lkft/sashal-linus-next - v6.13-rc7-43476-g00b0249a355d - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

July 8, 2025, 7:07 p.m.

Environment
qemu-arm64
qemu-x86_64

[   21.238651] ==================================================================
[   21.238750] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   21.238828] Read of size 1 at addr fff00000c5ff5e73 by task kunit_try_catch/221
[   21.238879] 
[   21.238922] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   21.239011] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.239037] Hardware name: linux,dummy-virt (DT)
[   21.239072] Call trace:
[   21.239096]  show_stack+0x20/0x38 (C)
[   21.239148]  dump_stack_lvl+0x8c/0xd0
[   21.239199]  print_report+0x118/0x608
[   21.239245]  kasan_report+0xdc/0x128
[   21.239288]  __asan_report_load1_noabort+0x20/0x30
[   21.239340]  mempool_oob_right_helper+0x2ac/0x2f0
[   21.239387]  mempool_kmalloc_oob_right+0xc4/0x120
[   21.239435]  kunit_try_run_case+0x170/0x3f0
[   21.239581]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.239634]  kthread+0x328/0x630
[   21.239678]  ret_from_fork+0x10/0x20
[   21.239745] 
[   21.239764] Allocated by task 221:
[   21.239795]  kasan_save_stack+0x3c/0x68
[   21.239838]  kasan_save_track+0x20/0x40
[   21.239877]  kasan_save_alloc_info+0x40/0x58
[   21.239916]  __kasan_mempool_unpoison_object+0x11c/0x180
[   21.239961]  remove_element+0x130/0x1f8
[   21.239999]  mempool_alloc_preallocated+0x58/0xc0
[   21.240039]  mempool_oob_right_helper+0x98/0x2f0
[   21.240079]  mempool_kmalloc_oob_right+0xc4/0x120
[   21.240125]  kunit_try_run_case+0x170/0x3f0
[   21.240164]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.240208]  kthread+0x328/0x630
[   21.240241]  ret_from_fork+0x10/0x20
[   21.240277] 
[   21.240297] The buggy address belongs to the object at fff00000c5ff5e00
[   21.240297]  which belongs to the cache kmalloc-128 of size 128
[   21.240358] The buggy address is located 0 bytes to the right of
[   21.240358]  allocated 115-byte region [fff00000c5ff5e00, fff00000c5ff5e73)
[   21.240423] 
[   21.240444] The buggy address belongs to the physical page:
[   21.240478] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105ff5
[   21.240531] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   21.240585] page_type: f5(slab)
[   21.240627] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   21.240678] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   21.240729] page dumped because: kasan: bad access detected
[   21.240762] 
[   21.240780] Memory state around the buggy address:
[   21.240817]  fff00000c5ff5d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   21.240860]  fff00000c5ff5d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.240902] >fff00000c5ff5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   21.240938]                                                              ^
[   21.240977]  fff00000c5ff5e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.241019]  fff00000c5ff5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   21.241057] ==================================================================
[   21.279553] ==================================================================
[   21.279629] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   21.279683] Read of size 1 at addr fff00000c57132bb by task kunit_try_catch/225
[   21.279745] 
[   21.279779] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   21.279861] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.279886] Hardware name: linux,dummy-virt (DT)
[   21.279917] Call trace:
[   21.279938]  show_stack+0x20/0x38 (C)
[   21.279986]  dump_stack_lvl+0x8c/0xd0
[   21.280177]  print_report+0x118/0x608
[   21.280504]  kasan_report+0xdc/0x128
[   21.280969]  __asan_report_load1_noabort+0x20/0x30
[   21.281318]  mempool_oob_right_helper+0x2ac/0x2f0
[   21.281413]  mempool_slab_oob_right+0xc0/0x118
[   21.281477]  kunit_try_run_case+0x170/0x3f0
[   21.282036]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.282141]  kthread+0x328/0x630
[   21.282323]  ret_from_fork+0x10/0x20
[   21.282737] 
[   21.282820] Allocated by task 225:
[   21.283204]  kasan_save_stack+0x3c/0x68
[   21.283309]  kasan_save_track+0x20/0x40
[   21.283345]  kasan_save_alloc_info+0x40/0x58
[   21.283385]  __kasan_mempool_unpoison_object+0xbc/0x180
[   21.283427]  remove_element+0x16c/0x1f8
[   21.284181]  mempool_alloc_preallocated+0x58/0xc0
[   21.284740]  mempool_oob_right_helper+0x98/0x2f0
[   21.284791]  mempool_slab_oob_right+0xc0/0x118
[   21.284831]  kunit_try_run_case+0x170/0x3f0
[   21.284869]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.284911]  kthread+0x328/0x630
[   21.285663]  ret_from_fork+0x10/0x20
[   21.286510] 
[   21.286538] The buggy address belongs to the object at fff00000c5713240
[   21.286538]  which belongs to the cache test_cache of size 123
[   21.286601] The buggy address is located 0 bytes to the right of
[   21.286601]  allocated 123-byte region [fff00000c5713240, fff00000c57132bb)
[   21.287161] 
[   21.287370] The buggy address belongs to the physical page:
[   21.287784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105713
[   21.287974] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   21.288031] page_type: f5(slab)
[   21.288499] raw: 0bfffe0000000000 fff00000c5cfe780 dead000000000122 0000000000000000
[   21.288556] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   21.288598] page dumped because: kasan: bad access detected
[   21.288631] 
[   21.288650] Memory state around the buggy address:
[   21.288683]  fff00000c5713180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   21.288738]  fff00000c5713200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   21.288780] >fff00000c5713280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   21.290016]                                         ^
[   21.290573]  fff00000c5713300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.290647]  fff00000c5713380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.290688] ==================================================================
[   21.252536] ==================================================================
[   21.252851] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   21.252926] Read of size 1 at addr fff00000c77ba001 by task kunit_try_catch/223
[   21.253146] 
[   21.253180] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   21.253269] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.253294] Hardware name: linux,dummy-virt (DT)
[   21.253324] Call trace:
[   21.253346]  show_stack+0x20/0x38 (C)
[   21.253395]  dump_stack_lvl+0x8c/0xd0
[   21.253440]  print_report+0x118/0x608
[   21.253485]  kasan_report+0xdc/0x128
[   21.253529]  __asan_report_load1_noabort+0x20/0x30
[   21.253891]  mempool_oob_right_helper+0x2ac/0x2f0
[   21.253972]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   21.254414]  kunit_try_run_case+0x170/0x3f0
[   21.254604]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.254791]  kthread+0x328/0x630
[   21.254832]  ret_from_fork+0x10/0x20
[   21.254878] 
[   21.254900] The buggy address belongs to the physical page:
[   21.254932] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077b8
[   21.254986] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.255416] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   21.255789] page_type: f8(unknown)
[   21.255950] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.256018] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   21.256074] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.256129] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   21.256178] head: 0bfffe0000000002 ffffc1ffc31dee01 00000000ffffffff 00000000ffffffff
[   21.256227] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   21.256670] page dumped because: kasan: bad access detected
[   21.256812] 
[   21.256834] Memory state around the buggy address:
[   21.256868]  fff00000c77b9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.257374]  fff00000c77b9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.257430] >fff00000c77ba000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.257467]                    ^
[   21.257621]  fff00000c77ba080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.257663]  fff00000c77ba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.257912] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zbZAsW0CRR2ffMkw5j8F6DHgyw

job_id

TEST:linaro@lkft#2zbZELhCwKziSXCacuqaKlig2QS

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zbZELhCwKziSXCacuqaKlig2QS

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zbZBqBVTAxuRuCQHYdewgbYp7s/Image.gz
sha256sum	13ed34663cef83d4fb86ede6789c93f31050bb758da77d00bf5796a1642a8000

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zbZBqBVTAxuRuCQHYdewgbYp7s/modules.tar.xz
sha256sum	a968762691f131e35c1b902f768cc0424c6e9593e0a95acbdc41831f7268e4b5

durations

tests

boot	0
kunit	166.57

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   14.400815] ==================================================================
[   14.401498] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   14.401884] Read of size 1 at addr ffff888102af6673 by task kunit_try_catch/238
[   14.402189] 
[   14.402318] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.402368] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.402380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.402403] Call Trace:
[   14.402428]  <TASK>
[   14.402447]  dump_stack_lvl+0x73/0xb0
[   14.402479]  print_report+0xd1/0x650
[   14.402514]  ? __virt_addr_valid+0x1db/0x2d0
[   14.402540]  ? mempool_oob_right_helper+0x318/0x380
[   14.402563]  ? kasan_complete_mode_report_info+0x2a/0x200
[   14.402588]  ? mempool_oob_right_helper+0x318/0x380
[   14.402610]  kasan_report+0x141/0x180
[   14.402631]  ? mempool_oob_right_helper+0x318/0x380
[   14.402659]  __asan_report_load1_noabort+0x18/0x20
[   14.402682]  mempool_oob_right_helper+0x318/0x380
[   14.402715]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   14.402741]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.402763]  ? finish_task_switch.isra.0+0x153/0x700
[   14.402800]  mempool_kmalloc_oob_right+0xf2/0x150
[   14.402823]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   14.402849]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.402873]  ? __pfx_mempool_kfree+0x10/0x10
[   14.402897]  ? __pfx_read_tsc+0x10/0x10
[   14.402919]  ? ktime_get_ts64+0x86/0x230
[   14.402943]  kunit_try_run_case+0x1a5/0x480
[   14.402969]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.402991]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.403014]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.403037]  ? __kthread_parkme+0x82/0x180
[   14.403066]  ? preempt_count_sub+0x50/0x80
[   14.403089]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.403112]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.403135]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.403158]  kthread+0x337/0x6f0
[   14.403177]  ? trace_preempt_on+0x20/0xc0
[   14.403200]  ? __pfx_kthread+0x10/0x10
[   14.403220]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.403240]  ? calculate_sigpending+0x7b/0xa0
[   14.403264]  ? __pfx_kthread+0x10/0x10
[   14.403285]  ret_from_fork+0x116/0x1d0
[   14.403303]  ? __pfx_kthread+0x10/0x10
[   14.403322]  ret_from_fork_asm+0x1a/0x30
[   14.403354]  </TASK>
[   14.403367] 
[   14.412690] Allocated by task 238:
[   14.412884]  kasan_save_stack+0x45/0x70
[   14.413102]  kasan_save_track+0x18/0x40
[   14.413256]  kasan_save_alloc_info+0x3b/0x50
[   14.413415]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   14.413706]  remove_element+0x11e/0x190
[   14.413905]  mempool_alloc_preallocated+0x4d/0x90
[   14.414079]  mempool_oob_right_helper+0x8a/0x380
[   14.414238]  mempool_kmalloc_oob_right+0xf2/0x150
[   14.414466]  kunit_try_run_case+0x1a5/0x480
[   14.414675]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.414852]  kthread+0x337/0x6f0
[   14.414973]  ret_from_fork+0x116/0x1d0
[   14.415174]  ret_from_fork_asm+0x1a/0x30
[   14.415383] 
[   14.415484] The buggy address belongs to the object at ffff888102af6600
[   14.415484]  which belongs to the cache kmalloc-128 of size 128
[   14.416139] The buggy address is located 0 bytes to the right of
[   14.416139]  allocated 115-byte region [ffff888102af6600, ffff888102af6673)
[   14.416706] 
[   14.416797] The buggy address belongs to the physical page:
[   14.417007] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102af6
[   14.417346] flags: 0x200000000000000(node=0|zone=2)
[   14.417611] page_type: f5(slab)
[   14.417761] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   14.418005] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   14.418361] page dumped because: kasan: bad access detected
[   14.418583] 
[   14.418656] Memory state around the buggy address:
[   14.418819]  ffff888102af6500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.419423]  ffff888102af6580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.419771] >ffff888102af6600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   14.420073]                                                              ^
[   14.420336]  ffff888102af6680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.420602]  ffff888102af6700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   14.421007] ==================================================================
[   14.424962] ==================================================================
[   14.425463] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   14.425782] Read of size 1 at addr ffff888102b82001 by task kunit_try_catch/240
[   14.426050] 
[   14.426226] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.426277] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.426291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.426319] Call Trace:
[   14.426334]  <TASK>
[   14.426352]  dump_stack_lvl+0x73/0xb0
[   14.426382]  print_report+0xd1/0x650
[   14.426405]  ? __virt_addr_valid+0x1db/0x2d0
[   14.426429]  ? mempool_oob_right_helper+0x318/0x380
[   14.426453]  ? kasan_addr_to_slab+0x11/0xa0
[   14.426474]  ? mempool_oob_right_helper+0x318/0x380
[   14.426499]  kasan_report+0x141/0x180
[   14.426520]  ? mempool_oob_right_helper+0x318/0x380
[   14.426549]  __asan_report_load1_noabort+0x18/0x20
[   14.426574]  mempool_oob_right_helper+0x318/0x380
[   14.426600]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   14.426627]  ? __kasan_check_write+0x18/0x20
[   14.426646]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.426670]  ? finish_task_switch.isra.0+0x153/0x700
[   14.426697]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   14.426722]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   14.426750]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.426775]  ? __pfx_mempool_kfree+0x10/0x10
[   14.426799]  ? __pfx_read_tsc+0x10/0x10
[   14.426820]  ? ktime_get_ts64+0x86/0x230
[   14.426845]  kunit_try_run_case+0x1a5/0x480
[   14.426870]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.426893]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.426917]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.426941]  ? __kthread_parkme+0x82/0x180
[   14.426962]  ? preempt_count_sub+0x50/0x80
[   14.426985]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.427009]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.427033]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.427469]  kthread+0x337/0x6f0
[   14.427492]  ? trace_preempt_on+0x20/0xc0
[   14.427518]  ? __pfx_kthread+0x10/0x10
[   14.427539]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.427561]  ? calculate_sigpending+0x7b/0xa0
[   14.427586]  ? __pfx_kthread+0x10/0x10
[   14.427608]  ret_from_fork+0x116/0x1d0
[   14.427626]  ? __pfx_kthread+0x10/0x10
[   14.427646]  ret_from_fork_asm+0x1a/0x30
[   14.427680]  </TASK>
[   14.427693] 
[   14.440554] The buggy address belongs to the physical page:
[   14.441255] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b80
[   14.441797] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   14.442299] flags: 0x200000000000040(head|node=0|zone=2)
[   14.442702] page_type: f8(unknown)
[   14.442836] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.443128] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.443510] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.444121] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.444597] head: 0200000000000002 ffffea00040ae001 00000000ffffffff 00000000ffffffff
[   14.444924] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   14.445562] page dumped because: kasan: bad access detected
[   14.445838] 
[   14.446163] Memory state around the buggy address:
[   14.446504]  ffff888102b81f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.446812]  ffff888102b81f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.447338] >ffff888102b82000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   14.447795]                    ^
[   14.448054]  ffff888102b82080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   14.448542]  ffff888102b82100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   14.448834] ==================================================================
[   14.461805] ==================================================================
[   14.462721] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   14.463302] Read of size 1 at addr ffff88810261f2bb by task kunit_try_catch/242
[   14.463818] 
[   14.464239] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.464312] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.464325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.464349] Call Trace:
[   14.464362]  <TASK>
[   14.464381]  dump_stack_lvl+0x73/0xb0
[   14.464413]  print_report+0xd1/0x650
[   14.464436]  ? __virt_addr_valid+0x1db/0x2d0
[   14.464461]  ? mempool_oob_right_helper+0x318/0x380
[   14.464484]  ? kasan_complete_mode_report_info+0x2a/0x200
[   14.464662]  ? mempool_oob_right_helper+0x318/0x380
[   14.464692]  kasan_report+0x141/0x180
[   14.464714]  ? mempool_oob_right_helper+0x318/0x380
[   14.464742]  __asan_report_load1_noabort+0x18/0x20
[   14.464766]  mempool_oob_right_helper+0x318/0x380
[   14.464789]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   14.464815]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.464839]  ? finish_task_switch.isra.0+0x153/0x700
[   14.464864]  mempool_slab_oob_right+0xed/0x140
[   14.464887]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   14.464911]  ? __kasan_check_write+0x18/0x20
[   14.464931]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   14.464955]  ? __pfx_mempool_free_slab+0x10/0x10
[   14.464981]  ? __pfx_read_tsc+0x10/0x10
[   14.465002]  ? ktime_get_ts64+0x86/0x230
[   14.465023]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   14.465133]  kunit_try_run_case+0x1a5/0x480
[   14.465164]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.465187]  ? queued_spin_lock_slowpath+0x116/0xb40
[   14.465212]  ? __kthread_parkme+0x82/0x180
[   14.465233]  ? preempt_count_sub+0x50/0x80
[   14.465256]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.465278]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.465301]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.465323]  kthread+0x337/0x6f0
[   14.465341]  ? trace_preempt_on+0x20/0xc0
[   14.465365]  ? __pfx_kthread+0x10/0x10
[   14.465384]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.465405]  ? calculate_sigpending+0x7b/0xa0
[   14.465428]  ? __pfx_kthread+0x10/0x10
[   14.465449]  ret_from_fork+0x116/0x1d0
[   14.465467]  ? __pfx_kthread+0x10/0x10
[   14.465487]  ret_from_fork_asm+0x1a/0x30
[   14.465519]  </TASK>
[   14.465531] 
[   14.478795] Allocated by task 242:
[   14.479355]  kasan_save_stack+0x45/0x70
[   14.479681]  kasan_save_track+0x18/0x40
[   14.479842]  kasan_save_alloc_info+0x3b/0x50
[   14.480306]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   14.480820]  remove_element+0x11e/0x190
[   14.481010]  mempool_alloc_preallocated+0x4d/0x90
[   14.481361]  mempool_oob_right_helper+0x8a/0x380
[   14.481856]  mempool_slab_oob_right+0xed/0x140
[   14.482171]  kunit_try_run_case+0x1a5/0x480
[   14.482463]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.482906]  kthread+0x337/0x6f0
[   14.483077]  ret_from_fork+0x116/0x1d0
[   14.483756]  ret_from_fork_asm+0x1a/0x30
[   14.483957] 
[   14.484038] The buggy address belongs to the object at ffff88810261f240
[   14.484038]  which belongs to the cache test_cache of size 123
[   14.485032] The buggy address is located 0 bytes to the right of
[   14.485032]  allocated 123-byte region [ffff88810261f240, ffff88810261f2bb)
[   14.485923] 
[   14.486059] The buggy address belongs to the physical page:
[   14.486472] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f
[   14.486834] flags: 0x200000000000000(node=0|zone=2)
[   14.487299] page_type: f5(slab)
[   14.487646] raw: 0200000000000000 ffff888101f21500 dead000000000122 0000000000000000
[   14.488059] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   14.488427] page dumped because: kasan: bad access detected
[   14.488958] 
[   14.489274] Memory state around the buggy address:
[   14.489586]  ffff88810261f180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.489989]  ffff88810261f200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   14.490443] >ffff88810261f280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   14.490968]                                         ^
[   14.491481]  ffff88810261f300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.492028]  ffff88810261f380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.492359] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zbZAsW0CRR2ffMkw5j8F6DHgyw

job_id

TEST:linaro@lkft#2zbZFHK4Sw86b4pmV5PXfz8prpJ

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zbZFHK4Sw86b4pmV5PXfz8prpJ

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zbZCcAU3GCfH6PwaRBQnAehPTl/bzImage
sha256sum	0bf0ad7ccf29b0f731e894460d46dafee55e63e8cafe197024b102058e3d162c

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zbZCcAU3GCfH6PwaRBQnAehPTl/modules.tar.xz
sha256sum	0dc6a04d7bca38bbdcbb0c995f09194f0b64c8de10ad0918054455d46bad2376

durations

tests

boot	0
kunit	214.08

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit