lkft/linux-mainline-master - v6.16-rc4-13-g66701750d556 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

July 1, 2025, 11:08 a.m.

Environment
qemu-arm64
qemu-x86_64

[   20.563123] ==================================================================
[   20.563483] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   20.563565] Read of size 1 at addr fff00000c784a001 by task kunit_try_catch/224
[   20.563623] 
[   20.563670] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   20.563764] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.564976] Hardware name: linux,dummy-virt (DT)
[   20.565044] Call trace:
[   20.565072]  show_stack+0x20/0x38 (C)
[   20.565150]  dump_stack_lvl+0x8c/0xd0
[   20.565734]  print_report+0x118/0x608
[   20.565796]  kasan_report+0xdc/0x128
[   20.565848]  __asan_report_load1_noabort+0x20/0x30
[   20.565904]  mempool_oob_right_helper+0x2ac/0x2f0
[   20.566827]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   20.567329]  kunit_try_run_case+0x170/0x3f0
[   20.567407]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.567522]  kthread+0x328/0x630
[   20.567569]  ret_from_fork+0x10/0x20
[   20.567642] 
[   20.567668] The buggy address belongs to the physical page:
[   20.568116] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107848
[   20.568629] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.568784] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.569193] page_type: f8(unknown)
[   20.569272] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.569388] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   20.569674] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.570080] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   20.570292] head: 0bfffe0000000002 ffffc1ffc31e1201 00000000ffffffff 00000000ffffffff
[   20.570349] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   20.570702] page dumped because: kasan: bad access detected
[   20.570984] 
[   20.571013] Memory state around the buggy address:
[   20.571194]  fff00000c7849f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.571249]  fff00000c7849f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.571621] >fff00000c784a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.571759]                    ^
[   20.571855]  fff00000c784a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.572038]  fff00000c784a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.572142] ==================================================================
[   20.529752] ==================================================================
[   20.529880] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   20.529979] Read of size 1 at addr fff00000c6026973 by task kunit_try_catch/222
[   20.530041] 
[   20.530090] CPU: 0 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   20.530203] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.530235] Hardware name: linux,dummy-virt (DT)
[   20.530273] Call trace:
[   20.530300]  show_stack+0x20/0x38 (C)
[   20.530359]  dump_stack_lvl+0x8c/0xd0
[   20.530415]  print_report+0x118/0x608
[   20.530467]  kasan_report+0xdc/0x128
[   20.530515]  __asan_report_load1_noabort+0x20/0x30
[   20.530570]  mempool_oob_right_helper+0x2ac/0x2f0
[   20.530621]  mempool_kmalloc_oob_right+0xc4/0x120
[   20.530673]  kunit_try_run_case+0x170/0x3f0
[   20.530729]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.530786]  kthread+0x328/0x630
[   20.530832]  ret_from_fork+0x10/0x20
[   20.530888] 
[   20.530909] Allocated by task 222:
[   20.530941]  kasan_save_stack+0x3c/0x68
[   20.530989]  kasan_save_track+0x20/0x40
[   20.531029]  kasan_save_alloc_info+0x40/0x58
[   20.531075]  __kasan_mempool_unpoison_object+0x11c/0x180
[   20.531127]  remove_element+0x130/0x1f8
[   20.531330]  mempool_alloc_preallocated+0x58/0xc0
[   20.531389]  mempool_oob_right_helper+0x98/0x2f0
[   20.531432]  mempool_kmalloc_oob_right+0xc4/0x120
[   20.531474]  kunit_try_run_case+0x170/0x3f0
[   20.531516]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.531563]  kthread+0x328/0x630
[   20.531600]  ret_from_fork+0x10/0x20
[   20.531639] 
[   20.531662] The buggy address belongs to the object at fff00000c6026900
[   20.531662]  which belongs to the cache kmalloc-128 of size 128
[   20.531732] The buggy address is located 0 bytes to the right of
[   20.531732]  allocated 115-byte region [fff00000c6026900, fff00000c6026973)
[   20.531804] 
[   20.531832] The buggy address belongs to the physical page:
[   20.531873] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106026
[   20.531937] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   20.531999] page_type: f5(slab)
[   20.532047] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   20.532103] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   20.532170] page dumped because: kasan: bad access detected
[   20.532206] 
[   20.532226] Memory state around the buggy address:
[   20.532267]  fff00000c6026800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   20.532317]  fff00000c6026880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.532367] >fff00000c6026900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   20.532411]                                                              ^
[   20.532458]  fff00000c6026980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.532507]  fff00000c6026a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   20.532552] ==================================================================
[   20.594750] ==================================================================
[   20.594887] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   20.594972] Read of size 1 at addr fff00000c63b72bb by task kunit_try_catch/226
[   20.595032] 
[   20.595077] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   20.595194] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.595224] Hardware name: linux,dummy-virt (DT)
[   20.595262] Call trace:
[   20.595288]  show_stack+0x20/0x38 (C)
[   20.595380]  dump_stack_lvl+0x8c/0xd0
[   20.595435]  print_report+0x118/0x608
[   20.595486]  kasan_report+0xdc/0x128
[   20.595534]  __asan_report_load1_noabort+0x20/0x30
[   20.595589]  mempool_oob_right_helper+0x2ac/0x2f0
[   20.595642]  mempool_slab_oob_right+0xc0/0x118
[   20.595691]  kunit_try_run_case+0x170/0x3f0
[   20.595744]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.595799]  kthread+0x328/0x630
[   20.595843]  ret_from_fork+0x10/0x20
[   20.595897] 
[   20.595919] Allocated by task 226:
[   20.595949]  kasan_save_stack+0x3c/0x68
[   20.595995]  kasan_save_track+0x20/0x40
[   20.596034]  kasan_save_alloc_info+0x40/0x58
[   20.596078]  __kasan_mempool_unpoison_object+0xbc/0x180
[   20.596123]  remove_element+0x16c/0x1f8
[   20.596177]  mempool_alloc_preallocated+0x58/0xc0
[   20.596219]  mempool_oob_right_helper+0x98/0x2f0
[   20.596262]  mempool_slab_oob_right+0xc0/0x118
[   20.596303]  kunit_try_run_case+0x170/0x3f0
[   20.596343]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.596389]  kthread+0x328/0x630
[   20.596424]  ret_from_fork+0x10/0x20
[   20.596462] 
[   20.596485] The buggy address belongs to the object at fff00000c63b7240
[   20.596485]  which belongs to the cache test_cache of size 123
[   20.596550] The buggy address is located 0 bytes to the right of
[   20.596550]  allocated 123-byte region [fff00000c63b7240, fff00000c63b72bb)
[   20.596621] 
[   20.596647] The buggy address belongs to the physical page:
[   20.596685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063b7
[   20.596749] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   20.596807] page_type: f5(slab)
[   20.596854] raw: 0bfffe0000000000 fff00000c63f5140 dead000000000122 0000000000000000
[   20.596909] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   20.596954] page dumped because: kasan: bad access detected
[   20.596989] 
[   20.597009] Memory state around the buggy address:
[   20.597047]  fff00000c63b7180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   20.597096]  fff00000c63b7200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   20.597155] >fff00000c63b7280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   20.597199]                                         ^
[   20.597236]  fff00000c63b7300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.597292]  fff00000c63b7380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.597334] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zGr6Ce6Ri2B5pZnaXSzRDbxhyc

job_id

TEST:linaro@lkft#2zGrALjnpHgW8eWeNu7OhsmdqQI

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zGrALjnpHgW8eWeNu7OhsmdqQI

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zGr7BGRYbYig5LdRleNR5RdPjT/Image.gz
sha256sum	5a02784fbab48390be9171d4f1e523abdd150bc80f088fc7c2fb05b24554e195

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zGr7BGRYbYig5LdRleNR5RdPjT/modules.tar.xz
sha256sum	213360982ceced70a8982889efd2a9532dbadabc32c48aa9381566c7566bb32e

durations

tests

boot	0
kunit	203.39

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   12.969211] ==================================================================
[   12.970066] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   12.970436] Read of size 1 at addr ffff888102bfa001 by task kunit_try_catch/240
[   12.971089] 
[   12.971278] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT(voluntary) 
[   12.971327] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.971365] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.971399] Call Trace:
[   12.971412]  <TASK>
[   12.971431]  dump_stack_lvl+0x73/0xb0
[   12.971463]  print_report+0xd1/0x650
[   12.971486]  ? __virt_addr_valid+0x1db/0x2d0
[   12.971512]  ? mempool_oob_right_helper+0x318/0x380
[   12.971534]  ? kasan_addr_to_slab+0x11/0xa0
[   12.971580]  ? mempool_oob_right_helper+0x318/0x380
[   12.971602]  kasan_report+0x141/0x180
[   12.971623]  ? mempool_oob_right_helper+0x318/0x380
[   12.971650]  __asan_report_load1_noabort+0x18/0x20
[   12.971673]  mempool_oob_right_helper+0x318/0x380
[   12.971696]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   12.971720]  ? __kasan_check_write+0x18/0x20
[   12.971739]  ? __pfx_sched_clock_cpu+0x10/0x10
[   12.971760]  ? irqentry_exit+0x2a/0x60
[   12.971783]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   12.971807]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   12.971831]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   12.971857]  ? __pfx_mempool_kmalloc+0x10/0x10
[   12.971880]  ? __pfx_mempool_kfree+0x10/0x10
[   12.971904]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   12.971929]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   12.971954]  kunit_try_run_case+0x1a5/0x480
[   12.971979]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.972000]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.972024]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.972045]  ? __kthread_parkme+0x82/0x180
[   12.972066]  ? preempt_count_sub+0x50/0x80
[   12.972088]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.972111]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.972133]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.972154]  kthread+0x337/0x6f0
[   12.972173]  ? trace_preempt_on+0x20/0xc0
[   12.972197]  ? __pfx_kthread+0x10/0x10
[   12.972215]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.972235]  ? calculate_sigpending+0x7b/0xa0
[   12.972259]  ? __pfx_kthread+0x10/0x10
[   12.972279]  ret_from_fork+0x116/0x1d0
[   12.972297]  ? __pfx_kthread+0x10/0x10
[   12.972317]  ret_from_fork_asm+0x1a/0x30
[   12.972346]  </TASK>
[   12.972358] 
[   12.984367] The buggy address belongs to the physical page:
[   12.984704] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bf8
[   12.985021] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.985444] flags: 0x200000000000040(head|node=0|zone=2)
[   12.985671] page_type: f8(unknown)
[   12.985849] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.986405] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.986776] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.987066] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.987528] head: 0200000000000002 ffffea00040afe01 00000000ffffffff 00000000ffffffff
[   12.987924] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.988183] page dumped because: kasan: bad access detected
[   12.988487] 
[   12.988608] Memory state around the buggy address:
[   12.988794]  ffff888102bf9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.989201]  ffff888102bf9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.989504] >ffff888102bfa000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.989874]                    ^
[   12.990137]  ffff888102bfa080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.990419]  ffff888102bfa100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.990914] ==================================================================
[   12.938439] ==================================================================
[   12.938936] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   12.939563] Read of size 1 at addr ffff888102ef5d73 by task kunit_try_catch/238
[   12.939948] 
[   12.940051] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT(voluntary) 
[   12.940465] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.940483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.940509] Call Trace:
[   12.940524]  <TASK>
[   12.940544]  dump_stack_lvl+0x73/0xb0
[   12.940579]  print_report+0xd1/0x650
[   12.940604]  ? __virt_addr_valid+0x1db/0x2d0
[   12.940629]  ? mempool_oob_right_helper+0x318/0x380
[   12.940651]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.940672]  ? mempool_oob_right_helper+0x318/0x380
[   12.940694]  kasan_report+0x141/0x180
[   12.940715]  ? mempool_oob_right_helper+0x318/0x380
[   12.940741]  __asan_report_load1_noabort+0x18/0x20
[   12.940766]  mempool_oob_right_helper+0x318/0x380
[   12.940790]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   12.940813]  ? __kasan_check_write+0x18/0x20
[   12.940832]  ? __pfx_sched_clock_cpu+0x10/0x10
[   12.940855]  ? finish_task_switch.isra.0+0x153/0x700
[   12.940880]  mempool_kmalloc_oob_right+0xf2/0x150
[   12.940902]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   12.940929]  ? __pfx_mempool_kmalloc+0x10/0x10
[   12.940952]  ? __pfx_mempool_kfree+0x10/0x10
[   12.940976]  ? __pfx_read_tsc+0x10/0x10
[   12.940998]  ? ktime_get_ts64+0x86/0x230
[   12.941021]  kunit_try_run_case+0x1a5/0x480
[   12.941047]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.941068]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.941092]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.941114]  ? __kthread_parkme+0x82/0x180
[   12.941134]  ? preempt_count_sub+0x50/0x80
[   12.941156]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.941178]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.941201]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.941223]  kthread+0x337/0x6f0
[   12.941242]  ? trace_preempt_on+0x20/0xc0
[   12.941265]  ? __pfx_kthread+0x10/0x10
[   12.941284]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.941304]  ? calculate_sigpending+0x7b/0xa0
[   12.941328]  ? __pfx_kthread+0x10/0x10
[   12.941348]  ret_from_fork+0x116/0x1d0
[   12.941365]  ? __pfx_kthread+0x10/0x10
[   12.941396]  ret_from_fork_asm+0x1a/0x30
[   12.941428]  </TASK>
[   12.941439] 
[   12.954051] Allocated by task 238:
[   12.954252]  kasan_save_stack+0x45/0x70
[   12.954443]  kasan_save_track+0x18/0x40
[   12.954628]  kasan_save_alloc_info+0x3b/0x50
[   12.955153]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   12.955428]  remove_element+0x11e/0x190
[   12.955656]  mempool_alloc_preallocated+0x4d/0x90
[   12.956000]  mempool_oob_right_helper+0x8a/0x380
[   12.956366]  mempool_kmalloc_oob_right+0xf2/0x150
[   12.956624]  kunit_try_run_case+0x1a5/0x480
[   12.956812]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.957240]  kthread+0x337/0x6f0
[   12.957396]  ret_from_fork+0x116/0x1d0
[   12.957596]  ret_from_fork_asm+0x1a/0x30
[   12.957966] 
[   12.958143] The buggy address belongs to the object at ffff888102ef5d00
[   12.958143]  which belongs to the cache kmalloc-128 of size 128
[   12.958734] The buggy address is located 0 bytes to the right of
[   12.958734]  allocated 115-byte region [ffff888102ef5d00, ffff888102ef5d73)
[   12.959315] 
[   12.959504] The buggy address belongs to the physical page:
[   12.959904] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef5
[   12.960554] flags: 0x200000000000000(node=0|zone=2)
[   12.960890] page_type: f5(slab)
[   12.961107] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   12.961428] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.962021] page dumped because: kasan: bad access detected
[   12.962259] 
[   12.962335] Memory state around the buggy address:
[   12.962578]  ffff888102ef5c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   12.963139]  ffff888102ef5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.963521] >ffff888102ef5d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   12.963947]                                                              ^
[   12.964197]  ffff888102ef5d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.964535]  ffff888102ef5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   12.965015] ==================================================================
[   12.994869] ==================================================================
[   12.995431] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   12.995761] Read of size 1 at addr ffff888102f112bb by task kunit_try_catch/242
[   12.996058] 
[   12.996193] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT(voluntary) 
[   12.996241] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.996253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.996298] Call Trace:
[   12.996311]  <TASK>
[   12.996329]  dump_stack_lvl+0x73/0xb0
[   12.996389]  print_report+0xd1/0x650
[   12.996416]  ? __virt_addr_valid+0x1db/0x2d0
[   12.996440]  ? mempool_oob_right_helper+0x318/0x380
[   12.996461]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.996482]  ? mempool_oob_right_helper+0x318/0x380
[   12.996505]  kasan_report+0x141/0x180
[   12.996526]  ? mempool_oob_right_helper+0x318/0x380
[   12.996554]  __asan_report_load1_noabort+0x18/0x20
[   12.996577]  mempool_oob_right_helper+0x318/0x380
[   12.996601]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   12.996622]  ? update_load_avg+0x1be/0x21b0
[   12.996649]  ? finish_task_switch.isra.0+0x153/0x700
[   12.996674]  mempool_slab_oob_right+0xed/0x140
[   12.996720]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   12.996745]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   12.996764]  ? __pfx_mempool_free_slab+0x10/0x10
[   12.996785]  ? __pfx_read_tsc+0x10/0x10
[   12.996805]  ? ktime_get_ts64+0x86/0x230
[   12.996829]  kunit_try_run_case+0x1a5/0x480
[   12.996853]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.996874]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.996916]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.996939]  ? __kthread_parkme+0x82/0x180
[   12.996959]  ? preempt_count_sub+0x50/0x80
[   12.996981]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.997003]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.997026]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.997049]  kthread+0x337/0x6f0
[   12.997068]  ? trace_preempt_on+0x20/0xc0
[   12.997091]  ? __pfx_kthread+0x10/0x10
[   12.997111]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.997132]  ? calculate_sigpending+0x7b/0xa0
[   12.997156]  ? __pfx_kthread+0x10/0x10
[   12.997176]  ret_from_fork+0x116/0x1d0
[   12.997193]  ? __pfx_kthread+0x10/0x10
[   12.997212]  ret_from_fork_asm+0x1a/0x30
[   12.997242]  </TASK>
[   12.997253] 
[   13.006541] Allocated by task 242:
[   13.006738]  kasan_save_stack+0x45/0x70
[   13.006915]  kasan_save_track+0x18/0x40
[   13.007049]  kasan_save_alloc_info+0x3b/0x50
[   13.007194]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   13.007552]  remove_element+0x11e/0x190
[   13.007812]  mempool_alloc_preallocated+0x4d/0x90
[   13.008144]  mempool_oob_right_helper+0x8a/0x380
[   13.008339]  mempool_slab_oob_right+0xed/0x140
[   13.008554]  kunit_try_run_case+0x1a5/0x480
[   13.008700]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.008995]  kthread+0x337/0x6f0
[   13.009195]  ret_from_fork+0x116/0x1d0
[   13.009407]  ret_from_fork_asm+0x1a/0x30
[   13.009622] 
[   13.009741] The buggy address belongs to the object at ffff888102f11240
[   13.009741]  which belongs to the cache test_cache of size 123
[   13.010296] The buggy address is located 0 bytes to the right of
[   13.010296]  allocated 123-byte region [ffff888102f11240, ffff888102f112bb)
[   13.010935] 
[   13.011232] The buggy address belongs to the physical page:
[   13.011464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102f11
[   13.011800] flags: 0x200000000000000(node=0|zone=2)
[   13.012005] page_type: f5(slab)
[   13.012125] raw: 0200000000000000 ffff888101a2cc80 dead000000000122 0000000000000000
[   13.012843] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   13.013250] page dumped because: kasan: bad access detected
[   13.013443] 
[   13.013518] Memory state around the buggy address:
[   13.013692]  ffff888102f11180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.014152]  ffff888102f11200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   13.014691] >ffff888102f11280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   13.014939]                                         ^
[   13.015447]  ffff888102f11300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.015791]  ffff888102f11380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.016309] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zGr6Ce6Ri2B5pZnaXSzRDbxhyc

job_id

TEST:linaro@lkft#2zGrBKAaMqMXfzerKDOguhlxeG5

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zGrBKAaMqMXfzerKDOguhlxeG5

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zGr8I9me2hETTSnuhqzw1ys3Jo/bzImage
sha256sum	166ea90a45c6965d6c837e0dd704bb6700e09c75c0aace06087c5a275b39f58c

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zGr8I9me2hETTSnuhqzw1ys3Jo/modules.tar.xz
sha256sum	e61e1a4b702041c012eeae402a8ee5d6df5446ae660b5e733687269ac5311f1b

durations

tests

boot	0
kunit	234.89

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit