lkft/linux-mainline-master - v6.16-rc6-37-ge2291551827f - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

July 17, 2025, 11:10 a.m.

Environment
qemu-arm64
qemu-x86_64

[   17.408507] ==================================================================
[   17.408590] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   17.408658] Read of size 1 at addr fff00000c786ab73 by task kunit_try_catch/222
[   17.408708] 
[   17.408749] CPU: 0 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   17.408945] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.408975] Hardware name: linux,dummy-virt (DT)
[   17.409021] Call trace:
[   17.409044]  show_stack+0x20/0x38 (C)
[   17.409095]  dump_stack_lvl+0x8c/0xd0
[   17.409143]  print_report+0x118/0x5d0
[   17.409188]  kasan_report+0xdc/0x128
[   17.409232]  __asan_report_load1_noabort+0x20/0x30
[   17.409282]  mempool_oob_right_helper+0x2ac/0x2f0
[   17.409330]  mempool_kmalloc_oob_right+0xc4/0x120
[   17.409375]  kunit_try_run_case+0x170/0x3f0
[   17.409424]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.409475]  kthread+0x328/0x630
[   17.409516]  ret_from_fork+0x10/0x20
[   17.409562] 
[   17.409582] Allocated by task 222:
[   17.409610]  kasan_save_stack+0x3c/0x68
[   17.409649]  kasan_save_track+0x20/0x40
[   17.409689]  kasan_save_alloc_info+0x40/0x58
[   17.409730]  __kasan_mempool_unpoison_object+0x11c/0x180
[   17.409774]  remove_element+0x130/0x1f8
[   17.409814]  mempool_alloc_preallocated+0x58/0xc0
[   17.409855]  mempool_oob_right_helper+0x98/0x2f0
[   17.409897]  mempool_kmalloc_oob_right+0xc4/0x120
[   17.409937]  kunit_try_run_case+0x170/0x3f0
[   17.409974]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.410028]  kthread+0x328/0x630
[   17.410059]  ret_from_fork+0x10/0x20
[   17.410096] 
[   17.410116] The buggy address belongs to the object at fff00000c786ab00
[   17.410116]  which belongs to the cache kmalloc-128 of size 128
[   17.410177] The buggy address is located 0 bytes to the right of
[   17.410177]  allocated 115-byte region [fff00000c786ab00, fff00000c786ab73)
[   17.410242] 
[   17.410262] The buggy address belongs to the physical page:
[   17.410297] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10786a
[   17.410353] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   17.410406] page_type: f5(slab)
[   17.410446] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   17.410497] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.410538] page dumped because: kasan: bad access detected
[   17.410569] 
[   17.410587] Memory state around the buggy address:
[   17.410627]  fff00000c786aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   17.410672]  fff00000c786aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.410716] >fff00000c786ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   17.410756]                                                              ^
[   17.410796]  fff00000c786ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.410839]  fff00000c786ac00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   17.410880] ==================================================================
[   17.461259] ==================================================================
[   17.461344] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   17.461408] Read of size 1 at addr fff00000c65ee2bb by task kunit_try_catch/226
[   17.461461] 
[   17.461496] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   17.461581] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.461609] Hardware name: linux,dummy-virt (DT)
[   17.461641] Call trace:
[   17.461663]  show_stack+0x20/0x38 (C)
[   17.461711]  dump_stack_lvl+0x8c/0xd0
[   17.461759]  print_report+0x118/0x5d0
[   17.461804]  kasan_report+0xdc/0x128
[   17.461851]  __asan_report_load1_noabort+0x20/0x30
[   17.461903]  mempool_oob_right_helper+0x2ac/0x2f0
[   17.461951]  mempool_slab_oob_right+0xc0/0x118
[   17.462012]  kunit_try_run_case+0x170/0x3f0
[   17.462061]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.462114]  kthread+0x328/0x630
[   17.462155]  ret_from_fork+0x10/0x20
[   17.462201] 
[   17.462221] Allocated by task 226:
[   17.462249]  kasan_save_stack+0x3c/0x68
[   17.462291]  kasan_save_track+0x20/0x40
[   17.462327]  kasan_save_alloc_info+0x40/0x58
[   17.462370]  __kasan_mempool_unpoison_object+0xbc/0x180
[   17.462414]  remove_element+0x16c/0x1f8
[   17.462449]  mempool_alloc_preallocated+0x58/0xc0
[   17.462487]  mempool_oob_right_helper+0x98/0x2f0
[   17.462526]  mempool_slab_oob_right+0xc0/0x118
[   17.462566]  kunit_try_run_case+0x170/0x3f0
[   17.462908]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.462956]  kthread+0x328/0x630
[   17.463001]  ret_from_fork+0x10/0x20
[   17.463041] 
[   17.463061] The buggy address belongs to the object at fff00000c65ee240
[   17.463061]  which belongs to the cache test_cache of size 123
[   17.463120] The buggy address is located 0 bytes to the right of
[   17.463120]  allocated 123-byte region [fff00000c65ee240, fff00000c65ee2bb)
[   17.463187] 
[   17.463207] The buggy address belongs to the physical page:
[   17.463241] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1065ee
[   17.463297] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   17.463347] page_type: f5(slab)
[   17.463387] raw: 0bfffe0000000000 fff00000c78a13c0 dead000000000122 0000000000000000
[   17.463445] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   17.463486] page dumped because: kasan: bad access detected
[   17.463517] 
[   17.463536] Memory state around the buggy address:
[   17.463569]  fff00000c65ee180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   17.463613]  fff00000c65ee200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   17.463656] >fff00000c65ee280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   17.463697]                                         ^
[   17.463728]  fff00000c65ee300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.463771]  fff00000c65ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.463810] ==================================================================
[   17.422605] ==================================================================
[   17.422664] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   17.422717] Read of size 1 at addr fff00000c7956001 by task kunit_try_catch/224
[   17.422769] 
[   17.422801] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   17.422885] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.422913] Hardware name: linux,dummy-virt (DT)
[   17.422945] Call trace:
[   17.422997]  show_stack+0x20/0x38 (C)
[   17.423047]  dump_stack_lvl+0x8c/0xd0
[   17.423134]  print_report+0x118/0x5d0
[   17.423380]  kasan_report+0xdc/0x128
[   17.423518]  __asan_report_load1_noabort+0x20/0x30
[   17.423792]  mempool_oob_right_helper+0x2ac/0x2f0
[   17.423910]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   17.424140]  kunit_try_run_case+0x170/0x3f0
[   17.424422]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.424641]  kthread+0x328/0x630
[   17.424683]  ret_from_fork+0x10/0x20
[   17.424816] 
[   17.424836] The buggy address belongs to the physical page:
[   17.424870] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107954
[   17.425060] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.425355] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.425508] page_type: f8(unknown)
[   17.425575] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.425799] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.425935] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.426019] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.426079] head: 0bfffe0000000002 ffffc1ffc31e5501 00000000ffffffff 00000000ffffffff
[   17.426129] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.426217] page dumped because: kasan: bad access detected
[   17.426388] 
[   17.426405] Memory state around the buggy address:
[   17.426466]  fff00000c7955f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.426535]  fff00000c7955f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.426577] >fff00000c7956000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.426616]                    ^
[   17.426682]  fff00000c7956080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.426799]  fff00000c7956100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.426900] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

3003M942ob4BTLEn8Aseea5B8RJ

job_id

TEST:linaro@lkft#3003QRiEnhxBi5vhC0jxaNVXmcS

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/3003QRiEnhxBi5vhC0jxaNVXmcS

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/3003NHs0B68ZGBetkLilYavuDFy/Image.gz
sha256sum	9ef31b16479117b68c0f561eaeaa8823716042fb27d398853ce96cfca127f95e

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/3003NHs0B68ZGBetkLilYavuDFy/modules.tar.xz
sha256sum	6dda0b757b3bcf288fc6551d8e2b1e653bdd9378e1cef459bf5759205275c144

durations

tests

boot	0
kunit	172.15

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   14.464503] ==================================================================
[   14.464978] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   14.465808] Read of size 1 at addr ffff888102a04b73 by task kunit_try_catch/238
[   14.466133] 
[   14.466277] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   14.466342] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.466355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.466378] Call Trace:
[   14.466392]  <TASK>
[   14.466412]  dump_stack_lvl+0x73/0xb0
[   14.466446]  print_report+0xd1/0x610
[   14.466469]  ? __virt_addr_valid+0x1db/0x2d0
[   14.466495]  ? mempool_oob_right_helper+0x318/0x380
[   14.466519]  ? kasan_complete_mode_report_info+0x2a/0x200
[   14.466543]  ? mempool_oob_right_helper+0x318/0x380
[   14.466579]  kasan_report+0x141/0x180
[   14.466601]  ? mempool_oob_right_helper+0x318/0x380
[   14.466630]  __asan_report_load1_noabort+0x18/0x20
[   14.466656]  mempool_oob_right_helper+0x318/0x380
[   14.466681]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   14.466707]  ? __kasan_check_write+0x18/0x20
[   14.466728]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.466752]  ? finish_task_switch.isra.0+0x153/0x700
[   14.466781]  mempool_kmalloc_oob_right+0xf2/0x150
[   14.466805]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   14.466834]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.466860]  ? __pfx_mempool_kfree+0x10/0x10
[   14.466886]  ? __pfx_read_tsc+0x10/0x10
[   14.466909]  ? ktime_get_ts64+0x86/0x230
[   14.466934]  kunit_try_run_case+0x1a5/0x480
[   14.466962]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.466986]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.467013]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.467040]  ? __kthread_parkme+0x82/0x180
[   14.467063]  ? preempt_count_sub+0x50/0x80
[   14.467086]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.467111]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.467136]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.467163]  kthread+0x337/0x6f0
[   14.467182]  ? trace_preempt_on+0x20/0xc0
[   14.467206]  ? __pfx_kthread+0x10/0x10
[   14.467226]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.467404]  ? calculate_sigpending+0x7b/0xa0
[   14.467435]  ? __pfx_kthread+0x10/0x10
[   14.467457]  ret_from_fork+0x116/0x1d0
[   14.467477]  ? __pfx_kthread+0x10/0x10
[   14.467498]  ret_from_fork_asm+0x1a/0x30
[   14.467532]  </TASK>
[   14.467544] 
[   14.480258] Allocated by task 238:
[   14.480674]  kasan_save_stack+0x45/0x70
[   14.481080]  kasan_save_track+0x18/0x40
[   14.481257]  kasan_save_alloc_info+0x3b/0x50
[   14.481800]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   14.482075]  remove_element+0x11e/0x190
[   14.482457]  mempool_alloc_preallocated+0x4d/0x90
[   14.482900]  mempool_oob_right_helper+0x8a/0x380
[   14.483136]  mempool_kmalloc_oob_right+0xf2/0x150
[   14.483547]  kunit_try_run_case+0x1a5/0x480
[   14.483722]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.483903]  kthread+0x337/0x6f0
[   14.484093]  ret_from_fork+0x116/0x1d0
[   14.484282]  ret_from_fork_asm+0x1a/0x30
[   14.484422] 
[   14.484499] The buggy address belongs to the object at ffff888102a04b00
[   14.484499]  which belongs to the cache kmalloc-128 of size 128
[   14.485054] The buggy address is located 0 bytes to the right of
[   14.485054]  allocated 115-byte region [ffff888102a04b00, ffff888102a04b73)
[   14.485430] 
[   14.485502] The buggy address belongs to the physical page:
[   14.486011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a04
[   14.486853] flags: 0x200000000000000(node=0|zone=2)
[   14.487683] page_type: f5(slab)
[   14.487964] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   14.488296] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   14.488525] page dumped because: kasan: bad access detected
[   14.488721] 
[   14.488792] Memory state around the buggy address:
[   14.488952]  ffff888102a04a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.489290]  ffff888102a04a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.489585] >ffff888102a04b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   14.490200]                                                              ^
[   14.490457]  ffff888102a04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.491062]  ffff888102a04c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   14.491360] ==================================================================
[   14.497646] ==================================================================
[   14.498160] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   14.498816] Read of size 1 at addr ffff8881039f6001 by task kunit_try_catch/240
[   14.499214] 
[   14.499385] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   14.499445] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.499457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.499512] Call Trace:
[   14.499525]  <TASK>
[   14.499543]  dump_stack_lvl+0x73/0xb0
[   14.499709]  print_report+0xd1/0x610
[   14.499785]  ? __virt_addr_valid+0x1db/0x2d0
[   14.499845]  ? mempool_oob_right_helper+0x318/0x380
[   14.499892]  ? kasan_addr_to_slab+0x11/0xa0
[   14.499914]  ? mempool_oob_right_helper+0x318/0x380
[   14.499939]  kasan_report+0x141/0x180
[   14.499962]  ? mempool_oob_right_helper+0x318/0x380
[   14.499991]  __asan_report_load1_noabort+0x18/0x20
[   14.500016]  mempool_oob_right_helper+0x318/0x380
[   14.500041]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   14.500073]  ? __kasan_check_write+0x18/0x20
[   14.500093]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.500116]  ? irqentry_exit+0x2a/0x60
[   14.500138]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   14.500165]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   14.500191]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   14.500221]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.500331]  ? __pfx_mempool_kfree+0x10/0x10
[   14.500361]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   14.500391]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   14.500433]  kunit_try_run_case+0x1a5/0x480
[   14.500460]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.500484]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.500510]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.500534]  ? __kthread_parkme+0x82/0x180
[   14.500569]  ? preempt_count_sub+0x50/0x80
[   14.500596]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.500621]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.500647]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.500673]  kthread+0x337/0x6f0
[   14.500692]  ? trace_preempt_on+0x20/0xc0
[   14.500716]  ? __pfx_kthread+0x10/0x10
[   14.500738]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.500760]  ? calculate_sigpending+0x7b/0xa0
[   14.500785]  ? __pfx_kthread+0x10/0x10
[   14.500807]  ret_from_fork+0x116/0x1d0
[   14.500828]  ? __pfx_kthread+0x10/0x10
[   14.500849]  ret_from_fork_asm+0x1a/0x30
[   14.500881]  </TASK>
[   14.500893] 
[   14.510913] The buggy address belongs to the physical page:
[   14.511150] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4
[   14.511740] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   14.512163] flags: 0x200000000000040(head|node=0|zone=2)
[   14.512346] page_type: f8(unknown)
[   14.512475] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.512965] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.513312] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.513850] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.514311] head: 0200000000000002 ffffea00040e7d01 00000000ffffffff 00000000ffffffff
[   14.514698] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   14.515039] page dumped because: kasan: bad access detected
[   14.515439] 
[   14.515541] Memory state around the buggy address:
[   14.515740]  ffff8881039f5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.516029]  ffff8881039f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.516479] >ffff8881039f6000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   14.516713]                    ^
[   14.516881]  ffff8881039f6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   14.517196]  ffff8881039f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   14.517810] ==================================================================
[   14.521419] ==================================================================
[   14.522217] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   14.522478] Read of size 1 at addr ffff8881039b62bb by task kunit_try_catch/242
[   14.522714] 
[   14.522803] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   14.522846] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.522858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.522878] Call Trace:
[   14.522890]  <TASK>
[   14.522905]  dump_stack_lvl+0x73/0xb0
[   14.522936]  print_report+0xd1/0x610
[   14.522958]  ? __virt_addr_valid+0x1db/0x2d0
[   14.522981]  ? mempool_oob_right_helper+0x318/0x380
[   14.523004]  ? kasan_complete_mode_report_info+0x2a/0x200
[   14.523026]  ? mempool_oob_right_helper+0x318/0x380
[   14.523049]  kasan_report+0x141/0x180
[   14.523070]  ? mempool_oob_right_helper+0x318/0x380
[   14.523097]  __asan_report_load1_noabort+0x18/0x20
[   14.523121]  mempool_oob_right_helper+0x318/0x380
[   14.523145]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   14.523171]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.523192]  ? finish_task_switch.isra.0+0x153/0x700
[   14.523218]  mempool_slab_oob_right+0xed/0x140
[   14.523241]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   14.523267]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   14.523292]  ? __pfx_mempool_free_slab+0x10/0x10
[   14.523317]  ? __pfx_read_tsc+0x10/0x10
[   14.523337]  ? ktime_get_ts64+0x86/0x230
[   14.523362]  kunit_try_run_case+0x1a5/0x480
[   14.523388]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.523410]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.523435]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.523459]  ? __kthread_parkme+0x82/0x180
[   14.523479]  ? preempt_count_sub+0x50/0x80
[   14.523503]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.523528]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.523576]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.523601]  kthread+0x337/0x6f0
[   14.523620]  ? trace_preempt_on+0x20/0xc0
[   14.523642]  ? __pfx_kthread+0x10/0x10
[   14.523662]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.523683]  ? calculate_sigpending+0x7b/0xa0
[   14.523707]  ? __pfx_kthread+0x10/0x10
[   14.523728]  ret_from_fork+0x116/0x1d0
[   14.523775]  ? __pfx_kthread+0x10/0x10
[   14.523796]  ret_from_fork_asm+0x1a/0x30
[   14.523827]  </TASK>
[   14.523838] 
[   14.540790] Allocated by task 242:
[   14.541152]  kasan_save_stack+0x45/0x70
[   14.541656]  kasan_save_track+0x18/0x40
[   14.542229]  kasan_save_alloc_info+0x3b/0x50
[   14.542776]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   14.543286]  remove_element+0x11e/0x190
[   14.543815]  mempool_alloc_preallocated+0x4d/0x90
[   14.544135]  mempool_oob_right_helper+0x8a/0x380
[   14.544514]  mempool_slab_oob_right+0xed/0x140
[   14.544963]  kunit_try_run_case+0x1a5/0x480
[   14.545412]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.545832]  kthread+0x337/0x6f0
[   14.545953]  ret_from_fork+0x116/0x1d0
[   14.546083]  ret_from_fork_asm+0x1a/0x30
[   14.546218] 
[   14.546591] The buggy address belongs to the object at ffff8881039b6240
[   14.546591]  which belongs to the cache test_cache of size 123
[   14.547826] The buggy address is located 0 bytes to the right of
[   14.547826]  allocated 123-byte region [ffff8881039b6240, ffff8881039b62bb)
[   14.549100] 
[   14.549176] The buggy address belongs to the physical page:
[   14.549585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b6
[   14.550336] flags: 0x200000000000000(node=0|zone=2)
[   14.550757] page_type: f5(slab)
[   14.550883] raw: 0200000000000000 ffff8881039b4000 dead000000000122 0000000000000000
[   14.551114] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   14.551706] page dumped because: kasan: bad access detected
[   14.552228] 
[   14.552601] Memory state around the buggy address:
[   14.553057]  ffff8881039b6180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.553835]  ffff8881039b6200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   14.554573] >ffff8881039b6280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   14.554897]                                         ^
[   14.555057]  ffff8881039b6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.555319]  ffff8881039b6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.556124] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

3003M942ob4BTLEn8Aseea5B8RJ

job_id

TEST:linaro@lkft#3003RZF7XnQmdPtM5cUiAwKFtCz

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/3003RZF7XnQmdPtM5cUiAwKFtCz

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/3003OTpuRWvyGUlL7jaPEGEgnga/bzImage
sha256sum	9e432f7c2ce284ae4c046a3c28b251bd05c2eeee0552939f78c78f7dfd4e4b62

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/3003OTpuRWvyGUlL7jaPEGEgnga/modules.tar.xz
sha256sum	0463dd5e8a00ad40cd4bcdb9cac1553cc5906788b61bb36c5984bb82fa7d83ab

durations

tests

boot	0
kunit	247.65

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit