lkft/linux-next-master - next-20250620 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

June 20, 2025, 12:38 p.m.

Environment
qemu-arm64
qemu-x86_64

[   34.478263] ==================================================================
[   34.478575] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   34.479139] Read of size 1 at addr fff00000c5a992bb by task kunit_try_catch/236
[   34.479681] 
[   34.479779] CPU: 1 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc2-next-20250620 #1 PREEMPT 
[   34.480014] Tainted: [B]=BAD_PAGE, [N]=TEST
[   34.480085] Hardware name: linux,dummy-virt (DT)
[   34.480169] Call trace:
[   34.480227]  show_stack+0x20/0x38 (C)
[   34.481121]  dump_stack_lvl+0x8c/0xd0
[   34.481339]  print_report+0x118/0x608
[   34.481771]  kasan_report+0xdc/0x128
[   34.482317]  __asan_report_load1_noabort+0x20/0x30
[   34.482720]  mempool_oob_right_helper+0x2ac/0x2f0
[   34.483112]  mempool_slab_oob_right+0xc0/0x118
[   34.483408]  kunit_try_run_case+0x170/0x3f0
[   34.483729]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   34.484132]  kthread+0x328/0x630
[   34.484601]  ret_from_fork+0x10/0x20
[   34.484967] 
[   34.485008] Allocated by task 236:
[   34.485065]  kasan_save_stack+0x3c/0x68
[   34.485147]  kasan_save_track+0x20/0x40
[   34.485514]  kasan_save_alloc_info+0x40/0x58
[   34.486109]  __kasan_mempool_unpoison_object+0xbc/0x180
[   34.486262]  remove_element+0x16c/0x1f8
[   34.486362]  mempool_alloc_preallocated+0x58/0xc0
[   34.486461]  mempool_oob_right_helper+0x98/0x2f0
[   34.486567]  mempool_slab_oob_right+0xc0/0x118
[   34.487965]  kunit_try_run_case+0x170/0x3f0
[   34.488379]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   34.488703]  kthread+0x328/0x630
[   34.488813]  ret_from_fork+0x10/0x20
[   34.488902] 
[   34.488946] The buggy address belongs to the object at fff00000c5a99240
[   34.488946]  which belongs to the cache test_cache of size 123
[   34.489071] The buggy address is located 0 bytes to the right of
[   34.489071]  allocated 123-byte region [fff00000c5a99240, fff00000c5a992bb)
[   34.489217] 
[   34.489272] The buggy address belongs to the physical page:
[   34.490266] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a99
[   34.490890] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   34.491262] page_type: f5(slab)
[   34.491490] raw: 0bfffe0000000000 fff00000c59f33c0 dead000000000122 0000000000000000
[   34.492100] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   34.492282] page dumped because: kasan: bad access detected
[   34.492835] 
[   34.492894] Memory state around the buggy address:
[   34.492989]  fff00000c5a99180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   34.493097]  fff00000c5a99200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   34.493212] >fff00000c5a99280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   34.493308]                                         ^
[   34.493410]  fff00000c5a99300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   34.493488]  fff00000c5a99380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   34.493536] ==================================================================
[   34.417345] ==================================================================
[   34.417591] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   34.417738] Read of size 1 at addr fff00000c44dff73 by task kunit_try_catch/232
[   34.417808] 
[   34.417863] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc2-next-20250620 #1 PREEMPT 
[   34.417976] Tainted: [B]=BAD_PAGE, [N]=TEST
[   34.418009] Hardware name: linux,dummy-virt (DT)
[   34.418056] Call trace:
[   34.418090]  show_stack+0x20/0x38 (C)
[   34.418153]  dump_stack_lvl+0x8c/0xd0
[   34.418212]  print_report+0x118/0x608
[   34.418269]  kasan_report+0xdc/0x128
[   34.418323]  __asan_report_load1_noabort+0x20/0x30
[   34.418381]  mempool_oob_right_helper+0x2ac/0x2f0
[   34.418437]  mempool_kmalloc_oob_right+0xc4/0x120
[   34.418492]  kunit_try_run_case+0x170/0x3f0
[   34.418551]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   34.418625]  kthread+0x328/0x630
[   34.418680]  ret_from_fork+0x10/0x20
[   34.418738] 
[   34.418761] Allocated by task 232:
[   34.418797]  kasan_save_stack+0x3c/0x68
[   34.418850]  kasan_save_track+0x20/0x40
[   34.418895]  kasan_save_alloc_info+0x40/0x58
[   34.418944]  __kasan_mempool_unpoison_object+0x11c/0x180
[   34.418996]  remove_element+0x130/0x1f8
[   34.419041]  mempool_alloc_preallocated+0x58/0xc0
[   34.419087]  mempool_oob_right_helper+0x98/0x2f0
[   34.419131]  mempool_kmalloc_oob_right+0xc4/0x120
[   34.419176]  kunit_try_run_case+0x170/0x3f0
[   34.419245]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   34.419298]  kthread+0x328/0x630
[   34.419334]  ret_from_fork+0x10/0x20
[   34.419375] 
[   34.419401] The buggy address belongs to the object at fff00000c44dff00
[   34.419401]  which belongs to the cache kmalloc-128 of size 128
[   34.419495] The buggy address is located 0 bytes to the right of
[   34.419495]  allocated 115-byte region [fff00000c44dff00, fff00000c44dff73)
[   34.419590] 
[   34.419639] The buggy address belongs to the physical page:
[   34.419701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1044df
[   34.419784] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   34.419867] page_type: f5(slab)
[   34.419934] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   34.420008] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[   34.420066] page dumped because: kasan: bad access detected
[   34.420114] 
[   34.420136] Memory state around the buggy address:
[   34.420191]  fff00000c44dfe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   34.420257]  fff00000c44dfe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   34.420358] >fff00000c44dff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   34.420458]                                                              ^
[   34.420541]  fff00000c44dff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   34.420641]  fff00000c44e0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   34.420729] ==================================================================
[   34.449189] ==================================================================
[   34.449389] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   34.449534] Read of size 1 at addr fff00000c5a42001 by task kunit_try_catch/234
[   34.449682] 
[   34.449775] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc2-next-20250620 #1 PREEMPT 
[   34.450004] Tainted: [B]=BAD_PAGE, [N]=TEST
[   34.450071] Hardware name: linux,dummy-virt (DT)
[   34.450144] Call trace:
[   34.450201]  show_stack+0x20/0x38 (C)
[   34.450353]  dump_stack_lvl+0x8c/0xd0
[   34.450505]  print_report+0x118/0x608
[   34.450679]  kasan_report+0xdc/0x128
[   34.450831]  __asan_report_load1_noabort+0x20/0x30
[   34.450994]  mempool_oob_right_helper+0x2ac/0x2f0
[   34.451158]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   34.451279]  kunit_try_run_case+0x170/0x3f0
[   34.451451]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   34.451633]  kthread+0x328/0x630
[   34.451721]  ret_from_fork+0x10/0x20
[   34.451834] 
[   34.451927] The buggy address belongs to the physical page:
[   34.452011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a40
[   34.452141] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   34.452383] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   34.452508] page_type: f8(unknown)
[   34.452565] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   34.452658] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   34.452798] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   34.452927] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   34.453043] head: 0bfffe0000000002 ffffc1ffc3169001 00000000ffffffff 00000000ffffffff
[   34.453135] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   34.453213] page dumped because: kasan: bad access detected
[   34.453301] 
[   34.453345] Memory state around the buggy address:
[   34.453750]  fff00000c5a41f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   34.454090]  fff00000c5a41f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   34.454309] >fff00000c5a42000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   34.454419]                    ^
[   34.454489]  fff00000c5a42080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   34.454595]  fff00000c5a42100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   34.454716] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2ylxeu6IO0JXwDBBfpeBJndyVOz

job_id

TEST:linaro@lkft#2ylxknDmzqBc7l7AJ73lkzQwChd

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2ylxknDmzqBc7l7AJ73lkzQwChd

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ylxgYId6JcqlbNdF5Ou1na1u7V/Image.gz
sha256sum	16e81c2ed2a17916f19db760d3a7c856b75ce2c5efeb6f59660648808e3ea09c

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ylxgYId6JcqlbNdF5Ou1na1u7V/modules.tar.xz
sha256sum	cec40e0efa28ebd64355a818786c4419f9e1a0e9c486afe0449163fd13fe0a7d

durations

tests

boot	0
kunit	348.02

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   27.205958] ==================================================================
[   27.206359] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   27.206596] Read of size 1 at addr ffff888102b06001 by task kunit_try_catch/252
[   27.206753] 
[   27.207049] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc2-next-20250620 #1 PREEMPT(voluntary) 
[   27.207155] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.207173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.207201] Call Trace:
[   27.207220]  <TASK>
[   27.207245]  dump_stack_lvl+0x73/0xb0
[   27.207296]  print_report+0xd1/0x650
[   27.207323]  ? __virt_addr_valid+0x1db/0x2d0
[   27.207354]  ? mempool_oob_right_helper+0x318/0x380
[   27.207381]  ? kasan_addr_to_slab+0x11/0xa0
[   27.207405]  ? mempool_oob_right_helper+0x318/0x380
[   27.207430]  kasan_report+0x141/0x180
[   27.207469]  ? mempool_oob_right_helper+0x318/0x380
[   27.207501]  __asan_report_load1_noabort+0x18/0x20
[   27.207529]  mempool_oob_right_helper+0x318/0x380
[   27.207556]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   27.207585]  ? __pfx_sched_clock_cpu+0x10/0x10
[   27.207613]  ? finish_task_switch.isra.0+0x153/0x700
[   27.207644]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   27.207671]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   27.207734]  ? __pfx_mempool_kmalloc+0x10/0x10
[   27.207780]  ? __pfx_mempool_kfree+0x10/0x10
[   27.207812]  ? __pfx_read_tsc+0x10/0x10
[   27.207841]  ? ktime_get_ts64+0x86/0x230
[   27.207873]  kunit_try_run_case+0x1a5/0x480
[   27.207903]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.207929]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   27.207956]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.207981]  ? __kthread_parkme+0x82/0x180
[   27.208006]  ? preempt_count_sub+0x50/0x80
[   27.208032]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.208061]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.208088]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.208115]  kthread+0x337/0x6f0
[   27.208137]  ? trace_preempt_on+0x20/0xc0
[   27.208183]  ? __pfx_kthread+0x10/0x10
[   27.208207]  ? _raw_spin_unlock_irq+0x47/0x80
[   27.208232]  ? calculate_sigpending+0x7b/0xa0
[   27.208272]  ? __pfx_kthread+0x10/0x10
[   27.208300]  ret_from_fork+0x116/0x1d0
[   27.208324]  ? __pfx_kthread+0x10/0x10
[   27.208370]  ret_from_fork_asm+0x1a/0x30
[   27.208410]  </TASK>
[   27.208426] 
[   27.215619] The buggy address belongs to the physical page:
[   27.216542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b04
[   27.217501] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   27.217740] flags: 0x200000000000040(head|node=0|zone=2)
[   27.217879] page_type: f8(unknown)
[   27.217980] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.218151] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   27.218313] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   27.218489] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   27.218650] head: 0200000000000002 ffffea00040ac101 00000000ffffffff 00000000ffffffff
[   27.218825] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   27.220993] page dumped because: kasan: bad access detected
[   27.221336] 
[   27.221434] Memory state around the buggy address:
[   27.221740]  ffff888102b05f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.222076]  ffff888102b05f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   27.222616] >ffff888102b06000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.222867]                    ^
[   27.223048]  ffff888102b06080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.223509]  ffff888102b06100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   27.224318] ==================================================================
[   27.178998] ==================================================================
[   27.179485] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   27.179795] Read of size 1 at addr ffff888102b17573 by task kunit_try_catch/250
[   27.180143] 
[   27.180579] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc2-next-20250620 #1 PREEMPT(voluntary) 
[   27.180680] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.180697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.180724] Call Trace:
[   27.180743]  <TASK>
[   27.180767]  dump_stack_lvl+0x73/0xb0
[   27.180856]  print_report+0xd1/0x650
[   27.180918]  ? __virt_addr_valid+0x1db/0x2d0
[   27.180952]  ? mempool_oob_right_helper+0x318/0x380
[   27.180991]  ? kasan_complete_mode_report_info+0x2a/0x200
[   27.181050]  ? mempool_oob_right_helper+0x318/0x380
[   27.181076]  kasan_report+0x141/0x180
[   27.181117]  ? mempool_oob_right_helper+0x318/0x380
[   27.181170]  __asan_report_load1_noabort+0x18/0x20
[   27.181200]  mempool_oob_right_helper+0x318/0x380
[   27.181227]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   27.181255]  ? finish_task_switch.isra.0+0x153/0x700
[   27.181286]  mempool_kmalloc_oob_right+0xf2/0x150
[   27.181309]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   27.181337]  ? __pfx_mempool_kmalloc+0x10/0x10
[   27.181363]  ? __pfx_mempool_kfree+0x10/0x10
[   27.181389]  ? __pfx_read_tsc+0x10/0x10
[   27.181414]  ? ktime_get_ts64+0x86/0x230
[   27.181462]  kunit_try_run_case+0x1a5/0x480
[   27.181494]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.181519]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   27.181546]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.181570]  ? __kthread_parkme+0x82/0x180
[   27.181595]  ? preempt_count_sub+0x50/0x80
[   27.181619]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.181643]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.181668]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.181692]  kthread+0x337/0x6f0
[   27.181713]  ? trace_preempt_on+0x20/0xc0
[   27.181741]  ? __pfx_kthread+0x10/0x10
[   27.181764]  ? _raw_spin_unlock_irq+0x47/0x80
[   27.181787]  ? calculate_sigpending+0x7b/0xa0
[   27.181817]  ? __pfx_kthread+0x10/0x10
[   27.181840]  ret_from_fork+0x116/0x1d0
[   27.181862]  ? __pfx_kthread+0x10/0x10
[   27.181885]  ret_from_fork_asm+0x1a/0x30
[   27.181919]  </TASK>
[   27.181932] 
[   27.190877] Allocated by task 250:
[   27.191539]  kasan_save_stack+0x45/0x70
[   27.191716]  kasan_save_track+0x18/0x40
[   27.191947]  kasan_save_alloc_info+0x3b/0x50
[   27.192211]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   27.192587]  remove_element+0x11e/0x190
[   27.192838]  mempool_alloc_preallocated+0x4d/0x90
[   27.192975]  mempool_oob_right_helper+0x8a/0x380
[   27.193200]  mempool_kmalloc_oob_right+0xf2/0x150
[   27.193381]  kunit_try_run_case+0x1a5/0x480
[   27.193510]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.193915]  kthread+0x337/0x6f0
[   27.194116]  ret_from_fork+0x116/0x1d0
[   27.194522]  ret_from_fork_asm+0x1a/0x30
[   27.194796] 
[   27.194909] The buggy address belongs to the object at ffff888102b17500
[   27.194909]  which belongs to the cache kmalloc-128 of size 128
[   27.195185] The buggy address is located 0 bytes to the right of
[   27.195185]  allocated 115-byte region [ffff888102b17500, ffff888102b17573)
[   27.195716] 
[   27.195830] The buggy address belongs to the physical page:
[   27.196001] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b17
[   27.196472] flags: 0x200000000000000(node=0|zone=2)
[   27.196676] page_type: f5(slab)
[   27.196883] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   27.197070] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   27.197691] page dumped because: kasan: bad access detected
[   27.198021] 
[   27.198099] Memory state around the buggy address:
[   27.198245]  ffff888102b17400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   27.198637]  ffff888102b17480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.198873] >ffff888102b17500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   27.199245]                                                              ^
[   27.199635]  ffff888102b17580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.199919]  ffff888102b17600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   27.200233] ==================================================================
[   27.231737] ==================================================================
[   27.232143] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   27.232506] Read of size 1 at addr ffff8881023332bb by task kunit_try_catch/254
[   27.232663] 
[   27.232743] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc2-next-20250620 #1 PREEMPT(voluntary) 
[   27.232806] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.232821] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.232848] Call Trace:
[   27.234461]  <TASK>
[   27.234515]  dump_stack_lvl+0x73/0xb0
[   27.234658]  print_report+0xd1/0x650
[   27.234688]  ? __virt_addr_valid+0x1db/0x2d0
[   27.234717]  ? mempool_oob_right_helper+0x318/0x380
[   27.234743]  ? kasan_complete_mode_report_info+0x2a/0x200
[   27.234774]  ? mempool_oob_right_helper+0x318/0x380
[   27.234799]  kasan_report+0x141/0x180
[   27.234823]  ? mempool_oob_right_helper+0x318/0x380
[   27.234853]  __asan_report_load1_noabort+0x18/0x20
[   27.234880]  mempool_oob_right_helper+0x318/0x380
[   27.234906]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   27.234934]  ? __pfx_sched_clock_cpu+0x10/0x10
[   27.234961]  ? finish_task_switch.isra.0+0x153/0x700
[   27.234990]  mempool_slab_oob_right+0xed/0x140
[   27.235017]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   27.235045]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   27.235073]  ? __pfx_mempool_free_slab+0x10/0x10
[   27.235101]  ? __pfx_read_tsc+0x10/0x10
[   27.235124]  ? ktime_get_ts64+0x86/0x230
[   27.235172]  kunit_try_run_case+0x1a5/0x480
[   27.235202]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.235227]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   27.235254]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.235279]  ? __kthread_parkme+0x82/0x180
[   27.235302]  ? preempt_count_sub+0x50/0x80
[   27.235327]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.235352]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.235378]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.235403]  kthread+0x337/0x6f0
[   27.235425]  ? trace_preempt_on+0x20/0xc0
[   27.235463]  ? __pfx_kthread+0x10/0x10
[   27.235487]  ? _raw_spin_unlock_irq+0x47/0x80
[   27.235511]  ? calculate_sigpending+0x7b/0xa0
[   27.235556]  ? __pfx_kthread+0x10/0x10
[   27.235585]  ret_from_fork+0x116/0x1d0
[   27.235608]  ? __pfx_kthread+0x10/0x10
[   27.235630]  ret_from_fork_asm+0x1a/0x30
[   27.235666]  </TASK>
[   27.235680] 
[   27.250655] Allocated by task 254:
[   27.251082]  kasan_save_stack+0x45/0x70
[   27.251508]  kasan_save_track+0x18/0x40
[   27.251923]  kasan_save_alloc_info+0x3b/0x50
[   27.252276]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   27.253033]  remove_element+0x11e/0x190
[   27.253502]  mempool_alloc_preallocated+0x4d/0x90
[   27.254051]  mempool_oob_right_helper+0x8a/0x380
[   27.254488]  mempool_slab_oob_right+0xed/0x140
[   27.254977]  kunit_try_run_case+0x1a5/0x480
[   27.255187]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.255616]  kthread+0x337/0x6f0
[   27.255854]  ret_from_fork+0x116/0x1d0
[   27.256379]  ret_from_fork_asm+0x1a/0x30
[   27.257349] 
[   27.257709] The buggy address belongs to the object at ffff888102333240
[   27.257709]  which belongs to the cache test_cache of size 123
[   27.258438] The buggy address is located 0 bytes to the right of
[   27.258438]  allocated 123-byte region [ffff888102333240, ffff8881023332bb)
[   27.259312] 
[   27.259530] The buggy address belongs to the physical page:
[   27.259930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102333
[   27.260418] flags: 0x200000000000000(node=0|zone=2)
[   27.261370] page_type: f5(slab)
[   27.261711] raw: 0200000000000000 ffff8881017a3a00 dead000000000122 0000000000000000
[   27.262175] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   27.262774] page dumped because: kasan: bad access detected
[   27.263249] 
[   27.263382] Memory state around the buggy address:
[   27.263791]  ffff888102333180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   27.264392]  ffff888102333200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   27.265400] >ffff888102333280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   27.265963]                                         ^
[   27.266344]  ffff888102333300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.266892]  ffff888102333380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.267351] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2ylxeu6IO0JXwDBBfpeBJndyVOz

job_id

TEST:linaro@lkft#2ylxlwz5RxcyLOfJc85DXMJ1ZHa

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2ylxlwz5RxcyLOfJc85DXMJ1ZHa

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ylxi8VBQbEeX7ahh6RQozQ3qEa/bzImage
sha256sum	45bde6c06931535c0358c3b45a949b96cf4ed89bcf19cfa2091d7ba61a28678f

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2ylxi8VBQbEeX7ahh6RQozQ3qEa/modules.tar.xz
sha256sum	78c646c5a5ca97c0ac59bb4022d308a7d957fff2cd7cba95f35c1aa1de7ed757

durations

tests

boot	0
kunit	261.41

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit