lkft/linux-next-master - next-20250725 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right

Date

July 25, 2025, 3:13 a.m.

Environment
qemu-arm64
qemu-x86_64

[   31.894545] ==================================================================
[   31.894898] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5a4/0x660
[   31.895855] Write of size 1 at addr fff00000c9726173 by task kunit_try_catch/168
[   31.895965] 
[   31.896797] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G                 N  6.16.0-rc7-next-20250725 #1 PREEMPT 
[   31.896948] Tainted: [N]=TEST
[   31.896980] Hardware name: linux,dummy-virt (DT)
[   31.897207] Call trace:
[   31.897398]  show_stack+0x20/0x38 (C)
[   31.897532]  dump_stack_lvl+0x8c/0xd0
[   31.897584]  print_report+0x118/0x5e8
[   31.897628]  kasan_report+0xdc/0x128
[   31.897684]  __asan_report_store1_noabort+0x20/0x30
[   31.897732]  kmalloc_oob_right+0x5a4/0x660
[   31.897778]  kunit_try_run_case+0x170/0x3f0
[   31.897828]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.897879]  kthread+0x328/0x630
[   31.897922]  ret_from_fork+0x10/0x20
[   31.898086] 
[   31.898124] Allocated by task 168:
[   31.898240]  kasan_save_stack+0x3c/0x68
[   31.898305]  kasan_save_track+0x20/0x40
[   31.898341]  kasan_save_alloc_info+0x40/0x58
[   31.898377]  __kasan_kmalloc+0xd4/0xd8
[   31.898410]  __kmalloc_cache_noprof+0x16c/0x3c0
[   31.898451]  kmalloc_oob_right+0xb0/0x660
[   31.898487]  kunit_try_run_case+0x170/0x3f0
[   31.898524]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.898566]  kthread+0x328/0x630
[   31.898598]  ret_from_fork+0x10/0x20
[   31.898664] 
[   31.898726] The buggy address belongs to the object at fff00000c9726100
[   31.898726]  which belongs to the cache kmalloc-128 of size 128
[   31.898819] The buggy address is located 0 bytes to the right of
[   31.898819]  allocated 115-byte region [fff00000c9726100, fff00000c9726173)
[   31.898885] 
[   31.899093] The buggy address belongs to the physical page:
[   31.899478] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109726
[   31.899752] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   31.904175] page_type: f5(slab)
[   31.904511] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   31.904571] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   31.904690] page dumped because: kasan: bad access detected
[   31.904733] 
[   31.904758] Memory state around the buggy address:
[   31.904986]  fff00000c9726000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   31.905051]  fff00000c9726080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   31.905105] >fff00000c9726100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   31.905157]                                                              ^
[   31.905236]  fff00000c9726180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   31.905278]  fff00000c9726200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   31.905338] ==================================================================
[   31.905906] ==================================================================
[   31.906006] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x538/0x660
[   31.906058] Write of size 1 at addr fff00000c9726178 by task kunit_try_catch/168
[   31.906105] 
[   31.906171] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7-next-20250725 #1 PREEMPT 
[   31.906253] Tainted: [B]=BAD_PAGE, [N]=TEST
[   31.906320] Hardware name: linux,dummy-virt (DT)
[   31.906378] Call trace:
[   31.906475]  show_stack+0x20/0x38 (C)
[   31.906613]  dump_stack_lvl+0x8c/0xd0
[   31.906674]  print_report+0x118/0x5e8
[   31.906718]  kasan_report+0xdc/0x128
[   31.906760]  _
[   31.906760]  __asan_report_store1_noabort+0x20/0x30
[   31.906808]  kmalloc_oob_right+0x538/0x660
[   31.906855]  kunit_try_run_case+0x170/0x3f0
[   31.906900]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.906950]  kthread+0x328/0x630
[   31.906991]  ret_from_fork+0x10/0x20
[   31.907037] 
[   31.907055] Allocated by task 168:
[   31.907083]  kasan_save_stack+0x3c/0x68
[   31.907120]  kasan_save_track+0x20/0x40
[   31.907153]  kasan_save_alloc_info+0x40/0x58
[   31.907190]  __kasan_kmalloc+0xd4/0xd8
[   31.907223]  __kmalloc_cache_noprof+0x16c/0x3c0
[   31.907262]  kmalloc_oob_right+0xb0/0x660
[   31.907298]  kunit_try_run_case+0x170/0x3f0
[   31.907392]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.907812]  kthread+0x328/0x630
[   31.907846]  ret_from_fork+0x10/0x20
[   31.908206] 
[   31.908245] The buggy address belongs to the object at fff00000c9726100
[   31.908245]  which belongs to the cache kmalloc-128 of size 128
[   31.909015] The buggy address is located 5 bytes to the right of
[   31.909015]  allocated 115-byte region [fff00000c9726100, fff00000c9726173)
[   31.909664] 
[   31.909691] The buggy address belongs to the physical page:
[   31.909725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109726
[   31.909780] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   31.909825] page_type: f5(slab)
[   31.909861] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   31.910482] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   31.910527] page dumped because: kasan: bad access detected
[   31.911238] 
[   31.911273] Memory state around the buggy address:
[   31.911308]  fff00000c9726000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   31.911352]  fff00000c9726080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   31.911393] >fff00000c9726100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   31.911429]                                                                 ^
[   31.911949]  fff00000c9726180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   31.912092]  fff00000c9726200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   31.912160] ==================================================================
[   31.912774] ==================================================================
[   31.912822] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x5d0/0x660
[   31.912873] Read of size 1 at addr fff00000c9726180 by task kunit_try_catch/168
[   31.912920] 
[   31.912964] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7-next-20250725 #1 PREEMPT 
[   31.913047] Tainted: [B]=BAD_PAGE, [N]=TEST
[   31.913072] Hardware name: linux,dummy-virt (DT)
[   31.913240] Call trace:
[   31.913275]  show_stack+0x20/0x38 (C)
[   31.913338]  dump_stack_lvl+0x8c/0xd0
[   31.913476]  print_report+0x118/0x5e8
[   31.913519]  kasan_report+0xdc/0x128
[   31.913561]  __asan_report_load1_noabort+0x20/0x30
[   31.913678]  kmalloc_oob_right+0x5d0/0x660
[   31.913725]  kunit_try_run_case+0x170/0x3f0
[   31.913770]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.913928]  kthread+0x328/0x630
[   31.914016]  ret_from_fork+0x10/0x20
[   31.914154] 
[   31.914207] Allocated by task 168:
[   31.914234]  kasan_save_stack+0x3c/0x68
[   31.914311]  kasan_save_track+0x20/0x40
[   31.914345]  kasan_save_alloc_info+0x40/0x58
[   31.914381]  __kasan_kmalloc+0xd4/0xd8
[   31.914414]  __kmalloc_cache_noprof+0x16c/0x3c0
[   31.914545]  kmalloc_oob_right+0xb0/0x660
[   31.914588]  kunit_try_run_case+0x170/0x3f0
[   31.914673]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.914764]  kthread+0x328/0x630
[   31.914795]  ret_from_fork+0x10/0x20
[   31.914830] 
[   31.914849] The buggy address belongs to the object at fff00000c9726100
[   31.914849]  which belongs to the cache kmalloc-128 of size 128
[   31.914903] The buggy address is located 13 bytes to the right of
[   31.914903]  allocated 115-byte region [fff00000c9726100, fff00000c9726173)
[   31.914965] 
[   31.914993] The buggy address belongs to the physical page:
[   31.915024] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109726
[   31.915137] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   31.915203] page_type: f5(slab)
[   31.915249] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   31.915397] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   31.915516] page dumped because: kasan: bad access detected
[   31.915606] 
[   31.915660] Memory state around the buggy address:
[   31.915758]  fff00000c9726080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   31.915801]  fff00000c9726100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   31.915842] >fff00000c9726180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   31.915930]                    ^
[   31.915959]  fff00000c9726200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   31.916011]  fff00000c9726280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   31.916047] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

30LiGXj2ae9l37rDh9ES2ygGLcy

job_id

TEST:linaro@lkft#30LiLIPqWNQvRNRqDtBDxUwGxZz

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/30LiLIPqWNQvRNRqDtBDxUwGxZz

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30LiHjVcRKNbgRBrU4jkvDoxC50/Image.gz
sha256sum	1f162015f4a75f9e6216abaa8065e831691a375e1ff18255465960f4188e179e

rootfs

url	https://storage.tuxboot.com/debian/20250722/trixie/arm64/rootfs.ext4.xz
sha256sum	4416595f610fe19a3fb374a6dd0942354bf27ddb827c7f1e8e5524ec95492466

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30LiHjVcRKNbgRBrU4jkvDoxC50/modules.tar.xz
sha256sum	874d5b7c11e52abbdf6f386f72a342d5a69f5ce0dd54af8193144a32e6d2a204

durations

tests

boot	0
kunit	181.35

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   24.990551] ==================================================================
[   24.991282] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0
[   24.991875] Read of size 1 at addr ffff888105800180 by task kunit_try_catch/185
[   24.992712] 
[   24.992805] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) 
[   24.992851] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.992865] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   24.992884] Call Trace:
[   24.992900]  <TASK>
[   24.992915]  dump_stack_lvl+0x73/0xb0
[   24.992953]  print_report+0xd1/0x640
[   24.992977]  ? __virt_addr_valid+0x1db/0x2d0
[   24.993000]  ? kmalloc_oob_right+0x68a/0x7f0
[   24.993022]  ? kasan_complete_mode_report_info+0x2a/0x200
[   24.993048]  ? kmalloc_oob_right+0x68a/0x7f0
[   24.993070]  kasan_report+0x141/0x180
[   24.993103]  ? kmalloc_oob_right+0x68a/0x7f0
[   24.993150]  __asan_report_load1_noabort+0x18/0x20
[   24.993184]  kmalloc_oob_right+0x68a/0x7f0
[   24.993213]  ? __pfx_kmalloc_oob_right+0x10/0x10
[   24.993236]  ? __schedule+0x10da/0x2b60
[   24.993259]  ? __pfx_read_tsc+0x10/0x10
[   24.993281]  ? ktime_get_ts64+0x86/0x230
[   24.993306]  kunit_try_run_case+0x1a5/0x480
[   24.993330]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.993353]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   24.993375]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   24.993401]  ? __kthread_parkme+0x82/0x180
[   24.993421]  ? preempt_count_sub+0x50/0x80
[   24.993446]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.993471]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.993495]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   24.993519]  kthread+0x337/0x6f0
[   24.993538]  ? trace_preempt_on+0x20/0xc0
[   24.993562]  ? __pfx_kthread+0x10/0x10
[   24.993582]  ? _raw_spin_unlock_irq+0x47/0x80
[   24.993606]  ? calculate_sigpending+0x7b/0xa0
[   24.993630]  ? __pfx_kthread+0x10/0x10
[   24.993652]  ret_from_fork+0x116/0x1d0
[   24.993672]  ? __pfx_kthread+0x10/0x10
[   24.993692]  ret_from_fork_asm+0x1a/0x30
[   24.993724]  </TASK>
[   24.993734] 
[   25.006526] Allocated by task 185:
[   25.006814]  kasan_save_stack+0x45/0x70
[   25.007098]  kasan_save_track+0x18/0x40
[   25.007441]  kasan_save_alloc_info+0x3b/0x50
[   25.007832]  __kasan_kmalloc+0xb7/0xc0
[   25.008287]  __kmalloc_cache_noprof+0x189/0x420
[   25.008485]  kmalloc_oob_right+0xa9/0x7f0
[   25.008625]  kunit_try_run_case+0x1a5/0x480
[   25.008769]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   25.008975]  kthread+0x337/0x6f0
[   25.009093]  ret_from_fork+0x116/0x1d0
[   25.009570]  ret_from_fork_asm+0x1a/0x30
[   25.009928] 
[   25.010095] The buggy address belongs to the object at ffff888105800100
[   25.010095]  which belongs to the cache kmalloc-128 of size 128
[   25.011281] The buggy address is located 13 bytes to the right of
[   25.011281]  allocated 115-byte region [ffff888105800100, ffff888105800173)
[   25.011938] 
[   25.012139] The buggy address belongs to the physical page:
[   25.012609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105800
[   25.013451] flags: 0x200000000000000(node=0|zone=2)
[   25.013886] page_type: f5(slab)
[   25.014199] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   25.014574] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   25.014963] page dumped because: kasan: bad access detected
[   25.015276] 
[   25.015426] Memory state around the buggy address:
[   25.015832]  ffff888105800080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.016506]  ffff888105800100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   25.016733] >ffff888105800180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.017037]                    ^
[   25.017349]  ffff888105800200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.017985]  ffff888105800280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.018533] ==================================================================
[   24.957694] ==================================================================
[   24.958819] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0
[   24.959381] Write of size 1 at addr ffff888105800178 by task kunit_try_catch/185
[   24.959620] 
[   24.959703] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) 
[   24.959751] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.959764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   24.959784] Call Trace:
[   24.959797]  <TASK>
[   24.959812]  dump_stack_lvl+0x73/0xb0
[   24.959969]  print_report+0xd1/0x640
[   24.959994]  ? __virt_addr_valid+0x1db/0x2d0
[   24.960018]  ? kmalloc_oob_right+0x6bd/0x7f0
[   24.960040]  ? kasan_complete_mode_report_info+0x2a/0x200
[   24.960066]  ? kmalloc_oob_right+0x6bd/0x7f0
[   24.960088]  kasan_report+0x141/0x180
[   24.960110]  ? kmalloc_oob_right+0x6bd/0x7f0
[   24.960297]  __asan_report_store1_noabort+0x1b/0x30
[   24.960324]  kmalloc_oob_right+0x6bd/0x7f0
[   24.960347]  ? __pfx_kmalloc_oob_right+0x10/0x10
[   24.960370]  ? __schedule+0x10da/0x2b60
[   24.960393]  ? __pfx_read_tsc+0x10/0x10
[   24.960415]  ? ktime_get_ts64+0x86/0x230
[   24.960441]  kunit_try_run_case+0x1a5/0x480
[   24.960465]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.960488]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   24.960510]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   24.960536]  ? __kthread_parkme+0x82/0x180
[   24.960557]  ? preempt_count_sub+0x50/0x80
[   24.960581]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.960605]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.960629]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   24.960653]  kthread+0x337/0x6f0
[   24.960673]  ? trace_preempt_on+0x20/0xc0
[   24.960697]  ? __pfx_kthread+0x10/0x10
[   24.960718]  ? _raw_spin_unlock_irq+0x47/0x80
[   24.960742]  ? calculate_sigpending+0x7b/0xa0
[   24.960766]  ? __pfx_kthread+0x10/0x10
[   24.960804]  ret_from_fork+0x116/0x1d0
[   24.960825]  ? __pfx_kthread+0x10/0x10
[   24.960847]  ret_from_fork_asm+0x1a/0x30
[   24.960878]  </TASK>
[   24.960889] 
[   24.974725] Allocated by task 185:
[   24.975034]  kasan_save_stack+0x45/0x70
[   24.975704]  kasan_save_track+0x18/0x40
[   24.976209]  kasan_save_alloc_info+0x3b/0x50
[   24.976711]  __kasan_kmalloc+0xb7/0xc0
[   24.977202]  __kmalloc_cache_noprof+0x189/0x420
[   24.977695]  kmalloc_oob_right+0xa9/0x7f0
[   24.978223]  kunit_try_run_case+0x1a5/0x480
[   24.978407]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.978594]  kthread+0x337/0x6f0
[   24.978716]  ret_from_fork+0x116/0x1d0
[   24.979284]  ret_from_fork_asm+0x1a/0x30
[   24.979676] 
[   24.979859] The buggy address belongs to the object at ffff888105800100
[   24.979859]  which belongs to the cache kmalloc-128 of size 128
[   24.981245] The buggy address is located 5 bytes to the right of
[   24.981245]  allocated 115-byte region [ffff888105800100, ffff888105800173)
[   24.981739] 
[   24.981890] The buggy address belongs to the physical page:
[   24.982594] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105800
[   24.983482] flags: 0x200000000000000(node=0|zone=2)
[   24.984048] page_type: f5(slab)
[   24.984390] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   24.984738] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   24.985540] page dumped because: kasan: bad access detected
[   24.986127] 
[   24.986285] Memory state around the buggy address:
[   24.986465]  ffff888105800000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   24.987345]  ffff888105800080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.988016] >ffff888105800100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   24.988371]                                                                 ^
[   24.988591]  ffff888105800180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.988858]  ffff888105800200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.989541] ==================================================================
[   24.922296] ==================================================================
[   24.922911] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0
[   24.923620] Write of size 1 at addr ffff888105800173 by task kunit_try_catch/185
[   24.924625] 
[   24.925997] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G                 N  6.16.0-rc7-next-20250725 #1 PREEMPT(voluntary) 
[   24.926347] Tainted: [N]=TEST
[   24.926380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   24.926607] Call Trace:
[   24.926675]  <TASK>
[   24.926833]  dump_stack_lvl+0x73/0xb0
[   24.926925]  print_report+0xd1/0x640
[   24.926968]  ? __virt_addr_valid+0x1db/0x2d0
[   24.926995]  ? kmalloc_oob_right+0x6f0/0x7f0
[   24.927017]  ? kasan_complete_mode_report_info+0x2a/0x200
[   24.927044]  ? kmalloc_oob_right+0x6f0/0x7f0
[   24.927292]  kasan_report+0x141/0x180
[   24.927319]  ? kmalloc_oob_right+0x6f0/0x7f0
[   24.927347]  __asan_report_store1_noabort+0x1b/0x30
[   24.927373]  kmalloc_oob_right+0x6f0/0x7f0
[   24.927396]  ? __pfx_kmalloc_oob_right+0x10/0x10
[   24.927419]  ? __schedule+0x10da/0x2b60
[   24.927443]  ? __pfx_read_tsc+0x10/0x10
[   24.927468]  ? ktime_get_ts64+0x86/0x230
[   24.927496]  kunit_try_run_case+0x1a5/0x480
[   24.927524]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.927547]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   24.927571]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   24.927598]  ? __kthread_parkme+0x82/0x180
[   24.927621]  ? preempt_count_sub+0x50/0x80
[   24.927647]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.927672]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.927697]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   24.927722]  kthread+0x337/0x6f0
[   24.927743]  ? trace_preempt_on+0x20/0xc0
[   24.927769]  ? __pfx_kthread+0x10/0x10
[   24.927840]  ? _raw_spin_unlock_irq+0x47/0x80
[   24.927866]  ? calculate_sigpending+0x7b/0xa0
[   24.927891]  ? __pfx_kthread+0x10/0x10
[   24.927913]  ret_from_fork+0x116/0x1d0
[   24.927936]  ? __pfx_kthread+0x10/0x10
[   24.927970]  ret_from_fork_asm+0x1a/0x30
[   24.928038]  </TASK>
[   24.928109] 
[   24.938505] Allocated by task 185:
[   24.938997]  kasan_save_stack+0x45/0x70
[   24.939377]  kasan_save_track+0x18/0x40
[   24.939563]  kasan_save_alloc_info+0x3b/0x50
[   24.939748]  __kasan_kmalloc+0xb7/0xc0
[   24.940137]  __kmalloc_cache_noprof+0x189/0x420
[   24.940439]  kmalloc_oob_right+0xa9/0x7f0
[   24.940733]  kunit_try_run_case+0x1a5/0x480
[   24.940997]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.941297]  kthread+0x337/0x6f0
[   24.941654]  ret_from_fork+0x116/0x1d0
[   24.941868]  ret_from_fork_asm+0x1a/0x30
[   24.942270] 
[   24.942430] The buggy address belongs to the object at ffff888105800100
[   24.942430]  which belongs to the cache kmalloc-128 of size 128
[   24.944022] The buggy address is located 0 bytes to the right of
[   24.944022]  allocated 115-byte region [ffff888105800100, ffff888105800173)
[   24.944773] 
[   24.945061] The buggy address belongs to the physical page:
[   24.946029] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105800
[   24.946834] flags: 0x200000000000000(node=0|zone=2)
[   24.947478] page_type: f5(slab)
[   24.948155] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   24.948495] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   24.949690] page dumped because: kasan: bad access detected
[   24.950382] 
[   24.950611] Memory state around the buggy address:
[   24.951532]  ffff888105800000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   24.952398]  ffff888105800080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.953233] >ffff888105800100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   24.954047]                                                              ^
[   24.954732]  ffff888105800180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.955608]  ffff888105800200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.956027] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

30LiGXj2ae9l37rDh9ES2ygGLcy

job_id

TEST:linaro@lkft#30LiMSmAFBIdZSnFjQilSiHXbFX

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/30LiMSmAFBIdZSnFjQilSiHXbFX

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30LiIkEIWzwcOizdgCfJhHvoQ2t/bzImage
sha256sum	cb04a09100e7bb1b25ec1cd9eb8a6652066b7b698c4172d9166a486dc8b0154b

rootfs

url	https://storage.tuxboot.com/debian/20250722/trixie/amd64/rootfs.ext4.xz
sha256sum	f011d4ee6daca8ff6eb107b3ab1eb085d1f77f9019361779f04403719dd7a135

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30LiIkEIWzwcOizdgCfJhHvoQ2t/modules.tar.xz
sha256sum	3b07c3dc3b89c919b40bced1758d16b0994c9e96155d8408ee1a634b63ef2280

durations

tests

boot	0
kunit	227.73

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit