lkft/linux-stable-rc-linux-6.15.y - v6.15.7-188-g81bcc8b99854 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

July 22, 2025, 2:40 p.m.

Environment
qemu-arm64
qemu-x86_64

[   19.142052] ==================================================================
[   19.142127] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   19.142203] Read of size 1 at addr fff00000c5b89673 by task kunit_try_catch/223
[   19.142253] 
[   19.142312] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G    B            N  6.15.8-rc1 #1 PREEMPT 
[   19.142399] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.142427] Hardware name: linux,dummy-virt (DT)
[   19.142462] Call trace:
[   19.142488]  show_stack+0x20/0x38 (C)
[   19.142538]  dump_stack_lvl+0x8c/0xd0
[   19.142594]  print_report+0x118/0x5d0
[   19.142637]  kasan_report+0xdc/0x128
[   19.142682]  __asan_report_load1_noabort+0x20/0x30
[   19.142739]  mempool_oob_right_helper+0x2ac/0x2f0
[   19.142787]  mempool_kmalloc_oob_right+0xc4/0x120
[   19.142837]  kunit_try_run_case+0x170/0x3f0
[   19.142888]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.142936]  kthread+0x328/0x630
[   19.142983]  ret_from_fork+0x10/0x20
[   19.143035] 
[   19.143747] Allocated by task 223:
[   19.143783]  kasan_save_stack+0x3c/0x68
[   19.143830]  kasan_save_track+0x20/0x40
[   19.143865]  kasan_save_alloc_info+0x40/0x58
[   19.143906]  __kasan_mempool_unpoison_object+0x11c/0x180
[   19.143946]  remove_element+0x130/0x1f8
[   19.143987]  mempool_alloc_preallocated+0x58/0xc0
[   19.144028]  mempool_oob_right_helper+0x98/0x2f0
[   19.144068]  mempool_kmalloc_oob_right+0xc4/0x120
[   19.144109]  kunit_try_run_case+0x170/0x3f0
[   19.144147]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.144189]  kthread+0x328/0x630
[   19.144224]  ret_from_fork+0x10/0x20
[   19.144258] 
[   19.144278] The buggy address belongs to the object at fff00000c5b89600
[   19.144278]  which belongs to the cache kmalloc-128 of size 128
[   19.144351] The buggy address is located 0 bytes to the right of
[   19.144351]  allocated 115-byte region [fff00000c5b89600, fff00000c5b89673)
[   19.144414] 
[   19.144437] The buggy address belongs to the physical page:
[   19.144470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105b89
[   19.144527] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   19.144582] page_type: f5(slab)
[   19.144624] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   19.144674] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   19.144717] page dumped because: kasan: bad access detected
[   19.144749] 
[   19.144767] Memory state around the buggy address:
[   19.144801]  fff00000c5b89500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   19.144844]  fff00000c5b89580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.144887] >fff00000c5b89600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   19.144925]                                                              ^
[   19.144965]  fff00000c5b89680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.145006]  fff00000c5b89700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   19.145044] ==================================================================
[   19.177783] ==================================================================
[   19.177894] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   19.177956] Read of size 1 at addr fff00000c78f52bb by task kunit_try_catch/227
[   19.178006] 
[   19.178042] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G    B            N  6.15.8-rc1 #1 PREEMPT 
[   19.178124] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.178152] Hardware name: linux,dummy-virt (DT)
[   19.178186] Call trace:
[   19.178208]  show_stack+0x20/0x38 (C)
[   19.178258]  dump_stack_lvl+0x8c/0xd0
[   19.179135]  print_report+0x118/0x5d0
[   19.179217]  kasan_report+0xdc/0x128
[   19.179329]  __asan_report_load1_noabort+0x20/0x30
[   19.179433]  mempool_oob_right_helper+0x2ac/0x2f0
[   19.179543]  mempool_slab_oob_right+0xc0/0x118
[   19.180166]  kunit_try_run_case+0x170/0x3f0
[   19.180251]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.180314]  kthread+0x328/0x630
[   19.180744]  ret_from_fork+0x10/0x20
[   19.180892] 
[   19.180955] Allocated by task 227:
[   19.181002]  kasan_save_stack+0x3c/0x68
[   19.181090]  kasan_save_track+0x20/0x40
[   19.181178]  kasan_save_alloc_info+0x40/0x58
[   19.181302]  __kasan_mempool_unpoison_object+0xbc/0x180
[   19.181372]  remove_element+0x16c/0x1f8
[   19.181480]  mempool_alloc_preallocated+0x58/0xc0
[   19.181524]  mempool_oob_right_helper+0x98/0x2f0
[   19.181594]  mempool_slab_oob_right+0xc0/0x118
[   19.181798]  kunit_try_run_case+0x170/0x3f0
[   19.181837]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.181887]  kthread+0x328/0x630
[   19.181929]  ret_from_fork+0x10/0x20
[   19.181988] 
[   19.182118] The buggy address belongs to the object at fff00000c78f5240
[   19.182118]  which belongs to the cache test_cache of size 123
[   19.182321] The buggy address is located 0 bytes to the right of
[   19.182321]  allocated 123-byte region [fff00000c78f5240, fff00000c78f52bb)
[   19.182419] 
[   19.182529] The buggy address belongs to the physical page:
[   19.182578] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078f5
[   19.182668] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   19.182763] page_type: f5(slab)
[   19.182888] raw: 0bfffe0000000000 fff00000c59713c0 dead000000000122 0000000000000000
[   19.182941] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   19.183036] page dumped because: kasan: bad access detected
[   19.183105] 
[   19.183215] Memory state around the buggy address:
[   19.183304]  fff00000c78f5180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   19.183371]  fff00000c78f5200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   19.183415] >fff00000c78f5280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   19.183753]                                         ^
[   19.183799]  fff00000c78f5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.183928]  fff00000c78f5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   19.184006] ==================================================================
[   19.152135] ==================================================================
[   19.152356] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   19.152428] Read of size 1 at addr fff00000c78de001 by task kunit_try_catch/225
[   19.152501] 
[   19.152536] CPU: 1 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G    B            N  6.15.8-rc1 #1 PREEMPT 
[   19.152629] Tainted: [B]=BAD_PAGE, [N]=TEST
[   19.152655] Hardware name: linux,dummy-virt (DT)
[   19.152687] Call trace:
[   19.152721]  show_stack+0x20/0x38 (C)
[   19.152780]  dump_stack_lvl+0x8c/0xd0
[   19.152837]  print_report+0x118/0x5d0
[   19.152884]  kasan_report+0xdc/0x128
[   19.152927]  __asan_report_load1_noabort+0x20/0x30
[   19.152975]  mempool_oob_right_helper+0x2ac/0x2f0
[   19.153023]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   19.153733]  kunit_try_run_case+0x170/0x3f0
[   19.153820]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   19.153873]  kthread+0x328/0x630
[   19.153921]  ret_from_fork+0x10/0x20
[   19.153968] 
[   19.153989] The buggy address belongs to the physical page:
[   19.154022] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078dc
[   19.154386] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   19.154650] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   19.154846] page_type: f8(unknown)
[   19.154945] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   19.154995] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   19.155067] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   19.155512] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   19.155593] head: 0bfffe0000000002 ffffc1ffc31e3701 00000000ffffffff 00000000ffffffff
[   19.155714] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   19.156019] page dumped because: kasan: bad access detected
[   19.156101] 
[   19.156261] Memory state around the buggy address:
[   19.156682]  fff00000c78ddf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.156929]  fff00000c78ddf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   19.156988] >fff00000c78de000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   19.157327]                    ^
[   19.157431]  fff00000c78de080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   19.157476]  fff00000c78de100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   19.158031] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

30EaRlW1hcZUcAyQauMeYdebh6E

job_id

TEST:linaro@lkft#30EaWVUHqFABEKnxRbofWz5vTxK

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/30EaWVUHqFABEKnxRbofWz5vTxK

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30EaSpJ6ulueMjitAIiYHSdicUo/Image.gz
sha256sum	6f108bf41d35f1fce19b9f3dd48bea0e689f69bd759e1a3761fef3bdacebcbc1

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30EaSpJ6ulueMjitAIiYHSdicUo/modules.tar.xz
sha256sum	076bc5627f64b7f8fa64e90c5d7ade67331e333d4f3c6ec9ca7d6c88fba26e07

durations

tests

boot	0
kunit	199.35

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   12.580543] ==================================================================
[   12.581124] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   12.581447] Read of size 1 at addr ffff888103c9a001 by task kunit_try_catch/243
[   12.581785] 
[   12.581898] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G    B            N  6.15.8-rc1 #1 PREEMPT(voluntary) 
[   12.581991] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.582006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.582028] Call Trace:
[   12.582042]  <TASK>
[   12.582059]  dump_stack_lvl+0x73/0xb0
[   12.582086]  print_report+0xd1/0x610
[   12.582109]  ? __virt_addr_valid+0x1db/0x2d0
[   12.582131]  ? mempool_oob_right_helper+0x318/0x380
[   12.582154]  ? kasan_addr_to_slab+0x11/0xa0
[   12.582176]  ? mempool_oob_right_helper+0x318/0x380
[   12.582200]  kasan_report+0x141/0x180
[   12.582235]  ? mempool_oob_right_helper+0x318/0x380
[   12.582265]  __asan_report_load1_noabort+0x18/0x20
[   12.582286]  mempool_oob_right_helper+0x318/0x380
[   12.582312]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   12.582336]  ? dequeue_entities+0x852/0x1740
[   12.582375]  ? irqentry_exit+0x2a/0x60
[   12.582394]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   12.582417]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   12.582443]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   12.582471]  ? __pfx_mempool_kmalloc+0x10/0x10
[   12.582492]  ? __pfx_mempool_kfree+0x10/0x10
[   12.582512]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   12.582541]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   12.582569]  kunit_try_run_case+0x1a5/0x480
[   12.582590]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.582609]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.582630]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.582654]  ? __kthread_parkme+0x82/0x180
[   12.582716]  ? preempt_count_sub+0x50/0x80
[   12.582746]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.582766]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.582789]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.582812]  kthread+0x337/0x6f0
[   12.582828]  ? trace_preempt_on+0x20/0xc0
[   12.582853]  ? __pfx_kthread+0x10/0x10
[   12.582870]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.582892]  ? calculate_sigpending+0x7b/0xa0
[   12.582914]  ? __pfx_kthread+0x10/0x10
[   12.582932]  ret_from_fork+0x41/0x80
[   12.582953]  ? __pfx_kthread+0x10/0x10
[   12.582971]  ret_from_fork_asm+0x1a/0x30
[   12.583003]  </TASK>
[   12.583013] 
[   12.593806] The buggy address belongs to the physical page:
[   12.594046] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103c98
[   12.594627] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.595079] flags: 0x200000000000040(head|node=0|zone=2)
[   12.595452] page_type: f8(unknown)
[   12.595589] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.596180] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.596801] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.597092] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.597634] head: 0200000000000002 ffffea00040f2601 00000000ffffffff 00000000ffffffff
[   12.598089] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.598432] page dumped because: kasan: bad access detected
[   12.598646] 
[   12.598742] Memory state around the buggy address:
[   12.598930]  ffff888103c99f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.599241]  ffff888103c99f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.599943] >ffff888103c9a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.600203]                    ^
[   12.600391]  ffff888103c9a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.601163]  ffff888103c9a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.601521] ==================================================================
[   12.549576] ==================================================================
[   12.550187] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   12.550628] Read of size 1 at addr ffff88810306ad73 by task kunit_try_catch/241
[   12.551062] 
[   12.551196] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G    B            N  6.15.8-rc1 #1 PREEMPT(voluntary) 
[   12.551256] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.551268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.551290] Call Trace:
[   12.551303]  <TASK>
[   12.551320]  dump_stack_lvl+0x73/0xb0
[   12.551347]  print_report+0xd1/0x610
[   12.551371]  ? __virt_addr_valid+0x1db/0x2d0
[   12.551473]  ? mempool_oob_right_helper+0x318/0x380
[   12.551508]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.551531]  ? mempool_oob_right_helper+0x318/0x380
[   12.551554]  kasan_report+0x141/0x180
[   12.551576]  ? mempool_oob_right_helper+0x318/0x380
[   12.551604]  __asan_report_load1_noabort+0x18/0x20
[   12.551625]  mempool_oob_right_helper+0x318/0x380
[   12.551649]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   12.551712]  ? dequeue_entities+0x852/0x1740
[   12.551747]  ? finish_task_switch.isra.0+0x153/0x700
[   12.551776]  mempool_kmalloc_oob_right+0xf2/0x150
[   12.551801]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   12.551824]  ? dequeue_task_fair+0x166/0x4e0
[   12.551846]  ? __pfx_mempool_kmalloc+0x10/0x10
[   12.551869]  ? __pfx_mempool_kfree+0x10/0x10
[   12.551890]  ? __pfx_read_tsc+0x10/0x10
[   12.551910]  ? ktime_get_ts64+0x86/0x230
[   12.551935]  kunit_try_run_case+0x1a5/0x480
[   12.551956]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.551974]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.551994]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.552018]  ? __kthread_parkme+0x82/0x180
[   12.552038]  ? preempt_count_sub+0x50/0x80
[   12.552062]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.552082]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.552105]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.552128]  kthread+0x337/0x6f0
[   12.552144]  ? trace_preempt_on+0x20/0xc0
[   12.552167]  ? __pfx_kthread+0x10/0x10
[   12.552184]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.552206]  ? calculate_sigpending+0x7b/0xa0
[   12.552240]  ? __pfx_kthread+0x10/0x10
[   12.552258]  ret_from_fork+0x41/0x80
[   12.552278]  ? __pfx_kthread+0x10/0x10
[   12.552295]  ret_from_fork_asm+0x1a/0x30
[   12.552326]  </TASK>
[   12.552336] 
[   12.563848] Allocated by task 241:
[   12.564003]  kasan_save_stack+0x45/0x70
[   12.564376]  kasan_save_track+0x18/0x40
[   12.564557]  kasan_save_alloc_info+0x3b/0x50
[   12.564967]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   12.565237]  remove_element+0x11e/0x190
[   12.565611]  mempool_alloc_preallocated+0x4d/0x90
[   12.565904]  mempool_oob_right_helper+0x8a/0x380
[   12.566112]  mempool_kmalloc_oob_right+0xf2/0x150
[   12.566488]  kunit_try_run_case+0x1a5/0x480
[   12.566684]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.566982]  kthread+0x337/0x6f0
[   12.567136]  ret_from_fork+0x41/0x80
[   12.567303]  ret_from_fork_asm+0x1a/0x30
[   12.567486] 
[   12.567924] The buggy address belongs to the object at ffff88810306ad00
[   12.567924]  which belongs to the cache kmalloc-128 of size 128
[   12.568493] The buggy address is located 0 bytes to the right of
[   12.568493]  allocated 115-byte region [ffff88810306ad00, ffff88810306ad73)
[   12.569203] 
[   12.569421] The buggy address belongs to the physical page:
[   12.569922] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10306a
[   12.570334] flags: 0x200000000000000(node=0|zone=2)
[   12.570580] page_type: f5(slab)
[   12.570949] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   12.571418] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.571804] page dumped because: kasan: bad access detected
[   12.571988] 
[   12.572083] Memory state around the buggy address:
[   12.572325]  ffff88810306ac00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   12.572964]  ffff88810306ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.573370] >ffff88810306ad00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   12.574041]                                                              ^
[   12.574333]  ffff88810306ad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.574620]  ffff88810306ae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   12.575294] ==================================================================
[   12.605398] ==================================================================
[   12.606279] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   12.607004] Read of size 1 at addr ffff8881028c92bb by task kunit_try_catch/245
[   12.607614] 
[   12.607836] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G    B            N  6.15.8-rc1 #1 PREEMPT(voluntary) 
[   12.607883] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.607895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.607915] Call Trace:
[   12.607927]  <TASK>
[   12.607941]  dump_stack_lvl+0x73/0xb0
[   12.607966]  print_report+0xd1/0x610
[   12.607988]  ? __virt_addr_valid+0x1db/0x2d0
[   12.608038]  ? mempool_oob_right_helper+0x318/0x380
[   12.608062]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.608084]  ? mempool_oob_right_helper+0x318/0x380
[   12.608108]  kasan_report+0x141/0x180
[   12.608130]  ? mempool_oob_right_helper+0x318/0x380
[   12.608195]  __asan_report_load1_noabort+0x18/0x20
[   12.608217]  mempool_oob_right_helper+0x318/0x380
[   12.608258]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   12.608286]  ? finish_task_switch.isra.0+0x153/0x700
[   12.608314]  mempool_slab_oob_right+0xed/0x140
[   12.608334]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   12.608371]  ? dequeue_task_fair+0x166/0x4e0
[   12.608395]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   12.608415]  ? __pfx_mempool_free_slab+0x10/0x10
[   12.608437]  ? __pfx_read_tsc+0x10/0x10
[   12.608457]  ? ktime_get_ts64+0x86/0x230
[   12.608483]  kunit_try_run_case+0x1a5/0x480
[   12.608504]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.608521]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.608542]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.608566]  ? __kthread_parkme+0x82/0x180
[   12.608588]  ? preempt_count_sub+0x50/0x80
[   12.608612]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.608632]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.608683]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.608706]  kthread+0x337/0x6f0
[   12.608725]  ? trace_preempt_on+0x20/0xc0
[   12.608748]  ? __pfx_kthread+0x10/0x10
[   12.608765]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.608787]  ? calculate_sigpending+0x7b/0xa0
[   12.608808]  ? __pfx_kthread+0x10/0x10
[   12.608826]  ret_from_fork+0x41/0x80
[   12.608846]  ? __pfx_kthread+0x10/0x10
[   12.608864]  ret_from_fork_asm+0x1a/0x30
[   12.608895]  </TASK>
[   12.608905] 
[   12.623567] Allocated by task 245:
[   12.623948]  kasan_save_stack+0x45/0x70
[   12.624348]  kasan_save_track+0x18/0x40
[   12.624662]  kasan_save_alloc_info+0x3b/0x50
[   12.624992]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   12.625165]  remove_element+0x11e/0x190
[   12.625306]  mempool_alloc_preallocated+0x4d/0x90
[   12.625790]  mempool_oob_right_helper+0x8a/0x380
[   12.626276]  mempool_slab_oob_right+0xed/0x140
[   12.626744]  kunit_try_run_case+0x1a5/0x480
[   12.627159]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.627688]  kthread+0x337/0x6f0
[   12.628004]  ret_from_fork+0x41/0x80
[   12.628298]  ret_from_fork_asm+0x1a/0x30
[   12.628440] 
[   12.628510] The buggy address belongs to the object at ffff8881028c9240
[   12.628510]  which belongs to the cache test_cache of size 123
[   12.629360] The buggy address is located 0 bytes to the right of
[   12.629360]  allocated 123-byte region [ffff8881028c9240, ffff8881028c92bb)
[   12.630739] 
[   12.630901] The buggy address belongs to the physical page:
[   12.631518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1028c9
[   12.632116] flags: 0x200000000000000(node=0|zone=2)
[   12.632290] page_type: f5(slab)
[   12.632421] raw: 0200000000000000 ffff888101db38c0 dead000000000122 0000000000000000
[   12.632643] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   12.633350] page dumped because: kasan: bad access detected
[   12.633966] 
[   12.634157] Memory state around the buggy address:
[   12.634556]  ffff8881028c9180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   12.634940]  ffff8881028c9200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   12.635746] >ffff8881028c9280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   12.635967]                                         ^
[   12.636128]  ffff8881028c9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.636371]  ffff8881028c9380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.636693] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

30EaRlW1hcZUcAyQauMeYdebh6E

job_id

TEST:linaro@lkft#30EaY1yQOqV4JySRXFsKWTVrukm

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/30EaY1yQOqV4JySRXFsKWTVrukm

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30EaTw8uvpYx9tCm3ZICfhNMNnI/bzImage
sha256sum	215211c9ffbc30f7da06e446c23393cbd85dd0dce6cfc2e76dfe983268e0fd6f

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/30EaTw8uvpYx9tCm3ZICfhNMNnI/modules.tar.xz
sha256sum	a7c1adb8beea2d29cd88ecba2f3d585aa904241bd0d61a861fcebc67fa6cd397

durations

tests

boot	0
kunit	220.14

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit