lkft/sashal-linus-next - v6.13-rc7-43165-gcfb37db724c4 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

July 3, 2025, 6:13 p.m.

Environment
qemu-arm64
qemu-x86_64

[   18.732757] ==================================================================
[   18.732862] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   18.733096] Read of size 1 at addr fff00000c7936001 by task kunit_try_catch/223
[   18.733263] 
[   18.733362] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   18.733855] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.733942] Hardware name: linux,dummy-virt (DT)
[   18.734453] Call trace:
[   18.734553]  show_stack+0x20/0x38 (C)
[   18.734608]  dump_stack_lvl+0x8c/0xd0
[   18.734652]  print_report+0x118/0x608
[   18.735153]  kasan_report+0xdc/0x128
[   18.735306]  __asan_report_load1_noabort+0x20/0x30
[   18.735356]  mempool_oob_right_helper+0x2ac/0x2f0
[   18.735709]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   18.736049]  kunit_try_run_case+0x170/0x3f0
[   18.736869]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.737482]  kthread+0x328/0x630
[   18.737760]  ret_from_fork+0x10/0x20
[   18.737839] 
[   18.738162] The buggy address belongs to the physical page:
[   18.738196] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107934
[   18.738510] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   18.738820] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   18.739139] page_type: f8(unknown)
[   18.739199] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   18.739433] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   18.739485] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   18.740224] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   18.741045] head: 0bfffe0000000002 ffffc1ffc31e4d01 00000000ffffffff 00000000ffffffff
[   18.741235] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   18.742390] page dumped because: kasan: bad access detected
[   18.742665] 
[   18.742844] Memory state around the buggy address:
[   18.743045]  fff00000c7935f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   18.743396]  fff00000c7935f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   18.743475] >fff00000c7936000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   18.743581]                    ^
[   18.743672]  fff00000c7936080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   18.743733]  fff00000c7936100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   18.743771] ==================================================================
[   18.759272] ==================================================================
[   18.759332] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   18.759382] Read of size 1 at addr fff00000c78d12bb by task kunit_try_catch/225
[   18.760493] 
[   18.760542] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   18.760679] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.760704] Hardware name: linux,dummy-virt (DT)
[   18.760735] Call trace:
[   18.760796]  show_stack+0x20/0x38 (C)
[   18.760847]  dump_stack_lvl+0x8c/0xd0
[   18.761262]  print_report+0x118/0x608
[   18.761342]  kasan_report+0xdc/0x128
[   18.761877]  __asan_report_load1_noabort+0x20/0x30
[   18.762527]  mempool_oob_right_helper+0x2ac/0x2f0
[   18.762940]  mempool_slab_oob_right+0xc0/0x118
[   18.763064]  kunit_try_run_case+0x170/0x3f0
[   18.763112]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.763169]  kthread+0x328/0x630
[   18.763442]  ret_from_fork+0x10/0x20
[   18.763509] 
[   18.763527] Allocated by task 225:
[   18.763556]  kasan_save_stack+0x3c/0x68
[   18.763597]  kasan_save_track+0x20/0x40
[   18.763634]  kasan_save_alloc_info+0x40/0x58
[   18.763818]  __kasan_mempool_unpoison_object+0xbc/0x180
[   18.764314]  remove_element+0x16c/0x1f8
[   18.764544]  mempool_alloc_preallocated+0x58/0xc0
[   18.764588]  mempool_oob_right_helper+0x98/0x2f0
[   18.764889]  mempool_slab_oob_right+0xc0/0x118
[   18.764948]  kunit_try_run_case+0x170/0x3f0
[   18.764985]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.765051]  kthread+0x328/0x630
[   18.765278]  ret_from_fork+0x10/0x20
[   18.765328] 
[   18.765514] The buggy address belongs to the object at fff00000c78d1240
[   18.765514]  which belongs to the cache test_cache of size 123
[   18.765710] The buggy address is located 0 bytes to the right of
[   18.765710]  allocated 123-byte region [fff00000c78d1240, fff00000c78d12bb)
[   18.765830] 
[   18.765982] The buggy address belongs to the physical page:
[   18.766013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d1
[   18.766076] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   18.766126] page_type: f5(slab)
[   18.766166] raw: 0bfffe0000000000 fff00000c3eaec80 dead000000000122 0000000000000000
[   18.766215] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   18.766255] page dumped because: kasan: bad access detected
[   18.766756] 
[   18.766778] Memory state around the buggy address:
[   18.766826]  fff00000c78d1180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   18.767487]  fff00000c78d1200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   18.767748] >fff00000c78d1280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   18.768110]                                         ^
[   18.768232]  fff00000c78d1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.768577]  fff00000c78d1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.768832] ==================================================================
[   18.719356] ==================================================================
[   18.719431] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   18.719500] Read of size 1 at addr fff00000c78c1773 by task kunit_try_catch/221
[   18.719549] 
[   18.719589] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   18.719674] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.719704] Hardware name: linux,dummy-virt (DT)
[   18.719737] Call trace:
[   18.719763]  show_stack+0x20/0x38 (C)
[   18.719814]  dump_stack_lvl+0x8c/0xd0
[   18.719864]  print_report+0x118/0x608
[   18.719910]  kasan_report+0xdc/0x128
[   18.719954]  __asan_report_load1_noabort+0x20/0x30
[   18.720005]  mempool_oob_right_helper+0x2ac/0x2f0
[   18.720066]  mempool_kmalloc_oob_right+0xc4/0x120
[   18.720114]  kunit_try_run_case+0x170/0x3f0
[   18.720163]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.720214]  kthread+0x328/0x630
[   18.720259]  ret_from_fork+0x10/0x20
[   18.720309] 
[   18.720327] Allocated by task 221:
[   18.720357]  kasan_save_stack+0x3c/0x68
[   18.720396]  kasan_save_track+0x20/0x40
[   18.720434]  kasan_save_alloc_info+0x40/0x58
[   18.720478]  __kasan_mempool_unpoison_object+0x11c/0x180
[   18.720521]  remove_element+0x130/0x1f8
[   18.721106]  mempool_alloc_preallocated+0x58/0xc0
[   18.721164]  mempool_oob_right_helper+0x98/0x2f0
[   18.721206]  mempool_kmalloc_oob_right+0xc4/0x120
[   18.721260]  kunit_try_run_case+0x170/0x3f0
[   18.721300]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.721343]  kthread+0x328/0x630
[   18.721374]  ret_from_fork+0x10/0x20
[   18.721410] 
[   18.721432] The buggy address belongs to the object at fff00000c78c1700
[   18.721432]  which belongs to the cache kmalloc-128 of size 128
[   18.721491] The buggy address is located 0 bytes to the right of
[   18.721491]  allocated 115-byte region [fff00000c78c1700, fff00000c78c1773)
[   18.721553] 
[   18.721574] The buggy address belongs to the physical page:
[   18.721607] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078c1
[   18.721661] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   18.721715] page_type: f5(slab)
[   18.721755] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   18.721804] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   18.721845] page dumped because: kasan: bad access detected
[   18.721875] 
[   18.721892] Memory state around the buggy address:
[   18.721926]  fff00000c78c1600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   18.721969]  fff00000c78c1680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.722013] >fff00000c78c1700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   18.722063]                                                              ^
[   18.722103]  fff00000c78c1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   18.722145]  fff00000c78c1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   18.722184] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zNL1O2cp9dmCFBEgSs8WkyJh4y

job_id

TEST:linaro@lkft#2zNL5oRbEmqaoyhMhEOvLzS6IfC

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zNL5oRbEmqaoyhMhEOvLzS6IfC

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zNL2hrVcCo1WcxmghqCiEPqPCd/Image.gz
sha256sum	75bd93f2a9f934a99efc331115dacf43cd61683d1338c69f56928f4e505c4b9f

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zNL2hrVcCo1WcxmghqCiEPqPCd/modules.tar.xz
sha256sum	ba9b1a7bf6af40dbc6b67719635e8125d452a6738f5e6a1c543b4789f281320d

durations

tests

boot	0
kunit	167.82

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   12.839075] ==================================================================
[   12.839921] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   12.840444] Read of size 1 at addr ffff888103328b73 by task kunit_try_catch/239
[   12.840673] 
[   12.841050] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT(voluntary) 
[   12.841140] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.841167] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.841191] Call Trace:
[   12.841203]  <TASK>
[   12.841224]  dump_stack_lvl+0x73/0xb0
[   12.841257]  print_report+0xd1/0x650
[   12.841281]  ? __virt_addr_valid+0x1db/0x2d0
[   12.841307]  ? mempool_oob_right_helper+0x318/0x380
[   12.841329]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.841351]  ? mempool_oob_right_helper+0x318/0x380
[   12.841374]  kasan_report+0x141/0x180
[   12.841395]  ? mempool_oob_right_helper+0x318/0x380
[   12.841422]  __asan_report_load1_noabort+0x18/0x20
[   12.841446]  mempool_oob_right_helper+0x318/0x380
[   12.841470]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   12.841494]  ? __kasan_check_write+0x18/0x20
[   12.841513]  ? __pfx_sched_clock_cpu+0x10/0x10
[   12.841536]  ? finish_task_switch.isra.0+0x153/0x700
[   12.841561]  mempool_kmalloc_oob_right+0xf2/0x150
[   12.841583]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   12.841610]  ? __pfx_mempool_kmalloc+0x10/0x10
[   12.841636]  ? __pfx_mempool_kfree+0x10/0x10
[   12.841659]  ? __pfx_read_tsc+0x10/0x10
[   12.841683]  ? ktime_get_ts64+0x86/0x230
[   12.841708]  kunit_try_run_case+0x1a5/0x480
[   12.841734]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.841756]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.841781]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.841802]  ? __kthread_parkme+0x82/0x180
[   12.841825]  ? preempt_count_sub+0x50/0x80
[   12.841848]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.841871]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.841893]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.841916]  kthread+0x337/0x6f0
[   12.841934]  ? trace_preempt_on+0x20/0xc0
[   12.841963]  ? __pfx_kthread+0x10/0x10
[   12.841983]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.842004]  ? calculate_sigpending+0x7b/0xa0
[   12.842029]  ? __pfx_kthread+0x10/0x10
[   12.842051]  ret_from_fork+0x116/0x1d0
[   12.842068]  ? __pfx_kthread+0x10/0x10
[   12.842088]  ret_from_fork_asm+0x1a/0x30
[   12.842130]  </TASK>
[   12.842142] 
[   12.853129] Allocated by task 239:
[   12.853657]  kasan_save_stack+0x45/0x70
[   12.853852]  kasan_save_track+0x18/0x40
[   12.854006]  kasan_save_alloc_info+0x3b/0x50
[   12.854477]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   12.854727]  remove_element+0x11e/0x190
[   12.854920]  mempool_alloc_preallocated+0x4d/0x90
[   12.855142]  mempool_oob_right_helper+0x8a/0x380
[   12.855609]  mempool_kmalloc_oob_right+0xf2/0x150
[   12.855798]  kunit_try_run_case+0x1a5/0x480
[   12.856134]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.856596]  kthread+0x337/0x6f0
[   12.856852]  ret_from_fork+0x116/0x1d0
[   12.857002]  ret_from_fork_asm+0x1a/0x30
[   12.857397] 
[   12.857811] The buggy address belongs to the object at ffff888103328b00
[   12.857811]  which belongs to the cache kmalloc-128 of size 128
[   12.858519] The buggy address is located 0 bytes to the right of
[   12.858519]  allocated 115-byte region [ffff888103328b00, ffff888103328b73)
[   12.859018] 
[   12.859117] The buggy address belongs to the physical page:
[   12.859730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103328
[   12.860154] flags: 0x200000000000000(node=0|zone=2)
[   12.860333] page_type: f5(slab)
[   12.860461] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   12.860776] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.861135] page dumped because: kasan: bad access detected
[   12.861304] 
[   12.861375] Memory state around the buggy address:
[   12.861535]  ffff888103328a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   12.861750]  ffff888103328a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.861959] >ffff888103328b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   12.862263]                                                              ^
[   12.862469]  ffff888103328b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.862678]  ffff888103328c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   12.864157] ==================================================================
[   12.872486] ==================================================================
[   12.872972] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   12.873570] Read of size 1 at addr ffff888102a12001 by task kunit_try_catch/241
[   12.873863] 
[   12.874139] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT(voluntary) 
[   12.874189] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.874385] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.874410] Call Trace:
[   12.874425]  <TASK>
[   12.874444]  dump_stack_lvl+0x73/0xb0
[   12.874477]  print_report+0xd1/0x650
[   12.874499]  ? __virt_addr_valid+0x1db/0x2d0
[   12.874523]  ? mempool_oob_right_helper+0x318/0x380
[   12.874545]  ? kasan_addr_to_slab+0x11/0xa0
[   12.874565]  ? mempool_oob_right_helper+0x318/0x380
[   12.874587]  kasan_report+0x141/0x180
[   12.874609]  ? mempool_oob_right_helper+0x318/0x380
[   12.874637]  __asan_report_load1_noabort+0x18/0x20
[   12.874661]  mempool_oob_right_helper+0x318/0x380
[   12.874684]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   12.874709]  ? __pfx_sched_clock_cpu+0x10/0x10
[   12.874732]  ? finish_task_switch.isra.0+0x153/0x700
[   12.874757]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   12.874781]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   12.874807]  ? __pfx_mempool_kmalloc+0x10/0x10
[   12.874830]  ? __pfx_mempool_kfree+0x10/0x10
[   12.874854]  ? __pfx_read_tsc+0x10/0x10
[   12.874875]  ? ktime_get_ts64+0x86/0x230
[   12.874897]  kunit_try_run_case+0x1a5/0x480
[   12.874922]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.874943]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.874965]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.874987]  ? __kthread_parkme+0x82/0x180
[   12.875007]  ? preempt_count_sub+0x50/0x80
[   12.875029]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.875051]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.875073]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.875096]  kthread+0x337/0x6f0
[   12.875267]  ? trace_preempt_on+0x20/0xc0
[   12.875294]  ? __pfx_kthread+0x10/0x10
[   12.875322]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.875343]  ? calculate_sigpending+0x7b/0xa0
[   12.875368]  ? __pfx_kthread+0x10/0x10
[   12.875388]  ret_from_fork+0x116/0x1d0
[   12.875406]  ? __pfx_kthread+0x10/0x10
[   12.875425]  ret_from_fork_asm+0x1a/0x30
[   12.875455]  </TASK>
[   12.875468] 
[   12.887605] The buggy address belongs to the physical page:
[   12.887876] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a10
[   12.888460] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.888904] flags: 0x200000000000040(head|node=0|zone=2)
[   12.889403] page_type: f8(unknown)
[   12.889560] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.890043] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.890554] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.890866] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.891284] head: 0200000000000002 ffffea00040a8401 00000000ffffffff 00000000ffffffff
[   12.891589] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   12.891942] page dumped because: kasan: bad access detected
[   12.892197] 
[   12.892312] Memory state around the buggy address:
[   12.892646]  ffff888102a11f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.893053]  ffff888102a11f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   12.893327] >ffff888102a12000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.893816]                    ^
[   12.894019]  ffff888102a12080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.894248]  ffff888102a12100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   12.894679] ==================================================================
[   12.899907] ==================================================================
[   12.901490] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   12.902629] Read of size 1 at addr ffff8881033482bb by task kunit_try_catch/243
[   12.902872] 
[   12.902966] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT(voluntary) 
[   12.903011] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.903024] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.903044] Call Trace:
[   12.903057]  <TASK>
[   12.903072]  dump_stack_lvl+0x73/0xb0
[   12.903117]  print_report+0xd1/0x650
[   12.903165]  ? __virt_addr_valid+0x1db/0x2d0
[   12.903192]  ? mempool_oob_right_helper+0x318/0x380
[   12.903221]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.903242]  ? mempool_oob_right_helper+0x318/0x380
[   12.903265]  kasan_report+0x141/0x180
[   12.903287]  ? mempool_oob_right_helper+0x318/0x380
[   12.903332]  __asan_report_load1_noabort+0x18/0x20
[   12.903358]  mempool_oob_right_helper+0x318/0x380
[   12.903382]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   12.903419]  ? __pfx_sched_clock_cpu+0x10/0x10
[   12.903453]  ? finish_task_switch.isra.0+0x153/0x700
[   12.903478]  mempool_slab_oob_right+0xed/0x140
[   12.903513]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   12.903540]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   12.903560]  ? __pfx_mempool_free_slab+0x10/0x10
[   12.903582]  ? __pfx_read_tsc+0x10/0x10
[   12.903604]  ? ktime_get_ts64+0x86/0x230
[   12.903628]  kunit_try_run_case+0x1a5/0x480
[   12.903652]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.903674]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.903697]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.903718]  ? __kthread_parkme+0x82/0x180
[   12.903740]  ? preempt_count_sub+0x50/0x80
[   12.903764]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.903787]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.903809]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.903832]  kthread+0x337/0x6f0
[   12.903852]  ? trace_preempt_on+0x20/0xc0
[   12.903881]  ? __pfx_kthread+0x10/0x10
[   12.903901]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.903923]  ? calculate_sigpending+0x7b/0xa0
[   12.903957]  ? __pfx_kthread+0x10/0x10
[   12.903978]  ret_from_fork+0x116/0x1d0
[   12.903997]  ? __pfx_kthread+0x10/0x10
[   12.904028]  ret_from_fork_asm+0x1a/0x30
[   12.904060]  </TASK>
[   12.904071] 
[   12.918418] Allocated by task 243:
[   12.918841]  kasan_save_stack+0x45/0x70
[   12.918995]  kasan_save_track+0x18/0x40
[   12.919151]  kasan_save_alloc_info+0x3b/0x50
[   12.919307]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   12.919481]  remove_element+0x11e/0x190
[   12.919621]  mempool_alloc_preallocated+0x4d/0x90
[   12.919786]  mempool_oob_right_helper+0x8a/0x380
[   12.919945]  mempool_slab_oob_right+0xed/0x140
[   12.920350]  kunit_try_run_case+0x1a5/0x480
[   12.920764]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.921351]  kthread+0x337/0x6f0
[   12.921680]  ret_from_fork+0x116/0x1d0
[   12.922041]  ret_from_fork_asm+0x1a/0x30
[   12.922572] 
[   12.922759] The buggy address belongs to the object at ffff888103348240
[   12.922759]  which belongs to the cache test_cache of size 123
[   12.923936] The buggy address is located 0 bytes to the right of
[   12.923936]  allocated 123-byte region [ffff888103348240, ffff8881033482bb)
[   12.925214] 
[   12.925422] The buggy address belongs to the physical page:
[   12.925866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103348
[   12.926121] flags: 0x200000000000000(node=0|zone=2)
[   12.926765] page_type: f5(slab)
[   12.927086] raw: 0200000000000000 ffff8881018498c0 dead000000000122 0000000000000000
[   12.927807] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   12.928041] page dumped because: kasan: bad access detected
[   12.928551] 
[   12.928722] Memory state around the buggy address:
[   12.929208]  ffff888103348180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   12.929913]  ffff888103348200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   12.930574] >ffff888103348280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   12.930799]                                         ^
[   12.930963]  ffff888103348300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.931217]  ffff888103348380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.931659] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zNL1O2cp9dmCFBEgSs8WkyJh4y

job_id

TEST:linaro@lkft#2zNL6lw8QpiLx2X80bHtYDEoIkO

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zNL6lw8QpiLx2X80bHtYDEoIkO

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zNL3q4rWFiUvmEYLQ3BXdIYSKX/bzImage
sha256sum	f913311db6c7753aa3ccadda2e754832cad135a441849c4a73d7959c2b6c87e5

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zNL3q4rWFiUvmEYLQ3BXdIYSKX/modules.tar.xz
sha256sum	43ae06e48ef12e1aba423c47b6cdbc55af315831d6ed3f78d515cc08d1dc28a1

durations

tests

boot	0
kunit	204.34

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit