27.083986]  ? calculate_sigpending+0x7b/0xa0
[   27.084013]  ? __pfx_kthread+0x10/0x10
[   27.084035]  ret_from_fork+0x116/0x1d0
[   27.084057]  ? __pfx_kthread+0x10/0x10
[   27.084095]  ret_from_fork_asm+0x1a/0x30
[   27.084131]  </TASK>
[   27.084143] 
[   27.096726] Allocated by task 270:
[   27.096863]  kasan_save_stack+0x45/0x70
[   27.097193]  kasan_save_track+0x18/0x40
[   27.097576]  kasan_save_alloc_info+0x3b/0x50
[   27.097747]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   27.097999]  remove_element+0x11e/0x190
[   27.098162]  mempool_alloc_preallocated+0x4d/0x90
[   27.098384]  mempool_oob_right_helper+0x8a/0x380
[   27.098621]  mempool_kmalloc_oob_right+0xf2/0x150
[   27.098857]  kunit_try_run_case+0x1a5/0x480
[   27.098998]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.099234]  kthread+0x337/0x6f0
[   27.099422]  ret_from_fork+0x116/0x1d0
[   27.099578]  ret_from_fork_asm+0x1a/0x30
[   27.099711] 
[   27.099797] The buggy address belongs to the object at ffff88810553dc00
[   27.099797]  which belongs to the cache kmalloc-128 of size 128
[   27.100218] The buggy address is located 0 bytes to the right of
[   27.100218]  allocated 115-byte region [ffff88810553dc00, ffff88810553dc73)
[   27.100910] 
[   27.101013] The buggy address belongs to the physical page:
[   27.101192] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10553d
[   27.101506] flags: 0x200000000000000(node=0|zone=2)
[   27.101868] page_type: f5(slab)
[   27.102012] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   27.102522] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   27.102823] page dumped because: kasan: bad access detected
[   27.103029] 
[   27.103131] Memory state around the buggy address:
[   27.103384]  ffff88810553db00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   27.103662]  ffff88810553db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.103949] >ffff88810553dc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   27.104212]                                                              ^
[   27.104571]  ffff88810553dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.104828]  ffff88810553dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   27.105153] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zzwDWobl1PenKrl7aC3Q4y8R2x

job_id

TEST:linaro@lkft#2zzwJ32YYH3rsbvUvNRbDDLdWs9

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zzwJ32YYH3rsbvUvNRbDDLdWs9

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zzwFbnsZn5bg7jA5R4UbAZ06xn/bzImage
sha256sum	07a1e7c475fbe0d7581a28da7be9cafbb328e6becefa6ecbfcd42fdce3b22356

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zzwFbnsZn5bg7jA5R4UbAZ06xn/modules.tar.xz
sha256sum	651adbeb72ad9ee19188d99d2b877df4dd037d2a48b86a8a968b1eb4c3477806

durations

tests

boot	0
kunit	236.22

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit