lkft/linux-next-master - next-20250723 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

July 23, 2025, 3:10 a.m.

Environment
qemu-arm64
qemu-x86_64

[   32.519126] ==================================================================
[   32.519206] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   32.519286] Read of size 1 at addr fff00000c9bd9273 by task kunit_try_catch/254
[   32.519339] 
[   32.519383] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc7-next-20250723 #1 PREEMPT 
[   32.519481] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   32.519511] Hardware name: linux,dummy-virt (DT)
[   32.519548] Call trace:
[   32.519573]  show_stack+0x20/0x38 (C)
[   32.519625]  dump_stack_lvl+0x8c/0xd0
[   32.519676]  print_report+0x118/0x5e8
[   32.519719]  kasan_report+0xdc/0x128
[   32.519760]  __asan_report_load1_noabort+0x20/0x30
[   32.519808]  mempool_oob_right_helper+0x2ac/0x2f0
[   32.519858]  mempool_kmalloc_oob_right+0xc4/0x120
[   32.519924]  kunit_try_run_case+0x170/0x3f0
[   32.519973]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.520025]  kthread+0x328/0x630
[   32.520067]  ret_from_fork+0x10/0x20
[   32.520116] 
[   32.520137] Allocated by task 254:
[   32.520168]  kasan_save_stack+0x3c/0x68
[   32.520209]  kasan_save_track+0x20/0x40
[   32.520243]  kasan_save_alloc_info+0x40/0x58
[   32.520282]  __kasan_mempool_unpoison_object+0x11c/0x180
[   32.520323]  remove_element+0x130/0x1f8
[   32.520364]  mempool_alloc_preallocated+0x58/0xc0
[   32.520403]  mempool_oob_right_helper+0x98/0x2f0
[   32.520445]  mempool_kmalloc_oob_right+0xc4/0x120
[   32.520484]  kunit_try_run_case+0x170/0x3f0
[   32.520522]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.520677]  kthread+0x328/0x630
[   32.520713]  ret_from_fork+0x10/0x20
[   32.520748] 
[   32.520768] The buggy address belongs to the object at fff00000c9bd9200
[   32.520768]  which belongs to the cache kmalloc-128 of size 128
[   32.520828] The buggy address is located 0 bytes to the right of
[   32.520828]  allocated 115-byte region [fff00000c9bd9200, fff00000c9bd9273)
[   32.520891] 
[   32.520925] The buggy address belongs to the physical page:
[   32.520968] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bd9
[   32.521029] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   32.521084] page_type: f5(slab)
[   32.521127] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   32.521177] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   32.521217] page dumped because: kasan: bad access detected
[   32.521248] 
[   32.521266] Memory state around the buggy address:
[   32.521300]  fff00000c9bd9100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   32.521343]  fff00000c9bd9180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.521385] >fff00000c9bd9200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   32.521424]                                                              ^
[   32.521466]  fff00000c9bd9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.521509]  fff00000c9bd9300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   32.521545] ==================================================================
[   32.554136] ==================================================================
[   32.554207] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   32.554270] Read of size 1 at addr fff00000c9c1d2bb by task kunit_try_catch/258
[   32.554427] 
[   32.554473] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc7-next-20250723 #1 PREEMPT 
[   32.554662] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   32.554719] Hardware name: linux,dummy-virt (DT)
[   32.554769] Call trace:
[   32.554857]  show_stack+0x20/0x38 (C)
[   32.554938]  dump_stack_lvl+0x8c/0xd0
[   32.555249]  print_report+0x118/0x5e8
[   32.555323]  kasan_report+0xdc/0x128
[   32.555375]  __asan_report_load1_noabort+0x20/0x30
[   32.555433]  mempool_oob_right_helper+0x2ac/0x2f0
[   32.555492]  mempool_slab_oob_right+0xc0/0x118
[   32.555566]  kunit_try_run_case+0x170/0x3f0
[   32.555627]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.555680]  kthread+0x328/0x630
[   32.555728]  ret_from_fork+0x10/0x20
[   32.555847] 
[   32.555884] Allocated by task 258:
[   32.556082]  kasan_save_stack+0x3c/0x68
[   32.556130]  kasan_save_track+0x20/0x40
[   32.556166]  kasan_save_alloc_info+0x40/0x58
[   32.556224]  __kasan_mempool_unpoison_object+0xbc/0x180
[   32.556268]  remove_element+0x16c/0x1f8
[   32.556350]  mempool_alloc_preallocated+0x58/0xc0
[   32.556489]  mempool_oob_right_helper+0x98/0x2f0
[   32.556545]  mempool_slab_oob_right+0xc0/0x118
[   32.556639]  kunit_try_run_case+0x170/0x3f0
[   32.556982]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.557170]  kthread+0x328/0x630
[   32.557227]  ret_from_fork+0x10/0x20
[   32.557265] 
[   32.557285] The buggy address belongs to the object at fff00000c9c1d240
[   32.557285]  which belongs to the cache test_cache of size 123
[   32.557346] The buggy address is located 0 bytes to the right of
[   32.557346]  allocated 123-byte region [fff00000c9c1d240, fff00000c9c1d2bb)
[   32.557592] 
[   32.557617] The buggy address belongs to the physical page:
[   32.557653] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109c1d
[   32.557736] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   32.557884] page_type: f5(slab)
[   32.557952] raw: 0bfffe0000000000 fff00000c1b0d780 dead000000000122 0000000000000000
[   32.558081] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   32.558160] page dumped because: kasan: bad access detected
[   32.558271] 
[   32.558330] Memory state around the buggy address:
[   32.558436]  fff00000c9c1d180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   32.558492]  fff00000c9c1d200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   32.558850] >fff00000c9c1d280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   32.559007]                                         ^
[   32.559080]  fff00000c9c1d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.559200]  fff00000c9c1d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.559277] ==================================================================
[   32.528281] ==================================================================
[   32.529047] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   32.530175] Read of size 1 at addr fff00000c99a6001 by task kunit_try_catch/256
[   32.531025] 
[   32.531293] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc7-next-20250723 #1 PREEMPT 
[   32.531708] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   32.531871] Hardware name: linux,dummy-virt (DT)
[   32.532294] Call trace:
[   32.532325]  show_stack+0x20/0x38 (C)
[   32.532623]  dump_stack_lvl+0x8c/0xd0
[   32.532694]  print_report+0x118/0x5e8
[   32.533313]  kasan_report+0xdc/0x128
[   32.533370]  __asan_report_load1_noabort+0x20/0x30
[   32.533420]  mempool_oob_right_helper+0x2ac/0x2f0
[   32.533470]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   32.533522]  kunit_try_run_case+0x170/0x3f0
[   32.533573]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.533624]  kthread+0x328/0x630
[   32.533666]  ret_from_fork+0x10/0x20
[   32.533714] 
[   32.533735] The buggy address belongs to the physical page:
[   32.533771] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1099a4
[   32.533825] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   32.533872] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   32.533938] page_type: f8(unknown)
[   32.533974] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   32.534023] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   32.535320] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   32.535382] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   32.535914] head: 0bfffe0000000002 ffffc1ffc3266901 00000000ffffffff 00000000ffffffff
[   32.536558] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   32.536936] page dumped because: kasan: bad access detected
[   32.536977] 
[   32.536996] Memory state around the buggy address:
[   32.537520]  fff00000c99a5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   32.537697]  fff00000c99a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   32.537742] >fff00000c99a6000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   32.537781]                    ^
[   32.538238]  fff00000c99a6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   32.538858]  fff00000c99a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   32.539134] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

30G3cJ1sbXw9qzJ7BlfPJWioYpf

job_id

TEST:linaro@lkft#30G3i68xlwMFkooOhGrPcdOJwq6

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/30G3i68xlwMFkooOhGrPcdOJwq6

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30G3dqLJvp4LyPfe7hM64XXnTL3/Image.gz
sha256sum	b30e1898089cf202216a8d94747025c3be63110289f9fb6007e080b423a71d05

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30G3dqLJvp4LyPfe7hM64XXnTL3/modules.tar.xz
sha256sum	eb69e4b4edadc912a9040d92071e298890d9adf22425e3972f798522efd0a9a6

durations

tests

boot	0
kunit	175.58

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   26.698198] ==================================================================
[   26.698667] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   26.699027] Read of size 1 at addr ffff888106146001 by task kunit_try_catch/272
[   26.699288] 
[   26.699382] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) 
[   26.699435] Tainted: [B]=BAD_PAGE, [N]=TEST
[   26.699449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   26.699473] Call Trace:
[   26.699486]  <TASK>
[   26.699506]  dump_stack_lvl+0x73/0xb0
[   26.699537]  print_report+0xd1/0x640
[   26.699562]  ? __virt_addr_valid+0x1db/0x2d0
[   26.699587]  ? mempool_oob_right_helper+0x318/0x380
[   26.699611]  ? kasan_addr_to_slab+0x11/0xa0
[   26.699639]  ? mempool_oob_right_helper+0x318/0x380
[   26.699663]  kasan_report+0x141/0x180
[   26.699687]  ? mempool_oob_right_helper+0x318/0x380
[   26.699714]  __asan_report_load1_noabort+0x18/0x20
[   26.699739]  mempool_oob_right_helper+0x318/0x380
[   26.699764]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   26.699789]  ? dequeue_entities+0x23f/0x1630
[   26.699815]  ? __kasan_check_write+0x18/0x20
[   26.699839]  ? __pfx_sched_clock_cpu+0x10/0x10
[   26.699860]  ? finish_task_switch.isra.0+0x153/0x700
[   26.699887]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   26.699912]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   26.700004]  ? __pfx_mempool_kmalloc+0x10/0x10
[   26.700038]  ? __pfx_mempool_kfree+0x10/0x10
[   26.700066]  ? __pfx_read_tsc+0x10/0x10
[   26.700090]  ? ktime_get_ts64+0x86/0x230
[   26.700115]  kunit_try_run_case+0x1a5/0x480
[   26.700142]  ? __pfx_kunit_try_run_case+0x10/0x10
[   26.700178]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   26.700206]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   26.700231]  ? __kthread_parkme+0x82/0x180
[   26.700252]  ? preempt_count_sub+0x50/0x80
[   26.700276]  ? __pfx_kunit_try_run_case+0x10/0x10
[   26.700300]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   26.700325]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   26.700350]  kthread+0x337/0x6f0
[   26.700425]  ? trace_preempt_on+0x20/0xc0
[   26.700456]  ? __pfx_kthread+0x10/0x10
[   26.700478]  ? _raw_spin_unlock_irq+0x47/0x80
[   26.700503]  ? calculate_sigpending+0x7b/0xa0
[   26.700527]  ? __pfx_kthread+0x10/0x10
[   26.700550]  ret_from_fork+0x116/0x1d0
[   26.700572]  ? __pfx_kthread+0x10/0x10
[   26.700592]  ret_from_fork_asm+0x1a/0x30
[   26.700625]  </TASK>
[   26.700637] 
[   26.709198] The buggy address belongs to the physical page:
[   26.709518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106144
[   26.709801] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   26.710282] flags: 0x200000000000040(head|node=0|zone=2)
[   26.710972] page_type: f8(unknown)
[   26.711163] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   26.711569] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   26.711866] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   26.712232] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   26.712583] head: 0200000000000002 ffffea0004185101 00000000ffffffff 00000000ffffffff
[   26.712849] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   26.713316] page dumped because: kasan: bad access detected
[   26.713537] 
[   26.713678] Memory state around the buggy address:
[   26.713876]  ffff888106145f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   26.714236]  ffff888106145f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   26.714564] >ffff888106146000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   26.714832]                    ^
[   26.714992]  ffff888106146080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   26.715292]  ffff888106146100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   26.715725] ==================================================================
[   26.722058] ==================================================================
[   26.722572] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   26.722907] Read of size 1 at addr ffff8881060a62bb by task kunit_try_catch/274
[   26.723198] 
[   26.723297] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) 
[   26.723352] Tainted: [B]=BAD_PAGE, [N]=TEST
[   26.723366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   26.723390] Call Trace:
[   26.723403]  <TASK>
[   26.723423]  dump_stack_lvl+0x73/0xb0
[   26.723456]  print_report+0xd1/0x640
[   26.723481]  ? __virt_addr_valid+0x1db/0x2d0
[   26.723518]  ? mempool_oob_right_helper+0x318/0x380
[   26.723541]  ? kasan_complete_mode_report_info+0x2a/0x200
[   26.723568]  ? mempool_oob_right_helper+0x318/0x380
[   26.723591]  kasan_report+0x141/0x180
[   26.723614]  ? mempool_oob_right_helper+0x318/0x380
[   26.723647]  __asan_report_load1_noabort+0x18/0x20
[   26.723672]  mempool_oob_right_helper+0x318/0x380
[   26.723697]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   26.723724]  ? finish_task_switch.isra.0+0x153/0x700
[   26.723750]  mempool_slab_oob_right+0xed/0x140
[   26.723774]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   26.723800]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   26.723827]  ? __pfx_mempool_free_slab+0x10/0x10
[   26.723853]  ? __pfx_read_tsc+0x10/0x10
[   26.723876]  ? ktime_get_ts64+0x86/0x230
[   26.723903]  kunit_try_run_case+0x1a5/0x480
[   26.723930]  ? __pfx_kunit_try_run_case+0x10/0x10
[   26.723953]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   26.723991]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   26.724016]  ? __kthread_parkme+0x82/0x180
[   26.724037]  ? preempt_count_sub+0x50/0x80
[   26.724060]  ? __pfx_kunit_try_run_case+0x10/0x10
[   26.724085]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   26.724109]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   26.724132]  kthread+0x337/0x6f0
[   26.724164]  ? trace_preempt_on+0x20/0xc0
[   26.724190]  ? __pfx_kthread+0x10/0x10
[   26.724210]  ? _raw_spin_unlock_irq+0x47/0x80
[   26.724234]  ? calculate_sigpending+0x7b/0xa0
[   26.724260]  ? __pfx_kthread+0x10/0x10
[   26.724282]  ret_from_fork+0x116/0x1d0
[   26.724301]  ? __pfx_kthread+0x10/0x10
[   26.724322]  ret_from_fork_asm+0x1a/0x30
[   26.724355]  </TASK>
[   26.724367] 
[   26.732762] Allocated by task 274:
[   26.732909]  kasan_save_stack+0x45/0x70
[   26.733128]  kasan_save_track+0x18/0x40
[   26.733305]  kasan_save_alloc_info+0x3b/0x50
[   26.733494]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   26.733716]  remove_element+0x11e/0x190
[   26.733889]  mempool_alloc_preallocated+0x4d/0x90
[   26.734046]  mempool_oob_right_helper+0x8a/0x380
[   26.734208]  mempool_slab_oob_right+0xed/0x140
[   26.734382]  kunit_try_run_case+0x1a5/0x480
[   26.734581]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   26.734830]  kthread+0x337/0x6f0
[   26.734995]  ret_from_fork+0x116/0x1d0
[   26.735143]  ret_from_fork_asm+0x1a/0x30
[   26.735355] 
[   26.735552] The buggy address belongs to the object at ffff8881060a6240
[   26.735552]  which belongs to the cache test_cache of size 123
[   26.736234] The buggy address is located 0 bytes to the right of
[   26.736234]  allocated 123-byte region [ffff8881060a6240, ffff8881060a62bb)
[   26.736880] 
[   26.737024] The buggy address belongs to the physical page:
[   26.737240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060a6
[   26.737675] flags: 0x200000000000000(node=0|zone=2)
[   26.737884] page_type: f5(slab)
[   26.738127] raw: 0200000000000000 ffff888101242c80 dead000000000122 0000000000000000
[   26.738511] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   26.738798] page dumped because: kasan: bad access detected
[   26.739059] 
[   26.739158] Memory state around the buggy address:
[   26.739356]  ffff8881060a6180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   26.739639]  ffff8881060a6200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   26.739920] >ffff8881060a6280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   26.740287]                                         ^
[   26.740732]  ffff8881060a6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   26.741027]  ffff8881060a6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   26.741320] ==================================================================
[   26.669553] ==================================================================
[   26.669984] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   26.670730] Read of size 1 at addr ffff888104964973 by task kunit_try_catch/270
[   26.671023] 
[   26.671118] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7-next-20250723 #1 PREEMPT(voluntary) 
[   26.671190] Tainted: [B]=BAD_PAGE, [N]=TEST
[   26.671204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   26.671228] Call Trace:
[   26.671243]  <TASK>
[   26.671264]  dump_stack_lvl+0x73/0xb0
[   26.671300]  print_report+0xd1/0x640
[   26.671325]  ? __virt_addr_valid+0x1db/0x2d0
[   26.671353]  ? mempool_oob_right_helper+0x318/0x380
[   26.671762]  ? kasan_complete_mode_report_info+0x2a/0x200
[   26.671804]  ? mempool_oob_right_helper+0x318/0x380
[   26.671829]  kasan_report+0x141/0x180
[   26.671853]  ? mempool_oob_right_helper+0x318/0x380
[   26.671883]  __asan_report_load1_noabort+0x18/0x20
[   26.671909]  mempool_oob_right_helper+0x318/0x380
[   26.671934]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   26.671974]  ? ret_from_fork+0x116/0x1d0
[   26.671994]  ? kthread+0x337/0x6f0
[   26.672017]  ? ret_from_fork_asm+0x1a/0x30
[   26.672046]  mempool_kmalloc_oob_right+0xf2/0x150
[   26.672070]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   26.672097]  ? __pfx_mempool_kmalloc+0x10/0x10
[   26.672125]  ? __pfx_mempool_kfree+0x10/0x10
[   26.672163]  ? __pfx_read_tsc+0x10/0x10
[   26.672186]  ? ktime_get_ts64+0x86/0x230
[   26.672212]  kunit_try_run_case+0x1a5/0x480
[   26.672241]  ? __pfx_kunit_try_run_case+0x10/0x10
[   26.672264]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   26.672292]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   26.672317]  ? __kthread_parkme+0x82/0x180
[   26.672337]  ? preempt_count_sub+0x50/0x80
[   26.672362]  ? __pfx_kunit_try_run_case+0x10/0x10
[   26.672445]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   26.672470]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   26.672494]  kthread+0x337/0x6f0
[   26.672514]  ? trace_preempt_on+0x20/0xc0
[   26.672540]  ? __pfx_kthread+0x10/0x10
[   26.672561]  ? _raw_spin_unlock_irq+0x47/0x80
[   26.672586]  ? calculate_sigpending+0x7b/0xa0
[   26.672612]  ? __pfx_kthread+0x10/0x10
[   26.672634]  ret_from_fork+0x116/0x1d0
[   26.672653]  ? __pfx_kthread+0x10/0x10
[   26.672675]  ret_from_fork_asm+0x1a/0x30
[   26.672705]  </TASK>
[   26.672718] 
[   26.684465] Allocated by task 270:
[   26.684613]  kasan_save_stack+0x45/0x70
[   26.684782]  kasan_save_track+0x18/0x40
[   26.684994]  kasan_save_alloc_info+0x3b/0x50
[   26.685211]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   26.685437]  remove_element+0x11e/0x190
[   26.685617]  mempool_alloc_preallocated+0x4d/0x90
[   26.685847]  mempool_oob_right_helper+0x8a/0x380
[   26.686093]  mempool_kmalloc_oob_right+0xf2/0x150
[   26.686303]  kunit_try_run_case+0x1a5/0x480
[   26.686797]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   26.687052]  kthread+0x337/0x6f0
[   26.687188]  ret_from_fork+0x116/0x1d0
[   26.687324]  ret_from_fork_asm+0x1a/0x30
[   26.687592] 
[   26.687700] The buggy address belongs to the object at ffff888104964900
[   26.687700]  which belongs to the cache kmalloc-128 of size 128
[   26.688283] The buggy address is located 0 bytes to the right of
[   26.688283]  allocated 115-byte region [ffff888104964900, ffff888104964973)
[   26.688892] 
[   26.688986] The buggy address belongs to the physical page:
[   26.689188] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x104964
[   26.689491] flags: 0x200000000000000(node=0|zone=2)
[   26.689697] page_type: f5(slab)
[   26.689833] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   26.690133] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   26.690555] page dumped because: kasan: bad access detected
[   26.690810] 
[   26.690901] Memory state around the buggy address:
[   26.691114]  ffff888104964800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   26.691630]  ffff888104964880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   26.691930] >ffff888104964900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   26.692257]                                                              ^
[   26.692593]  ffff888104964980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   26.692865]  ffff888104964a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   26.693184] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

30G3cJ1sbXw9qzJ7BlfPJWioYpf

job_id

TEST:linaro@lkft#30G3j74iQKw0QFlrSngm0dpeaMJ

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/30G3j74iQKw0QFlrSngm0dpeaMJ

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30G3fQvMn9HcF0DxVKKJ5x3GX38/bzImage
sha256sum	371f4f87cae012670505649e4e687713b51a0312ceeb0d149c78e0b6bf6d272b

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30G3fQvMn9HcF0DxVKKJ5x3GX38/modules.tar.xz
sha256sum	1a60ff32537a1f4915659be5386778e0052a5e702d5e77815e3fc933dbd119e2

durations

tests

boot	0
kunit	253.64

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit