lkft/linux-mainline-master - v6.16-rc6-279-gbf61759db409 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

July 19, 2025, 11:12 p.m.

Environment
qemu-arm64
qemu-x86_64

[   17.249751] ==================================================================
[   17.249808] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   17.249861] Read of size 1 at addr fff00000c78de001 by task kunit_try_catch/223
[   17.250073] 
[   17.250353] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   17.250914] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.251000] Hardware name: linux,dummy-virt (DT)
[   17.251218] Call trace:
[   17.251252]  show_stack+0x20/0x38 (C)
[   17.251304]  dump_stack_lvl+0x8c/0xd0
[   17.251352]  print_report+0x118/0x5d0
[   17.251808]  kasan_report+0xdc/0x128
[   17.251956]  __asan_report_load1_noabort+0x20/0x30
[   17.252016]  mempool_oob_right_helper+0x2ac/0x2f0
[   17.252130]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   17.252247]  kunit_try_run_case+0x170/0x3f0
[   17.252505]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.252569]  kthread+0x328/0x630
[   17.252637]  ret_from_fork+0x10/0x20
[   17.252890] 
[   17.252964] The buggy address belongs to the physical page:
[   17.253217] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078dc
[   17.253284] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.253644] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.254330] page_type: f8(unknown)
[   17.254392] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.254444] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.255066] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.255511] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.255567] head: 0bfffe0000000002 ffffc1ffc31e3701 00000000ffffffff 00000000ffffffff
[   17.255990] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.256062] page dumped because: kasan: bad access detected
[   17.256506] 
[   17.256615] Memory state around the buggy address:
[   17.256802]  fff00000c78ddf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.256958]  fff00000c78ddf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.257410] >fff00000c78de000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.257761]                    ^
[   17.257874]  fff00000c78de080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.258029]  fff00000c78de100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.258294] ==================================================================
[   17.293881] ==================================================================
[   17.293960] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   17.294024] Read of size 1 at addr fff00000c78c92bb by task kunit_try_catch/225
[   17.294074] 
[   17.294113] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   17.294200] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.294227] Hardware name: linux,dummy-virt (DT)
[   17.294260] Call trace:
[   17.294294]  show_stack+0x20/0x38 (C)
[   17.294353]  dump_stack_lvl+0x8c/0xd0
[   17.294542]  print_report+0x118/0x5d0
[   17.294771]  kasan_report+0xdc/0x128
[   17.294976]  __asan_report_load1_noabort+0x20/0x30
[   17.295057]  mempool_oob_right_helper+0x2ac/0x2f0
[   17.295285]  mempool_slab_oob_right+0xc0/0x118
[   17.295338]  kunit_try_run_case+0x170/0x3f0
[   17.295588]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.295727]  kthread+0x328/0x630
[   17.295768]  ret_from_fork+0x10/0x20
[   17.295816] 
[   17.295836] Allocated by task 225:
[   17.295864]  kasan_save_stack+0x3c/0x68
[   17.295905]  kasan_save_track+0x20/0x40
[   17.295941]  kasan_save_alloc_info+0x40/0x58
[   17.295981]  __kasan_mempool_unpoison_object+0xbc/0x180
[   17.296023]  remove_element+0x16c/0x1f8
[   17.296069]  mempool_alloc_preallocated+0x58/0xc0
[   17.296110]  mempool_oob_right_helper+0x98/0x2f0
[   17.296151]  mempool_slab_oob_right+0xc0/0x118
[   17.296191]  kunit_try_run_case+0x170/0x3f0
[   17.296229]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.296273]  kthread+0x328/0x630
[   17.296306]  ret_from_fork+0x10/0x20
[   17.296342] 
[   17.296362] The buggy address belongs to the object at fff00000c78c9240
[   17.296362]  which belongs to the cache test_cache of size 123
[   17.296420] The buggy address is located 0 bytes to the right of
[   17.296420]  allocated 123-byte region [fff00000c78c9240, fff00000c78c92bb)
[   17.296483] 
[   17.296577] The buggy address belongs to the physical page:
[   17.296666] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c9
[   17.296768] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   17.296827] page_type: f5(slab)
[   17.296868] raw: 0bfffe0000000000 fff00000c3e3e500 dead000000000122 0000000000000000
[   17.296918] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   17.297267] page dumped because: kasan: bad access detected
[   17.297305] 
[   17.297322] Memory state around the buggy address:
[   17.297368]  fff00000c78c9180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   17.297411]  fff00000c78c9200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   17.297454] >fff00000c78c9280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   17.297490]                                         ^
[   17.297627]  fff00000c78c9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.297753]  fff00000c78c9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.297791] ==================================================================
[   17.242446] ==================================================================
[   17.242516] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   17.242590] Read of size 1 at addr fff00000c63eb573 by task kunit_try_catch/221
[   17.242643] 
[   17.242703] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   17.242792] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.242821] Hardware name: linux,dummy-virt (DT)
[   17.242856] Call trace:
[   17.242882]  show_stack+0x20/0x38 (C)
[   17.242936]  dump_stack_lvl+0x8c/0xd0
[   17.242986]  print_report+0x118/0x5d0
[   17.243034]  kasan_report+0xdc/0x128
[   17.243084]  __asan_report_load1_noabort+0x20/0x30
[   17.243140]  mempool_oob_right_helper+0x2ac/0x2f0
[   17.243189]  mempool_kmalloc_oob_right+0xc4/0x120
[   17.243239]  kunit_try_run_case+0x170/0x3f0
[   17.243291]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.243343]  kthread+0x328/0x630
[   17.243387]  ret_from_fork+0x10/0x20
[   17.243436] 
[   17.243455] Allocated by task 221:
[   17.243486]  kasan_save_stack+0x3c/0x68
[   17.243529]  kasan_save_track+0x20/0x40
[   17.243567]  kasan_save_alloc_info+0x40/0x58
[   17.243607]  __kasan_mempool_unpoison_object+0x11c/0x180
[   17.243651]  remove_element+0x130/0x1f8
[   17.243699]  mempool_alloc_preallocated+0x58/0xc0
[   17.243738]  mempool_oob_right_helper+0x98/0x2f0
[   17.243779]  mempool_kmalloc_oob_right+0xc4/0x120
[   17.243817]  kunit_try_run_case+0x170/0x3f0
[   17.243967]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.244019]  kthread+0x328/0x630
[   17.244051]  ret_from_fork+0x10/0x20
[   17.244086] 
[   17.244109] The buggy address belongs to the object at fff00000c63eb500
[   17.244109]  which belongs to the cache kmalloc-128 of size 128
[   17.244169] The buggy address is located 0 bytes to the right of
[   17.244169]  allocated 115-byte region [fff00000c63eb500, fff00000c63eb573)
[   17.244236] 
[   17.244259] The buggy address belongs to the physical page:
[   17.244294] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1063eb
[   17.244349] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   17.244403] page_type: f5(slab)
[   17.244444] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   17.244493] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.244536] page dumped because: kasan: bad access detected
[   17.244569] 
[   17.244587] Memory state around the buggy address:
[   17.244622]  fff00000c63eb400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   17.244665]  fff00000c63eb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.244724] >fff00000c63eb500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   17.244763]                                                              ^
[   17.244803]  fff00000c63eb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.244845]  fff00000c63eb600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   17.244884] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

3077J7vjxaIrCX8QJluH30GcStN

job_id

TEST:linaro@lkft#3077NNFJrWWkcAy8IID5ILATusq

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/3077NNFJrWWkcAy8IID5ILATusq

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/3077KHL5N7ukhPBGWT6JKTPmMOH/Image.gz
sha256sum	4fb6bfc3e42cafc0ebb4a145f4b0e856366a60f4ad09bf55eaf187601ba57254

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/3077KHL5N7ukhPBGWT6JKTPmMOH/modules.tar.xz
sha256sum	e970ffe65eabeeb4747aabb09f86153746494bc2902552f8c3f7db6a8fa892c6

durations

tests

boot	0
kunit	180.80

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   13.418336] ==================================================================
[   13.418851] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   13.419240] Read of size 1 at addr ffff888102fd1673 by task kunit_try_catch/238
[   13.419971] 
[   13.420271] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   13.420347] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.420360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.420555] Call Trace:
[   13.420572]  <TASK>
[   13.420591]  dump_stack_lvl+0x73/0xb0
[   13.420626]  print_report+0xd1/0x610
[   13.420649]  ? __virt_addr_valid+0x1db/0x2d0
[   13.420675]  ? mempool_oob_right_helper+0x318/0x380
[   13.420699]  ? kasan_complete_mode_report_info+0x2a/0x200
[   13.420721]  ? mempool_oob_right_helper+0x318/0x380
[   13.420744]  kasan_report+0x141/0x180
[   13.420765]  ? mempool_oob_right_helper+0x318/0x380
[   13.420792]  __asan_report_load1_noabort+0x18/0x20
[   13.420815]  mempool_oob_right_helper+0x318/0x380
[   13.420838]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   13.420862]  ? __kasan_check_write+0x18/0x20
[   13.420881]  ? __pfx_sched_clock_cpu+0x10/0x10
[   13.420903]  ? finish_task_switch.isra.0+0x153/0x700
[   13.420929]  mempool_kmalloc_oob_right+0xf2/0x150
[   13.420951]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   13.420985]  ? __pfx_mempool_kmalloc+0x10/0x10
[   13.421023]  ? __pfx_mempool_kfree+0x10/0x10
[   13.421047]  ? __pfx_read_tsc+0x10/0x10
[   13.421069]  ? ktime_get_ts64+0x86/0x230
[   13.421094]  kunit_try_run_case+0x1a5/0x480
[   13.421120]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.421141]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.421165]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.421187]  ? __kthread_parkme+0x82/0x180
[   13.421208]  ? preempt_count_sub+0x50/0x80
[   13.421230]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.421253]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.421275]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.421297]  kthread+0x337/0x6f0
[   13.421315]  ? trace_preempt_on+0x20/0xc0
[   13.421338]  ? __pfx_kthread+0x10/0x10
[   13.421358]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.421391]  ? calculate_sigpending+0x7b/0xa0
[   13.421415]  ? __pfx_kthread+0x10/0x10
[   13.421435]  ret_from_fork+0x116/0x1d0
[   13.421453]  ? __pfx_kthread+0x10/0x10
[   13.421472]  ret_from_fork_asm+0x1a/0x30
[   13.421505]  </TASK>
[   13.421517] 
[   13.433515] Allocated by task 238:
[   13.433786]  kasan_save_stack+0x45/0x70
[   13.433981]  kasan_save_track+0x18/0x40
[   13.434193]  kasan_save_alloc_info+0x3b/0x50
[   13.434401]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   13.434987]  remove_element+0x11e/0x190
[   13.435280]  mempool_alloc_preallocated+0x4d/0x90
[   13.435704]  mempool_oob_right_helper+0x8a/0x380
[   13.436039]  mempool_kmalloc_oob_right+0xf2/0x150
[   13.436281]  kunit_try_run_case+0x1a5/0x480
[   13.436771]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.437042]  kthread+0x337/0x6f0
[   13.437564]  ret_from_fork+0x116/0x1d0
[   13.437737]  ret_from_fork_asm+0x1a/0x30
[   13.438115] 
[   13.438220] The buggy address belongs to the object at ffff888102fd1600
[   13.438220]  which belongs to the cache kmalloc-128 of size 128
[   13.438972] The buggy address is located 0 bytes to the right of
[   13.438972]  allocated 115-byte region [ffff888102fd1600, ffff888102fd1673)
[   13.439740] 
[   13.439851] The buggy address belongs to the physical page:
[   13.440325] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102fd1
[   13.440693] flags: 0x200000000000000(node=0|zone=2)
[   13.441084] page_type: f5(slab)
[   13.441265] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   13.441863] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   13.442290] page dumped because: kasan: bad access detected
[   13.442778] 
[   13.442892] Memory state around the buggy address:
[   13.443195]  ffff888102fd1500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.443802]  ffff888102fd1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.444147] >ffff888102fd1600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   13.444840]                                                              ^
[   13.445137]  ffff888102fd1680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.445653]  ffff888102fd1700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   13.446119] ==================================================================
[   13.449802] ==================================================================
[   13.450345] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   13.450877] Read of size 1 at addr ffff8881039f6001 by task kunit_try_catch/240
[   13.451185] 
[   13.451280] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   13.451324] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.451336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.451357] Call Trace:
[   13.451369]  <TASK>
[   13.451386]  dump_stack_lvl+0x73/0xb0
[   13.451415]  print_report+0xd1/0x610
[   13.451722]  ? __virt_addr_valid+0x1db/0x2d0
[   13.451747]  ? mempool_oob_right_helper+0x318/0x380
[   13.451769]  ? kasan_addr_to_slab+0x11/0xa0
[   13.451789]  ? mempool_oob_right_helper+0x318/0x380
[   13.451812]  kasan_report+0x141/0x180
[   13.451833]  ? mempool_oob_right_helper+0x318/0x380
[   13.451860]  __asan_report_load1_noabort+0x18/0x20
[   13.451884]  mempool_oob_right_helper+0x318/0x380
[   13.451908]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   13.451930]  ? update_curr+0x5c1/0x810
[   13.451959]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   13.451983]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   13.452020]  ? schedule+0x7c/0x2e0
[   13.452043]  ? __pfx_mempool_kmalloc+0x10/0x10
[   13.452067]  ? __pfx_mempool_kfree+0x10/0x10
[   13.452091]  ? __pfx_read_tsc+0x10/0x10
[   13.452110]  ? ktime_get_ts64+0x86/0x230
[   13.452133]  kunit_try_run_case+0x1a5/0x480
[   13.452159]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.452180]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.452204]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.452226]  ? __kthread_parkme+0x82/0x180
[   13.452247]  ? preempt_count_sub+0x50/0x80
[   13.452270]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.452292]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.452315]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.452338]  kthread+0x337/0x6f0
[   13.452356]  ? trace_preempt_on+0x20/0xc0
[   13.452378]  ? __pfx_kthread+0x10/0x10
[   13.452409]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.452448]  ? calculate_sigpending+0x7b/0xa0
[   13.452471]  ? __pfx_kthread+0x10/0x10
[   13.452492]  ret_from_fork+0x116/0x1d0
[   13.452509]  ? __pfx_kthread+0x10/0x10
[   13.452529]  ret_from_fork_asm+0x1a/0x30
[   13.452559]  </TASK>
[   13.452569] 
[   13.462712] The buggy address belongs to the physical page:
[   13.463045] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4
[   13.463407] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   13.463932] flags: 0x200000000000040(head|node=0|zone=2)
[   13.464209] page_type: f8(unknown)
[   13.464362] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   13.464653] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   13.465087] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   13.465530] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   13.465905] head: 0200000000000002 ffffea00040e7d01 00000000ffffffff 00000000ffffffff
[   13.466257] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   13.466686] page dumped because: kasan: bad access detected
[   13.466880] 
[   13.466970] Memory state around the buggy address:
[   13.467220]  ffff8881039f5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   13.467789]  ffff8881039f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   13.468034] >ffff8881039f6000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   13.468320]                    ^
[   13.468659]  ffff8881039f6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   13.469089]  ffff8881039f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   13.469420] ==================================================================
[   13.475904] ==================================================================
[   13.476478] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   13.477034] Read of size 1 at addr ffff8881039792bb by task kunit_try_catch/242
[   13.477362] 
[   13.477477] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   13.477520] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.477531] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.477552] Call Trace:
[   13.477563]  <TASK>
[   13.477577]  dump_stack_lvl+0x73/0xb0
[   13.477729]  print_report+0xd1/0x610
[   13.477752]  ? __virt_addr_valid+0x1db/0x2d0
[   13.477775]  ? mempool_oob_right_helper+0x318/0x380
[   13.477797]  ? kasan_complete_mode_report_info+0x2a/0x200
[   13.477818]  ? mempool_oob_right_helper+0x318/0x380
[   13.477841]  kasan_report+0x141/0x180
[   13.477862]  ? mempool_oob_right_helper+0x318/0x380
[   13.477889]  __asan_report_load1_noabort+0x18/0x20
[   13.477947]  mempool_oob_right_helper+0x318/0x380
[   13.477995]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   13.478028]  ? update_load_avg+0x1be/0x21b0
[   13.478055]  ? finish_task_switch.isra.0+0x153/0x700
[   13.478080]  mempool_slab_oob_right+0xed/0x140
[   13.478103]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   13.478126]  ? __kasan_check_write+0x18/0x20
[   13.478146]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   13.478170]  ? __pfx_mempool_free_slab+0x10/0x10
[   13.478195]  ? __pfx_read_tsc+0x10/0x10
[   13.478215]  ? ktime_get_ts64+0x86/0x230
[   13.478236]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   13.478261]  kunit_try_run_case+0x1a5/0x480
[   13.478285]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.478309]  ? queued_spin_lock_slowpath+0x116/0xb40
[   13.478334]  ? __kthread_parkme+0x82/0x180
[   13.478353]  ? preempt_count_sub+0x50/0x80
[   13.478430]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.478455]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.478477]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.478499]  kthread+0x337/0x6f0
[   13.478522]  ? trace_preempt_on+0x20/0xc0
[   13.478544]  ? __pfx_kthread+0x10/0x10
[   13.478564]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.478584]  ? calculate_sigpending+0x7b/0xa0
[   13.478607]  ? __pfx_kthread+0x10/0x10
[   13.478628]  ret_from_fork+0x116/0x1d0
[   13.478646]  ? __pfx_kthread+0x10/0x10
[   13.478666]  ret_from_fork_asm+0x1a/0x30
[   13.478697]  </TASK>
[   13.478707] 
[   13.490698] Allocated by task 242:
[   13.490912]  kasan_save_stack+0x45/0x70
[   13.491211]  kasan_save_track+0x18/0x40
[   13.491459]  kasan_save_alloc_info+0x3b/0x50
[   13.492043]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   13.492366]  remove_element+0x11e/0x190
[   13.492794]  mempool_alloc_preallocated+0x4d/0x90
[   13.492987]  mempool_oob_right_helper+0x8a/0x380
[   13.493339]  mempool_slab_oob_right+0xed/0x140
[   13.493800]  kunit_try_run_case+0x1a5/0x480
[   13.494120]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.494491]  kthread+0x337/0x6f0
[   13.494666]  ret_from_fork+0x116/0x1d0
[   13.494846]  ret_from_fork_asm+0x1a/0x30
[   13.495048] 
[   13.495134] The buggy address belongs to the object at ffff888103979240
[   13.495134]  which belongs to the cache test_cache of size 123
[   13.496154] The buggy address is located 0 bytes to the right of
[   13.496154]  allocated 123-byte region [ffff888103979240, ffff8881039792bb)
[   13.497088] 
[   13.497306] The buggy address belongs to the physical page:
[   13.497773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103979
[   13.498327] flags: 0x200000000000000(node=0|zone=2)
[   13.498697] page_type: f5(slab)
[   13.499058] raw: 0200000000000000 ffff888102fd9280 dead000000000122 0000000000000000
[   13.499624] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   13.500217] page dumped because: kasan: bad access detected
[   13.500714] 
[   13.500817] Memory state around the buggy address:
[   13.501243]  ffff888103979180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.501725]  ffff888103979200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   13.502161] >ffff888103979280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   13.502720]                                         ^
[   13.503036]  ffff888103979300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.503509]  ffff888103979380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.503808] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

3077J7vjxaIrCX8QJluH30GcStN

job_id

TEST:linaro@lkft#3077OUKeH4klMzGPpiURQkIkRoq

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/3077OUKeH4klMzGPpiURQkIkRoq

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/3077LSghLJbP9XOf2m9pHR4ulof/bzImage
sha256sum	688f7e44f740c230bc3dd9986a1dcb2217f21e43e087467b257af26e6d1daa91

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/3077LSghLJbP9XOf2m9pHR4ulof/modules.tar.xz
sha256sum	42f1ae1d624ca92b080f0b1da8d82c9161e8e8c5828ad9bdb8670b6bf906480e

durations

tests

boot	0
kunit	203.29

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit