lkft/linux-next-master - next-20250710 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

July 10, 2025, 9:07 a.m.

Environment
qemu-arm64
qemu-x86_64

[   31.543025] ==================================================================
[   31.544086] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   31.544675] Read of size 1 at addr fff00000c9b022bb by task kunit_try_catch/256
[   31.545169] 
[   31.545208] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250710 #1 PREEMPT 
[   31.545428] Tainted: [B]=BAD_PAGE, [N]=TEST
[   31.545684] Hardware name: linux,dummy-virt (DT)
[   31.545724] Call trace:
[   31.545749]  show_stack+0x20/0x38 (C)
[   31.545977]  dump_stack_lvl+0x8c/0xd0
[   31.546255]  print_report+0x118/0x5d0
[   31.546312]  kasan_report+0xdc/0x128
[   31.546592]  __asan_report_load1_noabort+0x20/0x30
[   31.546740]  mempool_oob_right_helper+0x2ac/0x2f0
[   31.547025]  mempool_slab_oob_right+0xc0/0x118
[   31.547241]  kunit_try_run_case+0x170/0x3f0
[   31.547315]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.548237]  kthread+0x328/0x630
[   31.548298]  ret_from_fork+0x10/0x20
[   31.548921] 
[   31.549355] Allocated by task 256:
[   31.549396]  kasan_save_stack+0x3c/0x68
[   31.549474]  kasan_save_track+0x20/0x40
[   31.549892]  kasan_save_alloc_info+0x40/0x58
[   31.549992]  __kasan_mempool_unpoison_object+0xbc/0x180
[   31.550313]  remove_element+0x16c/0x1f8
[   31.550735]  mempool_alloc_preallocated+0x58/0xc0
[   31.550792]  mempool_oob_right_helper+0x98/0x2f0
[   31.550833]  mempool_slab_oob_right+0xc0/0x118
[   31.550874]  kunit_try_run_case+0x170/0x3f0
[   31.550912]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.550959]  kthread+0x328/0x630
[   31.550991]  ret_from_fork+0x10/0x20
[   31.551027] 
[   31.551050] The buggy address belongs to the object at fff00000c9b02240
[   31.551050]  which belongs to the cache test_cache of size 123
[   31.551113] The buggy address is located 0 bytes to the right of
[   31.551113]  allocated 123-byte region [fff00000c9b02240, fff00000c9b022bb)
[   31.551274] 
[   31.551298] The buggy address belongs to the physical page:
[   31.551329] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b02
[   31.551384] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   31.551435] page_type: f5(slab)
[   31.551476] raw: 0bfffe0000000000 fff00000c582fa00 dead000000000122 0000000000000000
[   31.551533] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   31.551575] page dumped because: kasan: bad access detected
[   31.551607] 
[   31.551626] Memory state around the buggy address:
[   31.551658]  fff00000c9b02180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   31.551702]  fff00000c9b02200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   31.551745] >fff00000c9b02280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   31.551784]                                         ^
[   31.551818]  fff00000c9b02300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   31.551861]  fff00000c9b02380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   31.551903] ==================================================================
[   31.508684] ==================================================================
[   31.508755] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   31.508828] Read of size 1 at addr fff00000c9af0873 by task kunit_try_catch/252
[   31.508880] 
[   31.508924] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250710 #1 PREEMPT 
[   31.509016] Tainted: [B]=BAD_PAGE, [N]=TEST
[   31.509046] Hardware name: linux,dummy-virt (DT)
[   31.509080] Call trace:
[   31.509106]  show_stack+0x20/0x38 (C)
[   31.509173]  dump_stack_lvl+0x8c/0xd0
[   31.509222]  print_report+0x118/0x5d0
[   31.509266]  kasan_report+0xdc/0x128
[   31.509307]  __asan_report_load1_noabort+0x20/0x30
[   31.509356]  mempool_oob_right_helper+0x2ac/0x2f0
[   31.509404]  mempool_kmalloc_oob_right+0xc4/0x120
[   31.509453]  kunit_try_run_case+0x170/0x3f0
[   31.509505]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.509558]  kthread+0x328/0x630
[   31.509602]  ret_from_fork+0x10/0x20
[   31.509651] 
[   31.509671] Allocated by task 252:
[   31.509701]  kasan_save_stack+0x3c/0x68
[   31.509744]  kasan_save_track+0x20/0x40
[   31.509782]  kasan_save_alloc_info+0x40/0x58
[   31.509820]  __kasan_mempool_unpoison_object+0x11c/0x180
[   31.509865]  remove_element+0x130/0x1f8
[   31.509903]  mempool_alloc_preallocated+0x58/0xc0
[   31.509944]  mempool_oob_right_helper+0x98/0x2f0
[   31.509983]  mempool_kmalloc_oob_right+0xc4/0x120
[   31.510025]  kunit_try_run_case+0x170/0x3f0
[   31.510063]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.510108]  kthread+0x328/0x630
[   31.510151]  ret_from_fork+0x10/0x20
[   31.510186] 
[   31.510206] The buggy address belongs to the object at fff00000c9af0800
[   31.510206]  which belongs to the cache kmalloc-128 of size 128
[   31.510267] The buggy address is located 0 bytes to the right of
[   31.510267]  allocated 115-byte region [fff00000c9af0800, fff00000c9af0873)
[   31.510336] 
[   31.510358] The buggy address belongs to the physical page:
[   31.510394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109af0
[   31.510449] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   31.510502] page_type: f5(slab)
[   31.510545] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   31.510599] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   31.510642] page dumped because: kasan: bad access detected
[   31.510674] 
[   31.510692] Memory state around the buggy address:
[   31.510743]  fff00000c9af0700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   31.510789]  fff00000c9af0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   31.510834] >fff00000c9af0800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   31.510876]                                                              ^
[   31.510918]  fff00000c9af0880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   31.510962]  fff00000c9af0900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   31.511003] ==================================================================
[   31.525774] ==================================================================
[   31.525836] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   31.526816] Read of size 1 at addr fff00000c9b56001 by task kunit_try_catch/254
[   31.526940] 
[   31.526974] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250710 #1 PREEMPT 
[   31.527063] Tainted: [B]=BAD_PAGE, [N]=TEST
[   31.527244] Hardware name: linux,dummy-virt (DT)
[   31.527765] Call trace:
[   31.527831]  show_stack+0x20/0x38 (C)
[   31.527900]  dump_stack_lvl+0x8c/0xd0
[   31.528109]  print_report+0x118/0x5d0
[   31.528200]  kasan_report+0xdc/0x128
[   31.528263]  __asan_report_load1_noabort+0x20/0x30
[   31.528421]  mempool_oob_right_helper+0x2ac/0x2f0
[   31.528754]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   31.529053]  kunit_try_run_case+0x170/0x3f0
[   31.529259]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   31.529394]  kthread+0x328/0x630
[   31.529767]  ret_from_fork+0x10/0x20
[   31.529967] 
[   31.530474] The buggy address belongs to the physical page:
[   31.530742] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b54
[   31.530815] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   31.530871] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   31.530928] page_type: f8(unknown)
[   31.530969] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   31.531666] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   31.531892] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   31.532183] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   31.532240] head: 0bfffe0000000002 ffffc1ffc326d501 00000000ffffffff 00000000ffffffff
[   31.532337] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   31.532658] page dumped because: kasan: bad access detected
[   31.532924] 
[   31.533601] Memory state around the buggy address:
[   31.533640]  fff00000c9b55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   31.533687]  fff00000c9b55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   31.533731] >fff00000c9b56000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   31.533772]                    ^
[   31.533800]  fff00000c9b56080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   31.533844]  fff00000c9b56100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   31.533885] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zg2XHDetVY6OrHI08Y5wTDVefc

job_id

TEST:linaro@lkft#2zg2bsAOkg3wb79cd8Vo2Ft0I1T

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zg2bsAOkg3wb79cd8Vo2Ft0I1T

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zg2YOg93aKHunllRjksuPjKD6j/Image.gz
sha256sum	3f8bc09ed9f9b9b07dd9347c2471900b9e11e4d06f46c1535963c2786d616931

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zg2YOg93aKHunllRjksuPjKD6j/modules.tar.xz
sha256sum	18d47f695b0cc0ec439f0c595d58fd07556cd744245e3297b23baf9d55fb3bf2

durations

tests

boot	0
kunit	167.18

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   26.564278] ==================================================================
[   26.564929] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   26.565258] Read of size 1 at addr ffff8881060f6001 by task kunit_try_catch/271
[   26.565616] 
[   26.565988] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) 
[   26.566077] Tainted: [B]=BAD_PAGE, [N]=TEST
[   26.566093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   26.566140] Call Trace:
[   26.566154]  <TASK>
[   26.566181]  dump_stack_lvl+0x73/0xb0
[   26.566219]  print_report+0xd1/0x610
[   26.566243]  ? __virt_addr_valid+0x1db/0x2d0
[   26.566269]  ? mempool_oob_right_helper+0x318/0x380
[   26.566295]  ? kasan_addr_to_slab+0x11/0xa0
[   26.566315]  ? mempool_oob_right_helper+0x318/0x380
[   26.566339]  kasan_report+0x141/0x180
[   26.566361]  ? mempool_oob_right_helper+0x318/0x380
[   26.566388]  __asan_report_load1_noabort+0x18/0x20
[   26.566412]  mempool_oob_right_helper+0x318/0x380
[   26.566436]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   26.566461]  ? __kasan_check_write+0x18/0x20
[   26.566592]  ? __pfx_sched_clock_cpu+0x10/0x10
[   26.566621]  ? finish_task_switch.isra.0+0x153/0x700
[   26.566650]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   26.566677]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   26.566722]  ? __pfx_mempool_kmalloc+0x10/0x10
[   26.566747]  ? __pfx_mempool_kfree+0x10/0x10
[   26.566771]  ? __pfx_read_tsc+0x10/0x10
[   26.566797]  ? ktime_get_ts64+0x86/0x230
[   26.566823]  kunit_try_run_case+0x1a5/0x480
[   26.566847]  ? __pfx_kunit_try_run_case+0x10/0x10
[   26.566868]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   26.566892]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   26.566917]  ? __kthread_parkme+0x82/0x180
[   26.566939]  ? preempt_count_sub+0x50/0x80
[   26.566962]  ? __pfx_kunit_try_run_case+0x10/0x10
[   26.566984]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   26.567010]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   26.567035]  kthread+0x337/0x6f0
[   26.567055]  ? trace_preempt_on+0x20/0xc0
[   26.567079]  ? __pfx_kthread+0x10/0x10
[   26.567100]  ? _raw_spin_unlock_irq+0x47/0x80
[   26.567120]  ? calculate_sigpending+0x7b/0xa0
[   26.567145]  ? __pfx_kthread+0x10/0x10
[   26.567170]  ret_from_fork+0x116/0x1d0
[   26.567190]  ? __pfx_kthread+0x10/0x10
[   26.567211]  ret_from_fork_asm+0x1a/0x30
[   26.567245]  </TASK>
[   26.567257] 
[   26.579208] The buggy address belongs to the physical page:
[   26.579474] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060f4
[   26.580043] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   26.580469] flags: 0x200000000000040(head|node=0|zone=2)
[   26.580865] page_type: f8(unknown)
[   26.581033] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   26.581347] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   26.581927] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   26.582250] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   26.582713] head: 0200000000000002 ffffea0004183d01 00000000ffffffff 00000000ffffffff
[   26.583248] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   26.583670] page dumped because: kasan: bad access detected
[   26.584054] 
[   26.584152] Memory state around the buggy address:
[   26.584518]  ffff8881060f5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   26.585016]  ffff8881060f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   26.585392] >ffff8881060f6000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   26.585867]                    ^
[   26.586003]  ffff8881060f6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   26.586319]  ffff8881060f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   26.587003] ==================================================================
[   26.532407] ==================================================================
[   26.532840] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   26.533116] Read of size 1 at addr ffff8881060c3073 by task kunit_try_catch/269
[   26.533386] 
[   26.533489] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) 
[   26.533546] Tainted: [B]=BAD_PAGE, [N]=TEST
[   26.533559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   26.533583] Call Trace:
[   26.533597]  <TASK>
[   26.533618]  dump_stack_lvl+0x73/0xb0
[   26.533651]  print_report+0xd1/0x610
[   26.533676]  ? __virt_addr_valid+0x1db/0x2d0
[   26.534153]  ? mempool_oob_right_helper+0x318/0x380
[   26.534179]  ? kasan_complete_mode_report_info+0x2a/0x200
[   26.534207]  ? mempool_oob_right_helper+0x318/0x380
[   26.534231]  kasan_report+0x141/0x180
[   26.534254]  ? mempool_oob_right_helper+0x318/0x380
[   26.534281]  __asan_report_load1_noabort+0x18/0x20
[   26.534306]  mempool_oob_right_helper+0x318/0x380
[   26.534329]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   26.534354]  ? __kasan_check_write+0x18/0x20
[   26.534379]  ? __pfx_sched_clock_cpu+0x10/0x10
[   26.534403]  ? finish_task_switch.isra.0+0x153/0x700
[   26.534431]  mempool_kmalloc_oob_right+0xf2/0x150
[   26.534454]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   26.534480]  ? __pfx_mempool_kmalloc+0x10/0x10
[   26.535004]  ? __pfx_mempool_kfree+0x10/0x10
[   26.535047]  ? __pfx_read_tsc+0x10/0x10
[   26.535074]  ? ktime_get_ts64+0x86/0x230
[   26.535101]  kunit_try_run_case+0x1a5/0x480
[   26.535128]  ? __pfx_kunit_try_run_case+0x10/0x10
[   26.535150]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   26.535175]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   26.535199]  ? __kthread_parkme+0x82/0x180
[   26.535221]  ? preempt_count_sub+0x50/0x80
[   26.535243]  ? __pfx_kunit_try_run_case+0x10/0x10
[   26.535265]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   26.535291]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   26.535316]  kthread+0x337/0x6f0
[   26.535336]  ? trace_preempt_on+0x20/0xc0
[   26.535361]  ? __pfx_kthread+0x10/0x10
[   26.535382]  ? _raw_spin_unlock_irq+0x47/0x80
[   26.535403]  ? calculate_sigpending+0x7b/0xa0
[   26.535429]  ? __pfx_kthread+0x10/0x10
[   26.535450]  ret_from_fork+0x116/0x1d0
[   26.535471]  ? __pfx_kthread+0x10/0x10
[   26.535491]  ret_from_fork_asm+0x1a/0x30
[   26.535879]  </TASK>
[   26.535894] 
[   26.547378] Allocated by task 269:
[   26.547542]  kasan_save_stack+0x45/0x70
[   26.547694]  kasan_save_track+0x18/0x40
[   26.547838]  kasan_save_alloc_info+0x3b/0x50
[   26.548362]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   26.548955]  remove_element+0x11e/0x190
[   26.549123]  mempool_alloc_preallocated+0x4d/0x90
[   26.549340]  mempool_oob_right_helper+0x8a/0x380
[   26.549762]  mempool_kmalloc_oob_right+0xf2/0x150
[   26.549970]  kunit_try_run_case+0x1a5/0x480
[   26.550182]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   26.550550]  kthread+0x337/0x6f0
[   26.550719]  ret_from_fork+0x116/0x1d0
[   26.550890]  ret_from_fork_asm+0x1a/0x30
[   26.551333] 
[   26.551412] The buggy address belongs to the object at ffff8881060c3000
[   26.551412]  which belongs to the cache kmalloc-128 of size 128
[   26.552188] The buggy address is located 0 bytes to the right of
[   26.552188]  allocated 115-byte region [ffff8881060c3000, ffff8881060c3073)
[   26.552667] 
[   26.552777] The buggy address belongs to the physical page:
[   26.553055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060c3
[   26.553405] flags: 0x200000000000000(node=0|zone=2)
[   26.553601] page_type: f5(slab)
[   26.553736] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   26.554141] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   26.554641] page dumped because: kasan: bad access detected
[   26.555422] 
[   26.555524] Memory state around the buggy address:
[   26.556012]  ffff8881060c2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   26.556315]  ffff8881060c2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   26.556929] >ffff8881060c3000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   26.557307]                                                              ^
[   26.557859]  ffff8881060c3080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   26.558193]  ffff8881060c3100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   26.558683] ==================================================================
[   26.592321] ==================================================================
[   26.593145] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   26.593392] Read of size 1 at addr ffff8881058572bb by task kunit_try_catch/273
[   26.593633] 
[   26.593733] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250710 #1 PREEMPT(voluntary) 
[   26.593784] Tainted: [B]=BAD_PAGE, [N]=TEST
[   26.593796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   26.593820] Call Trace:
[   26.593834]  <TASK>
[   26.593853]  dump_stack_lvl+0x73/0xb0
[   26.593881]  print_report+0xd1/0x610
[   26.593904]  ? __virt_addr_valid+0x1db/0x2d0
[   26.593928]  ? mempool_oob_right_helper+0x318/0x380
[   26.593952]  ? kasan_complete_mode_report_info+0x2a/0x200
[   26.593980]  ? mempool_oob_right_helper+0x318/0x380
[   26.594003]  kasan_report+0x141/0x180
[   26.594024]  ? mempool_oob_right_helper+0x318/0x380
[   26.594051]  __asan_report_load1_noabort+0x18/0x20
[   26.594075]  mempool_oob_right_helper+0x318/0x380
[   26.594099]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   26.594125]  ? __pfx_sched_clock_cpu+0x10/0x10
[   26.594147]  ? finish_task_switch.isra.0+0x153/0x700
[   26.594174]  mempool_slab_oob_right+0xed/0x140
[   26.594198]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   26.594223]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   26.594248]  ? __pfx_mempool_free_slab+0x10/0x10
[   26.594272]  ? __pfx_read_tsc+0x10/0x10
[   26.594294]  ? ktime_get_ts64+0x86/0x230
[   26.594318]  kunit_try_run_case+0x1a5/0x480
[   26.594341]  ? __pfx_kunit_try_run_case+0x10/0x10
[   26.594360]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   26.594383]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   26.594406]  ? __kthread_parkme+0x82/0x180
[   26.594427]  ? preempt_count_sub+0x50/0x80
[   26.594449]  ? __pfx_kunit_try_run_case+0x10/0x10
[   26.594470]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   26.594560]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   26.594590]  kthread+0x337/0x6f0
[   26.594610]  ? trace_preempt_on+0x20/0xc0
[   26.594647]  ? __pfx_kthread+0x10/0x10
[   26.594668]  ? _raw_spin_unlock_irq+0x47/0x80
[   26.594689]  ? calculate_sigpending+0x7b/0xa0
[   26.594722]  ? __pfx_kthread+0x10/0x10
[   26.594744]  ret_from_fork+0x116/0x1d0
[   26.594763]  ? __pfx_kthread+0x10/0x10
[   26.594826]  ret_from_fork_asm+0x1a/0x30
[   26.594858]  </TASK>
[   26.594870] 
[   26.607374] Allocated by task 273:
[   26.607593]  kasan_save_stack+0x45/0x70
[   26.608231]  kasan_save_track+0x18/0x40
[   26.608685]  kasan_save_alloc_info+0x3b/0x50
[   26.609094]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   26.609327]  remove_element+0x11e/0x190
[   26.609526]  mempool_alloc_preallocated+0x4d/0x90
[   26.609762]  mempool_oob_right_helper+0x8a/0x380
[   26.610056]  mempool_slab_oob_right+0xed/0x140
[   26.610390]  kunit_try_run_case+0x1a5/0x480
[   26.610678]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   26.610883]  kthread+0x337/0x6f0
[   26.611321]  ret_from_fork+0x116/0x1d0
[   26.611465]  ret_from_fork_asm+0x1a/0x30
[   26.612187] 
[   26.612287] The buggy address belongs to the object at ffff888105857240
[   26.612287]  which belongs to the cache test_cache of size 123
[   26.612976] The buggy address is located 0 bytes to the right of
[   26.612976]  allocated 123-byte region [ffff888105857240, ffff8881058572bb)
[   26.613734] 
[   26.613903] The buggy address belongs to the physical page:
[   26.614097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105857
[   26.614557] flags: 0x200000000000000(node=0|zone=2)
[   26.614957] page_type: f5(slab)
[   26.615276] raw: 0200000000000000 ffff888101ab3640 dead000000000122 0000000000000000
[   26.615718] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   26.616057] page dumped because: kasan: bad access detected
[   26.616293] 
[   26.616378] Memory state around the buggy address:
[   26.617105]  ffff888105857180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   26.617397]  ffff888105857200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   26.617990] >ffff888105857280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   26.618234]                                         ^
[   26.618479]  ffff888105857300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   26.619058]  ffff888105857380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   26.619319] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zg2XHDetVY6OrHI08Y5wTDVefc

job_id

TEST:linaro@lkft#2zg2chsWj6P6g4Yh42ScAolxoFf

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zg2chsWj6P6g4Yh42ScAolxoFf

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zg2ZQCXMKejwdMDyYW6pznxaZM/bzImage
sha256sum	eb7410b0b69b19788d5882352e576aee30487b33703b12e52517fe201bd88014

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zg2ZQCXMKejwdMDyYW6pznxaZM/modules.tar.xz
sha256sum	c3a441bb14076463ddc241205f7bbeb2eae739a3ece169faa37e10094e3dfd2b

durations

tests

boot	0
kunit	225.15

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit