lkft/linux-stable-rc-linux-6.14.y - v6.14.6-198-g4f7f8fb4f8e3 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

May 12, 2025, 6:12 p.m.

Environment
qemu-arm64
qemu-x86_64

[   20.347277] ==================================================================
[   20.347778] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   20.348229] Read of size 1 at addr fff00000c65fa001 by task kunit_try_catch/212
[   20.348733] 
[   20.348953] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G    B            N 6.14.7-rc1 #1
[   20.349062] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.349096] Hardware name: linux,dummy-virt (DT)
[   20.349136] Call trace:
[   20.349165]  show_stack+0x20/0x38 (C)
[   20.349231]  dump_stack_lvl+0x8c/0xd0
[   20.349291]  print_report+0x118/0x608
[   20.349348]  kasan_report+0xdc/0x128
[   20.349400]  __asan_report_load1_noabort+0x20/0x30
[   20.349453]  mempool_oob_right_helper+0x2ac/0x2f0
[   20.349507]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   20.349564]  kunit_try_run_case+0x170/0x3f0
[   20.349618]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.349676]  kthread+0x318/0x620
[   20.349727]  ret_from_fork+0x10/0x20
[   20.349803] 
[   20.352733] The buggy address belongs to the physical page:
[   20.353081] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065f8
[   20.353549] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.353812] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.354291] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.354638] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   20.355853] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.356183] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   20.356500] head: 0bfffe0000000002 ffffc1ffc3197e01 ffffffffffffffff 0000000000000000
[   20.357008] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   20.357326] page dumped because: kasan: bad access detected
[   20.357661] 
[   20.357839] Memory state around the buggy address:
[   20.358061]  fff00000c65f9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.358434]  fff00000c65f9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.359106] >fff00000c65fa000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.359434]                    ^
[   20.359634]  fff00000c65fa080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.359950]  fff00000c65fa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.360263] ==================================================================
[   20.368710] ==================================================================
[   20.369299] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   20.369666] Read of size 1 at addr fff00000c1f122bb by task kunit_try_catch/214
[   20.370056] 
[   20.370207] CPU: 1 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G    B            N 6.14.7-rc1 #1
[   20.370307] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.370341] Hardware name: linux,dummy-virt (DT)
[   20.370379] Call trace:
[   20.370407]  show_stack+0x20/0x38 (C)
[   20.370465]  dump_stack_lvl+0x8c/0xd0
[   20.370910]  print_report+0x118/0x608
[   20.370971]  kasan_report+0xdc/0x128
[   20.371027]  __asan_report_load1_noabort+0x20/0x30
[   20.371080]  mempool_oob_right_helper+0x2ac/0x2f0
[   20.371135]  mempool_slab_oob_right+0xc0/0x118
[   20.371189]  kunit_try_run_case+0x170/0x3f0
[   20.371243]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.371298]  kthread+0x318/0x620
[   20.371347]  ret_from_fork+0x10/0x20
[   20.371401] 
[   20.375724] Allocated by task 214:
[   20.375904]  kasan_save_stack+0x3c/0x68
[   20.376199]  kasan_save_track+0x20/0x40
[   20.376426]  kasan_save_alloc_info+0x40/0x58
[   20.376774]  __kasan_mempool_unpoison_object+0xbc/0x180
[   20.377138]  remove_element+0x16c/0x1f8
[   20.377301]  mempool_alloc_preallocated+0x58/0xc0
[   20.377658]  mempool_oob_right_helper+0x98/0x2f0
[   20.377939]  mempool_slab_oob_right+0xc0/0x118
[   20.378170]  kunit_try_run_case+0x170/0x3f0
[   20.378397]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.378679]  kthread+0x318/0x620
[   20.379033]  ret_from_fork+0x10/0x20
[   20.379454] 
[   20.379802] The buggy address belongs to the object at fff00000c1f12240
[   20.379802]  which belongs to the cache test_cache of size 123
[   20.380200] The buggy address is located 0 bytes to the right of
[   20.380200]  allocated 123-byte region [fff00000c1f12240, fff00000c1f122bb)
[   20.380612] 
[   20.380732] The buggy address belongs to the physical page:
[   20.380994] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f12
[   20.381308] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   20.381586] page_type: f5(slab)
[   20.382378] raw: 0bfffe0000000000 fff00000c596f780 dead000000000122 0000000000000000
[   20.382756] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   20.383597] page dumped because: kasan: bad access detected
[   20.383925] 
[   20.384048] Memory state around the buggy address:
[   20.384420]  fff00000c1f12180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   20.384851]  fff00000c1f12200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   20.385153] >fff00000c1f12280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   20.385657]                                         ^
[   20.385937]  fff00000c1f12300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.386421]  fff00000c1f12380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.387108] ==================================================================
[   20.315821] ==================================================================
[   20.316436] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   20.317139] Read of size 1 at addr fff00000c5a05673 by task kunit_try_catch/210
[   20.317562] 
[   20.317710] CPU: 0 UID: 0 PID: 210 Comm: kunit_try_catch Tainted: G    B            N 6.14.7-rc1 #1
[   20.318003] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.318040] Hardware name: linux,dummy-virt (DT)
[   20.318103] Call trace:
[   20.318140]  show_stack+0x20/0x38 (C)
[   20.318207]  dump_stack_lvl+0x8c/0xd0
[   20.318266]  print_report+0x118/0x608
[   20.318319]  kasan_report+0xdc/0x128
[   20.318372]  __asan_report_load1_noabort+0x20/0x30
[   20.318425]  mempool_oob_right_helper+0x2ac/0x2f0
[   20.318495]  mempool_kmalloc_oob_right+0xc4/0x120
[   20.318555]  kunit_try_run_case+0x170/0x3f0
[   20.318611]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.318670]  kthread+0x318/0x620
[   20.318798]  ret_from_fork+0x10/0x20
[   20.318909] 
[   20.323722] Allocated by task 210:
[   20.323997]  kasan_save_stack+0x3c/0x68
[   20.324480]  kasan_save_track+0x20/0x40
[   20.324678]  kasan_save_alloc_info+0x40/0x58
[   20.324869]  __kasan_mempool_unpoison_object+0x11c/0x180
[   20.325526]  remove_element+0x130/0x1f8
[   20.325900]  mempool_alloc_preallocated+0x58/0xc0
[   20.326341]  mempool_oob_right_helper+0x98/0x2f0
[   20.326686]  mempool_kmalloc_oob_right+0xc4/0x120
[   20.327122]  kunit_try_run_case+0x170/0x3f0
[   20.327484]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.327826]  kthread+0x318/0x620
[   20.328054]  ret_from_fork+0x10/0x20
[   20.328294] 
[   20.328441] The buggy address belongs to the object at fff00000c5a05600
[   20.328441]  which belongs to the cache kmalloc-128 of size 128
[   20.329319] The buggy address is located 0 bytes to the right of
[   20.329319]  allocated 115-byte region [fff00000c5a05600, fff00000c5a05673)
[   20.330055] 
[   20.330278] The buggy address belongs to the physical page:
[   20.330612] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a05
[   20.331156] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   20.331580] page_type: f5(slab)
[   20.332010] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   20.332523] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   20.333061] page dumped because: kasan: bad access detected
[   20.333428] 
[   20.333545] Memory state around the buggy address:
[   20.333735]  fff00000c5a05500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   20.334427]  fff00000c5a05580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.335206] >fff00000c5a05600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   20.335576]                                                              ^
[   20.335922]  fff00000c5a05680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.336322]  fff00000c5a05700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   20.336566] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2x0SPsCc3D4dL5Fs7f4y5KqWbP1

job_id

TEST:linaro@lkft#2x0SUgH3HDRQ5YCD733NxBrXD2V

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2x0SUgH3HDRQ5YCD733NxBrXD2V

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2x0SR2iDZ4z9eOUfCBwAGNsgopF/Image.gz
sha256sum	65887a5a3be27653aaa895419fe06aeeec5babf25fa078326e6a5ab1b291d180

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/arm64/rootfs.ext4.xz
sha256sum	1cc8d041751cc9cfe19b957ffa27d6115f076efaeb324bcd0fb145c37c99e1b7

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2x0SR2iDZ4z9eOUfCBwAGNsgopF/modules.tar.xz
sha256sum	ddcb30742c0af2b82731246640de982c796b3682f98ffb33c56209bec5fd1b3d

durations

tests

boot	0
kunit	306.79

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0~rc3+ds-2

[   13.887493] ==================================================================
[   13.888513] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380
[   13.888964] Read of size 1 at addr ffff888102aee2bb by task kunit_try_catch/233
[   13.889353] 
[   13.889472] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G    B            N 6.14.7-rc1 #1
[   13.889525] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.889557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.889582] Call Trace:
[   13.889597]  <TASK>
[   13.889618]  dump_stack_lvl+0x73/0xb0
[   13.889652]  print_report+0xd1/0x650
[   13.889674]  ? __virt_addr_valid+0x1db/0x2d0
[   13.889700]  ? mempool_oob_right_helper+0x31a/0x380
[   13.889747]  ? kasan_complete_mode_report_info+0x2a/0x200
[   13.889774]  ? mempool_oob_right_helper+0x31a/0x380
[   13.889797]  kasan_report+0x140/0x180
[   13.889818]  ? mempool_oob_right_helper+0x31a/0x380
[   13.889855]  __asan_report_load1_noabort+0x18/0x20
[   13.889878]  mempool_oob_right_helper+0x31a/0x380
[   13.889902]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   13.889928]  ? finish_task_switch.isra.0+0x153/0x700
[   13.889975]  mempool_slab_oob_right+0xee/0x140
[   13.889999]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   13.890038]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   13.890061]  ? __pfx_mempool_free_slab+0x10/0x10
[   13.890083]  ? __pfx_read_tsc+0x10/0x10
[   13.890106]  ? ktime_get_ts64+0x86/0x230
[   13.890133]  kunit_try_run_case+0x1a6/0x480
[   13.890170]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.890191]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   13.890215]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.890241]  ? __kthread_parkme+0x82/0x160
[   13.890264]  ? preempt_count_sub+0x50/0x80
[   13.890289]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.890312]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.890338]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.890364]  kthread+0x324/0x6e0
[   13.890386]  ? trace_preempt_on+0x20/0xc0
[   13.890410]  ? __pfx_kthread+0x10/0x10
[   13.890433]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.890457]  ? calculate_sigpending+0x7b/0xa0
[   13.890480]  ? __pfx_kthread+0x10/0x10
[   13.890502]  ret_from_fork+0x41/0x80
[   13.890522]  ? __pfx_kthread+0x10/0x10
[   13.890544]  ret_from_fork_asm+0x1a/0x30
[   13.890577]  </TASK>
[   13.890589] 
[   13.899400] Allocated by task 233:
[   13.899657]  kasan_save_stack+0x45/0x70
[   13.899866]  kasan_save_track+0x18/0x40
[   13.900072]  kasan_save_alloc_info+0x3b/0x50
[   13.900304]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   13.900622]  remove_element+0x11e/0x190
[   13.900824]  mempool_alloc_preallocated+0x4d/0x90
[   13.901099]  mempool_oob_right_helper+0x8b/0x380
[   13.901381]  mempool_slab_oob_right+0xee/0x140
[   13.901563]  kunit_try_run_case+0x1a6/0x480
[   13.901706]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.902000]  kthread+0x324/0x6e0
[   13.902341]  ret_from_fork+0x41/0x80
[   13.902508]  ret_from_fork_asm+0x1a/0x30
[   13.902683] 
[   13.902779] The buggy address belongs to the object at ffff888102aee240
[   13.902779]  which belongs to the cache test_cache of size 123
[   13.903466] The buggy address is located 0 bytes to the right of
[   13.903466]  allocated 123-byte region [ffff888102aee240, ffff888102aee2bb)
[   13.904026] 
[   13.904137] The buggy address belongs to the physical page:
[   13.904384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aee
[   13.904742] flags: 0x200000000000000(node=0|zone=2)
[   13.904942] page_type: f5(slab)
[   13.905064] raw: 0200000000000000 ffff888102aeb000 dead000000000122 0000000000000000
[   13.905286] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   13.905913] page dumped because: kasan: bad access detected
[   13.906411] 
[   13.906532] Memory state around the buggy address:
[   13.906794]  ffff888102aee180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.907249]  ffff888102aee200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   13.907585] >ffff888102aee280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   13.907907]                                         ^
[   13.908136]  ffff888102aee300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.908362]  ffff888102aee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.908567] ==================================================================
[   13.864163] ==================================================================
[   13.864657] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380
[   13.865129] Read of size 1 at addr ffff888102952001 by task kunit_try_catch/231
[   13.865545] 
[   13.865749] CPU: 1 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G    B            N 6.14.7-rc1 #1
[   13.865802] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.865814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.865849] Call Trace:
[   13.865862]  <TASK>
[   13.865895]  dump_stack_lvl+0x73/0xb0
[   13.866023]  print_report+0xd1/0x650
[   13.866048]  ? __virt_addr_valid+0x1db/0x2d0
[   13.866072]  ? mempool_oob_right_helper+0x31a/0x380
[   13.866094]  ? kasan_addr_to_slab+0x11/0xa0
[   13.866114]  ? mempool_oob_right_helper+0x31a/0x380
[   13.866136]  kasan_report+0x140/0x180
[   13.866157]  ? mempool_oob_right_helper+0x31a/0x380
[   13.866184]  __asan_report_load1_noabort+0x18/0x20
[   13.866207]  mempool_oob_right_helper+0x31a/0x380
[   13.866231]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   13.866399]  ? finish_task_switch.isra.0+0x153/0x700
[   13.866441]  mempool_kmalloc_large_oob_right+0xf3/0x150
[   13.866478]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   13.866505]  ? __pfx_mempool_kmalloc+0x10/0x10
[   13.866527]  ? __pfx_mempool_kfree+0x10/0x10
[   13.866548]  ? __pfx_read_tsc+0x10/0x10
[   13.866572]  ? ktime_get_ts64+0x86/0x230
[   13.866597]  kunit_try_run_case+0x1a6/0x480
[   13.866622]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.866642]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   13.866664]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.866689]  ? __kthread_parkme+0x82/0x160
[   13.866713]  ? preempt_count_sub+0x50/0x80
[   13.866735]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.866758]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.866783]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.866809]  kthread+0x324/0x6e0
[   13.866830]  ? trace_preempt_on+0x20/0xc0
[   13.866863]  ? __pfx_kthread+0x10/0x10
[   13.866885]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.866908]  ? calculate_sigpending+0x7b/0xa0
[   13.866930]  ? __pfx_kthread+0x10/0x10
[   13.866952]  ret_from_fork+0x41/0x80
[   13.866971]  ? __pfx_kthread+0x10/0x10
[   13.866993]  ret_from_fork_asm+0x1a/0x30
[   13.867065]  </TASK>
[   13.867078] 
[   13.875950] The buggy address belongs to the physical page:
[   13.876478] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102950
[   13.876898] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   13.877483] flags: 0x200000000000040(head|node=0|zone=2)
[   13.877822] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   13.878237] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   13.878478] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   13.878747] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   13.879235] head: 0200000000000002 ffffea00040a5401 ffffffffffffffff 0000000000000000
[   13.879778] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000
[   13.880299] page dumped because: kasan: bad access detected
[   13.880505] 
[   13.880601] Memory state around the buggy address:
[   13.880821]  ffff888102951f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   13.881441]  ffff888102951f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   13.881779] >ffff888102952000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   13.882202]                    ^
[   13.882418]  ffff888102952080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   13.882763]  ffff888102952100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   13.883174] ==================================================================
[   13.835487] ==================================================================
[   13.836004] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380
[   13.836530] Read of size 1 at addr ffff888101b34073 by task kunit_try_catch/229
[   13.836871] 
[   13.836976] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G    B            N 6.14.7-rc1 #1
[   13.837180] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.837198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.837222] Call Trace:
[   13.837238]  <TASK>
[   13.837259]  dump_stack_lvl+0x73/0xb0
[   13.837293]  print_report+0xd1/0x650
[   13.837316]  ? __virt_addr_valid+0x1db/0x2d0
[   13.837339]  ? mempool_oob_right_helper+0x31a/0x380
[   13.837586]  ? kasan_complete_mode_report_info+0x2a/0x200
[   13.837613]  ? mempool_oob_right_helper+0x31a/0x380
[   13.837637]  kasan_report+0x140/0x180
[   13.837659]  ? mempool_oob_right_helper+0x31a/0x380
[   13.837686]  __asan_report_load1_noabort+0x18/0x20
[   13.837710]  mempool_oob_right_helper+0x31a/0x380
[   13.837734]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   13.837767]  ? finish_task_switch.isra.0+0x153/0x700
[   13.837795]  mempool_kmalloc_oob_right+0xf3/0x150
[   13.837818]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   13.837854]  ? __pfx_mempool_kmalloc+0x10/0x10
[   13.837876]  ? __pfx_mempool_kfree+0x10/0x10
[   13.837897]  ? __pfx_read_tsc+0x10/0x10
[   13.837920]  ? ktime_get_ts64+0x86/0x230
[   13.837946]  kunit_try_run_case+0x1a6/0x480
[   13.837970]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.837991]  ? _raw_spin_lock_irqsave+0xa2/0x110
[   13.838240]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.838269]  ? __kthread_parkme+0x82/0x160
[   13.838293]  ? preempt_count_sub+0x50/0x80
[   13.838317]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.838341]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.838367]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.838393]  kthread+0x324/0x6e0
[   13.838415]  ? trace_preempt_on+0x20/0xc0
[   13.838441]  ? __pfx_kthread+0x10/0x10
[   13.838463]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.838486]  ? calculate_sigpending+0x7b/0xa0
[   13.838508]  ? __pfx_kthread+0x10/0x10
[   13.838531]  ret_from_fork+0x41/0x80
[   13.838551]  ? __pfx_kthread+0x10/0x10
[   13.838572]  ret_from_fork_asm+0x1a/0x30
[   13.838605]  </TASK>
[   13.838617] 
[   13.848868] Allocated by task 229:
[   13.849226]  kasan_save_stack+0x45/0x70
[   13.849397]  kasan_save_track+0x18/0x40
[   13.849756]  kasan_save_alloc_info+0x3b/0x50
[   13.849973]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   13.850455]  remove_element+0x11e/0x190
[   13.850884]  mempool_alloc_preallocated+0x4d/0x90
[   13.851233]  mempool_oob_right_helper+0x8b/0x380
[   13.851388]  mempool_kmalloc_oob_right+0xf3/0x150
[   13.851539]  kunit_try_run_case+0x1a6/0x480
[   13.851738]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.852012]  kthread+0x324/0x6e0
[   13.852534]  ret_from_fork+0x41/0x80
[   13.852716]  ret_from_fork_asm+0x1a/0x30
[   13.852868] 
[   13.852940] The buggy address belongs to the object at ffff888101b34000
[   13.852940]  which belongs to the cache kmalloc-128 of size 128
[   13.853867] The buggy address is located 0 bytes to the right of
[   13.853867]  allocated 115-byte region [ffff888101b34000, ffff888101b34073)
[   13.854387] 
[   13.854606] The buggy address belongs to the physical page:
[   13.854882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b34
[   13.855270] flags: 0x200000000000000(node=0|zone=2)
[   13.855607] page_type: f5(slab)
[   13.855735] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   13.856406] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   13.856662] page dumped because: kasan: bad access detected
[   13.856965] 
[   13.857147] Memory state around the buggy address:
[   13.857354]  ffff888101b33f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.857766]  ffff888101b33f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.858216] >ffff888101b34000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   13.858547]                                                              ^
[   13.858894]  ffff888101b34080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.859220]  ffff888101b34100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   13.859629] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2x0SPsCc3D4dL5Fs7f4y5KqWbP1

job_id

TEST:linaro@lkft#2x0SVwltlsrm2T0d5Ba3sftzBJV

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2x0SVwltlsrm2T0d5Ba3sftzBJV

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2x0SS2Hw3iq0iQlsLeAo2dcc2s8/bzImage
sha256sum	7bc2976d5bc54a2548ad80d58c51f55eeb790da9ccb30ecb5948e73bb43c003b

rootfs

url	https://storage.tuxboot.com/debian/20250425/trixie/amd64/rootfs.ext4.xz
sha256sum	3e64c22b7a85dd4a60fd0a31f22599e711e865f841aed0d517fae37e9c171158

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2x0SS2Hw3iq0iQlsLeAo2dcc2s8/modules.tar.xz
sha256sum	64a9a8df2a58f3013b4dda0c48e7d525f20040a72fb28fa3604f8eafd96b0610

durations

tests

boot	0
kunit	240.42

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0~rc3+ds-2

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit