lkft/linux-next-master - next-20250617 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

June 17, 2025, 6:35 a.m.

Environment
qemu-arm64
qemu-x86_64

[   18.897102] ==================================================================
[   18.897183] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   18.897267] Read of size 1 at addr fff00000c748af73 by task kunit_try_catch/230
[   18.897319] 
[   18.897361] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc2-next-20250617 #1 PREEMPT 
[   18.897454] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.897482] Hardware name: linux,dummy-virt (DT)
[   18.897515] Call trace:
[   18.897540]  show_stack+0x20/0x38 (C)
[   18.897602]  dump_stack_lvl+0x8c/0xd0
[   18.897653]  print_report+0x118/0x608
[   18.897703]  kasan_report+0xdc/0x128
[   18.897748]  __asan_report_load1_noabort+0x20/0x30
[   18.897796]  mempool_oob_right_helper+0x2ac/0x2f0
[   18.897846]  mempool_kmalloc_oob_right+0xc4/0x120
[   18.897895]  kunit_try_run_case+0x170/0x3f0
[   18.897959]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.898015]  kthread+0x328/0x630
[   18.898271]  ret_from_fork+0x10/0x20
[   18.898332] 
[   18.898351] Allocated by task 230:
[   18.898383]  kasan_save_stack+0x3c/0x68
[   18.898426]  kasan_save_track+0x20/0x40
[   18.898465]  kasan_save_alloc_info+0x40/0x58
[   18.898502]  __kasan_mempool_unpoison_object+0x11c/0x180
[   18.898547]  remove_element+0x130/0x1f8
[   18.898585]  mempool_alloc_preallocated+0x58/0xc0
[   18.898626]  mempool_oob_right_helper+0x98/0x2f0
[   18.898666]  mempool_kmalloc_oob_right+0xc4/0x120
[   18.898707]  kunit_try_run_case+0x170/0x3f0
[   18.898745]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.898789]  kthread+0x328/0x630
[   18.898822]  ret_from_fork+0x10/0x20
[   18.898859] 
[   18.898879] The buggy address belongs to the object at fff00000c748af00
[   18.898879]  which belongs to the cache kmalloc-128 of size 128
[   18.898956] The buggy address is located 0 bytes to the right of
[   18.898956]  allocated 115-byte region [fff00000c748af00, fff00000c748af73)
[   18.899023] 
[   18.899045] The buggy address belongs to the physical page:
[   18.899081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10748a
[   18.899138] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   18.899191] page_type: f5(slab)
[   18.899236] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   18.899289] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[   18.899331] page dumped because: kasan: bad access detected
[   18.899365] 
[   18.899383] Memory state around the buggy address:
[   18.899419]  fff00000c748ae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   18.899463]  fff00000c748ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.899510] >fff00000c748af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   18.899551]                                                              ^
[   18.899594]  fff00000c748af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.899637]  fff00000c748b000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   18.899677] ==================================================================
[   18.916875] ==================================================================
[   18.922319] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   18.922405] Read of size 1 at addr fff00000c52242bb by task kunit_try_catch/234
[   18.922458] 
[   18.922496] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc2-next-20250617 #1 PREEMPT 
[   18.923110] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.923485] Hardware name: linux,dummy-virt (DT)
[   18.924006] Call trace:
[   18.924042]  show_stack+0x20/0x38 (C)
[   18.924099]  dump_stack_lvl+0x8c/0xd0
[   18.924151]  print_report+0x118/0x608
[   18.924200]  kasan_report+0xdc/0x128
[   18.924247]  __asan_report_load1_noabort+0x20/0x30
[   18.924296]  mempool_oob_right_helper+0x2ac/0x2f0
[   18.924345]  mempool_slab_oob_right+0xc0/0x118
[   18.924393]  kunit_try_run_case+0x170/0x3f0
[   18.925808]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.926157]  kthread+0x328/0x630
[   18.926250]  ret_from_fork+0x10/0x20
[   18.926823] 
[   18.926913] Allocated by task 234:
[   18.927133]  kasan_save_stack+0x3c/0x68
[   18.927348]  kasan_save_track+0x20/0x40
[   18.927392]  kasan_save_alloc_info+0x40/0x58
[   18.927431]  __kasan_mempool_unpoison_object+0xbc/0x180
[   18.928364]  remove_element+0x16c/0x1f8
[   18.928692]  mempool_alloc_preallocated+0x58/0xc0
[   18.928748]  mempool_oob_right_helper+0x98/0x2f0
[   18.929017]  mempool_slab_oob_right+0xc0/0x118
[   18.929395]  kunit_try_run_case+0x170/0x3f0
[   18.929939]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.929998]  kthread+0x328/0x630
[   18.930250]  ret_from_fork+0x10/0x20
[   18.930752] 
[   18.930782] The buggy address belongs to the object at fff00000c5224240
[   18.930782]  which belongs to the cache test_cache of size 123
[   18.930978] The buggy address is located 0 bytes to the right of
[   18.930978]  allocated 123-byte region [fff00000c5224240, fff00000c52242bb)
[   18.931151] 
[   18.931190] The buggy address belongs to the physical page:
[   18.931223] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105224
[   18.931283] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   18.932047] page_type: f5(slab)
[   18.932106] raw: 0bfffe0000000000 fff00000c115da00 dead000000000122 0000000000000000
[   18.932597] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   18.932840] page dumped because: kasan: bad access detected
[   18.933211] 
[   18.933398] Memory state around the buggy address:
[   18.933518]  fff00000c5224180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   18.933847]  fff00000c5224200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   18.933907] >fff00000c5224280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   18.933956]                                         ^
[   18.933993]  fff00000c5224300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.934035]  fff00000c5224380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.934075] ==================================================================
[   18.905371] ==================================================================
[   18.905430] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   18.905488] Read of size 1 at addr fff00000c5252001 by task kunit_try_catch/232
[   18.905538] 
[   18.905578] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc2-next-20250617 #1 PREEMPT 
[   18.905669] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.905697] Hardware name: linux,dummy-virt (DT)
[   18.905746] Call trace:
[   18.905771]  show_stack+0x20/0x38 (C)
[   18.905823]  dump_stack_lvl+0x8c/0xd0
[   18.905922]  print_report+0x118/0x608
[   18.905990]  kasan_report+0xdc/0x128
[   18.906034]  __asan_report_load1_noabort+0x20/0x30
[   18.906096]  mempool_oob_right_helper+0x2ac/0x2f0
[   18.906215]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   18.906342]  kunit_try_run_case+0x170/0x3f0
[   18.906392]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.906444]  kthread+0x328/0x630
[   18.906498]  ret_from_fork+0x10/0x20
[   18.906658] 
[   18.906723] The buggy address belongs to the physical page:
[   18.906794] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105250
[   18.906852] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   18.906899] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   18.907002] page_type: f8(unknown)
[   18.907058] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   18.907109] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   18.907176] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   18.907225] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   18.907275] head: 0bfffe0000000002 ffffc1ffc3149401 00000000ffffffff 00000000ffffffff
[   18.907324] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   18.907364] page dumped because: kasan: bad access detected
[   18.907396] 
[   18.907414] Memory state around the buggy address:
[   18.907445]  fff00000c5251f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   18.907488]  fff00000c5251f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   18.907532] >fff00000c5252000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   18.907571]                    ^
[   18.907600]  fff00000c5252080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   18.907643]  fff00000c5252100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   18.907682] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2ycmAbKpM2fPU7JFlL3VFcggZyX

job_id

TEST:linaro@lkft#2ycmGBohWgwDt0q1MSJxRxJ46Gq

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2ycmGBohWgwDt0q1MSJxRxJ46Gq

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ycmC5EhW3BM1tkjhYaNQdm2b7j/Image.gz
sha256sum	0e75f247fcfca828bae2c74673e3187b2cb142639542a20241767255dd2a989b

rootfs

url	https://storage.tuxboot.com/debian/20250605/trixie/arm64/rootfs.ext4.xz
sha256sum	905f5619346e1db164ac162d2472afab1c1502c840ccd8eb365c2a644148903b

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ycmC5EhW3BM1tkjhYaNQdm2b7j/modules.tar.xz
sha256sum	18ad61734b8ac92476de265f77917a21b448a5c78baec17abc62599dfb00aad0

durations

tests

boot	0
kunit	171.74

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   19.944360] ==================================================================
[   19.945419] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   19.946084] Read of size 1 at addr ffff888100ab8873 by task kunit_try_catch/248
[   19.946888] 
[   19.947128] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc2-next-20250617 #1 PREEMPT(voluntary) 
[   19.947431] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.947469] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   19.947531] Call Trace:
[   19.947580]  <TASK>
[   19.947633]  dump_stack_lvl+0x73/0xb0
[   19.947767]  print_report+0xd1/0x650
[   19.947863]  ? __virt_addr_valid+0x1db/0x2d0
[   19.947942]  ? mempool_oob_right_helper+0x318/0x380
[   19.948014]  ? kasan_complete_mode_report_info+0x2a/0x200
[   19.948085]  ? mempool_oob_right_helper+0x318/0x380
[   19.948159]  kasan_report+0x141/0x180
[   19.948233]  ? mempool_oob_right_helper+0x318/0x380
[   19.948320]  __asan_report_load1_noabort+0x18/0x20
[   19.948380]  mempool_oob_right_helper+0x318/0x380
[   19.948418]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   19.948455]  ? __pfx_sched_clock_cpu+0x10/0x10
[   19.948487]  ? finish_task_switch.isra.0+0x153/0x700
[   19.948524]  mempool_kmalloc_oob_right+0xf2/0x150
[   19.948557]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   19.948593]  ? __pfx_mempool_kmalloc+0x10/0x10
[   19.948627]  ? __pfx_mempool_kfree+0x10/0x10
[   19.948660]  ? __pfx_read_tsc+0x10/0x10
[   19.948691]  ? ktime_get_ts64+0x86/0x230
[   19.948724]  kunit_try_run_case+0x1a5/0x480
[   19.948760]  ? __pfx_kunit_try_run_case+0x10/0x10
[   19.948792]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   19.948821]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   19.948891]  ? __kthread_parkme+0x82/0x180
[   19.948922]  ? preempt_count_sub+0x50/0x80
[   19.948955]  ? __pfx_kunit_try_run_case+0x10/0x10
[   19.948988]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   19.949019]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   19.949052]  kthread+0x337/0x6f0
[   19.949079]  ? trace_preempt_on+0x20/0xc0
[   19.949112]  ? __pfx_kthread+0x10/0x10
[   19.949140]  ? _raw_spin_unlock_irq+0x47/0x80
[   19.949174]  ? calculate_sigpending+0x7b/0xa0
[   19.949208]  ? __pfx_kthread+0x10/0x10
[   19.949272]  ret_from_fork+0x116/0x1d0
[   19.949340]  ? __pfx_kthread+0x10/0x10
[   19.949400]  ret_from_fork_asm+0x1a/0x30
[   19.949446]  </TASK>
[   19.949464] 
[   19.969607] Allocated by task 248:
[   19.970269]  kasan_save_stack+0x45/0x70
[   19.970985]  kasan_save_track+0x18/0x40
[   19.971787]  kasan_save_alloc_info+0x3b/0x50
[   19.972199]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   19.972944]  remove_element+0x11e/0x190
[   19.973488]  mempool_alloc_preallocated+0x4d/0x90
[   19.973933]  mempool_oob_right_helper+0x8a/0x380
[   19.974447]  mempool_kmalloc_oob_right+0xf2/0x150
[   19.974902]  kunit_try_run_case+0x1a5/0x480
[   19.975490]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   19.976010]  kthread+0x337/0x6f0
[   19.976508]  ret_from_fork+0x116/0x1d0
[   19.976927]  ret_from_fork_asm+0x1a/0x30
[   19.977453] 
[   19.977632] The buggy address belongs to the object at ffff888100ab8800
[   19.977632]  which belongs to the cache kmalloc-128 of size 128
[   19.978670] The buggy address is located 0 bytes to the right of
[   19.978670]  allocated 115-byte region [ffff888100ab8800, ffff888100ab8873)
[   19.979908] 
[   19.980103] The buggy address belongs to the physical page:
[   19.980615] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ab8
[   19.981529] flags: 0x200000000000000(node=0|zone=2)
[   19.981939] page_type: f5(slab)
[   19.982468] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   19.983051] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   19.983737] page dumped because: kasan: bad access detected
[   19.984519] 
[   19.984701] Memory state around the buggy address:
[   19.985155]  ffff888100ab8700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   19.985785]  ffff888100ab8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.986762] >ffff888100ab8800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   19.987253]                                                              ^
[   19.988061]  ffff888100ab8880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.988821]  ffff888100ab8900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   19.989513] ==================================================================
[   19.995947] ==================================================================
[   19.997053] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   19.997811] Read of size 1 at addr ffff888103886001 by task kunit_try_catch/250
[   19.998536] 
[   19.998805] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc2-next-20250617 #1 PREEMPT(voluntary) 
[   19.998953] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.998993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   19.999052] Call Trace:
[   19.999090]  <TASK>
[   19.999135]  dump_stack_lvl+0x73/0xb0
[   19.999377]  print_report+0xd1/0x650
[   19.999467]  ? __virt_addr_valid+0x1db/0x2d0
[   19.999552]  ? mempool_oob_right_helper+0x318/0x380
[   19.999629]  ? kasan_addr_to_slab+0x11/0xa0
[   19.999732]  ? mempool_oob_right_helper+0x318/0x380
[   19.999818]  kasan_report+0x141/0x180
[   19.999909]  ? mempool_oob_right_helper+0x318/0x380
[   19.999995]  __asan_report_load1_noabort+0x18/0x20
[   20.000043]  mempool_oob_right_helper+0x318/0x380
[   20.000081]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   20.000118]  ? __pfx_sched_clock_cpu+0x10/0x10
[   20.000153]  ? finish_task_switch.isra.0+0x153/0x700
[   20.000188]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   20.000251]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   20.000340]  ? __pfx_mempool_kmalloc+0x10/0x10
[   20.000385]  ? __pfx_mempool_kfree+0x10/0x10
[   20.000422]  ? __pfx_read_tsc+0x10/0x10
[   20.000451]  ? ktime_get_ts64+0x86/0x230
[   20.000485]  kunit_try_run_case+0x1a5/0x480
[   20.000520]  ? __pfx_kunit_try_run_case+0x10/0x10
[   20.000553]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   20.000583]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   20.000621]  ? __kthread_parkme+0x82/0x180
[   20.000649]  ? preempt_count_sub+0x50/0x80
[   20.000681]  ? __pfx_kunit_try_run_case+0x10/0x10
[   20.000715]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   20.000746]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   20.000778]  kthread+0x337/0x6f0
[   20.000805]  ? trace_preempt_on+0x20/0xc0
[   20.000862]  ? __pfx_kthread+0x10/0x10
[   20.000894]  ? _raw_spin_unlock_irq+0x47/0x80
[   20.000929]  ? calculate_sigpending+0x7b/0xa0
[   20.000964]  ? __pfx_kthread+0x10/0x10
[   20.000994]  ret_from_fork+0x116/0x1d0
[   20.001021]  ? __pfx_kthread+0x10/0x10
[   20.001049]  ret_from_fork_asm+0x1a/0x30
[   20.001089]  </TASK>
[   20.001104] 
[   20.020149] The buggy address belongs to the physical page:
[   20.021074] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103884
[   20.021660] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.022928] flags: 0x200000000000040(head|node=0|zone=2)
[   20.023690] page_type: f8(unknown)
[   20.024110] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   20.025357] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   20.026652] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   20.027562] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   20.028381] head: 0200000000000002 ffffea00040e2101 00000000ffffffff 00000000ffffffff
[   20.028977] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   20.029500] page dumped because: kasan: bad access detected
[   20.030027] 
[   20.030279] Memory state around the buggy address:
[   20.030899]  ffff888103885f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.031913]  ffff888103885f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.033060] >ffff888103886000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.034400]                    ^
[   20.034881]  ffff888103886080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.035965]  ffff888103886100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.036198] ==================================================================
[   20.044399] ==================================================================
[   20.045320] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   20.046104] Read of size 1 at addr ffff88810383d2bb by task kunit_try_catch/252
[   20.046767] 
[   20.047258] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc2-next-20250617 #1 PREEMPT(voluntary) 
[   20.047535] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.047582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   20.047642] Call Trace:
[   20.047683]  <TASK>
[   20.047728]  dump_stack_lvl+0x73/0xb0
[   20.047823]  print_report+0xd1/0x650
[   20.047922]  ? __virt_addr_valid+0x1db/0x2d0
[   20.048020]  ? mempool_oob_right_helper+0x318/0x380
[   20.048124]  ? kasan_complete_mode_report_info+0x2a/0x200
[   20.048196]  ? mempool_oob_right_helper+0x318/0x380
[   20.048273]  kasan_report+0x141/0x180
[   20.048346]  ? mempool_oob_right_helper+0x318/0x380
[   20.048458]  __asan_report_load1_noabort+0x18/0x20
[   20.048506]  mempool_oob_right_helper+0x318/0x380
[   20.048543]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   20.048582]  ? __pfx_sched_clock_cpu+0x10/0x10
[   20.048615]  ? finish_task_switch.isra.0+0x153/0x700
[   20.048652]  mempool_slab_oob_right+0xed/0x140
[   20.048687]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   20.048725]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   20.048760]  ? __pfx_mempool_free_slab+0x10/0x10
[   20.048796]  ? __pfx_read_tsc+0x10/0x10
[   20.048826]  ? ktime_get_ts64+0x86/0x230
[   20.048890]  kunit_try_run_case+0x1a5/0x480
[   20.048930]  ? __pfx_kunit_try_run_case+0x10/0x10
[   20.048962]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   20.048992]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   20.049029]  ? __kthread_parkme+0x82/0x180
[   20.049057]  ? preempt_count_sub+0x50/0x80
[   20.049088]  ? __pfx_kunit_try_run_case+0x10/0x10
[   20.049120]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   20.049152]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   20.049184]  kthread+0x337/0x6f0
[   20.049212]  ? trace_preempt_on+0x20/0xc0
[   20.049275]  ? __pfx_kthread+0x10/0x10
[   20.049305]  ? _raw_spin_unlock_irq+0x47/0x80
[   20.049341]  ? calculate_sigpending+0x7b/0xa0
[   20.049375]  ? __pfx_kthread+0x10/0x10
[   20.049405]  ret_from_fork+0x116/0x1d0
[   20.049431]  ? __pfx_kthread+0x10/0x10
[   20.049459]  ret_from_fork_asm+0x1a/0x30
[   20.049500]  </TASK>
[   20.049515] 
[   20.064370] Allocated by task 252:
[   20.064623]  kasan_save_stack+0x45/0x70
[   20.064971]  kasan_save_track+0x18/0x40
[   20.065399]  kasan_save_alloc_info+0x3b/0x50
[   20.065882]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   20.066509]  remove_element+0x11e/0x190
[   20.066978]  mempool_alloc_preallocated+0x4d/0x90
[   20.067472]  mempool_oob_right_helper+0x8a/0x380
[   20.068026]  mempool_slab_oob_right+0xed/0x140
[   20.068514]  kunit_try_run_case+0x1a5/0x480
[   20.068891]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   20.069383]  kthread+0x337/0x6f0
[   20.069647]  ret_from_fork+0x116/0x1d0
[   20.069986]  ret_from_fork_asm+0x1a/0x30
[   20.070404] 
[   20.070607] The buggy address belongs to the object at ffff88810383d240
[   20.070607]  which belongs to the cache test_cache of size 123
[   20.071646] The buggy address is located 0 bytes to the right of
[   20.071646]  allocated 123-byte region [ffff88810383d240, ffff88810383d2bb)
[   20.072653] 
[   20.072817] The buggy address belongs to the physical page:
[   20.073908] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10383d
[   20.074628] flags: 0x200000000000000(node=0|zone=2)
[   20.075135] page_type: f5(slab)
[   20.075460] raw: 0200000000000000 ffff888101db3a00 dead000000000122 0000000000000000
[   20.076087] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   20.076767] page dumped because: kasan: bad access detected
[   20.077281] 
[   20.077482] Memory state around the buggy address:
[   20.077959]  ffff88810383d180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   20.078579]  ffff88810383d200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   20.079153] >ffff88810383d280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   20.079683]                                         ^
[   20.080028]  ffff88810383d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.080491]  ffff88810383d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.081046] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2ycmAbKpM2fPU7JFlL3VFcggZyX

job_id

TEST:linaro@lkft#2ycmHIv4OjqzuY4se718cLGQLXs

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2ycmHIv4OjqzuY4se718cLGQLXs

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ycmDNxoP9hdgB9eqatUl05sOIC/bzImage
sha256sum	e8ff53ed1294ecb6e3942f69c9702cf67245fcd535135359b70f78a45efa657a

rootfs

url	https://storage.tuxboot.com/debian/20250605/trixie/amd64/rootfs.ext4.xz
sha256sum	bb36936f45b20f4af35993e582d98e781104116519f71565c7a97bddc546f892

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ycmDNxoP9hdgB9eqatUl05sOIC/modules.tar.xz
sha256sum	4b7f7ee9385141e7d851b6b43f3ef6c0857845282181ddc6cfac1e13c3ff02a7

durations

tests

boot	0
kunit	223.55

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit