lkft/linux-mainline-master - v6.16-rc4-123-g4c06e63b9203 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

July 3, 2025, 11:10 p.m.

Environment
qemu-arm64
qemu-x86_64

[   22.025449] ==================================================================
[   22.025590] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   22.026037] Read of size 1 at addr fff00000c7952001 by task kunit_try_catch/223
[   22.026195] 
[   22.026273] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   22.026425] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.026481] Hardware name: linux,dummy-virt (DT)
[   22.026545] Call trace:
[   22.026592]  show_stack+0x20/0x38 (C)
[   22.026747]  dump_stack_lvl+0x8c/0xd0
[   22.026851]  print_report+0x118/0x608
[   22.026960]  kasan_report+0xdc/0x128
[   22.027080]  __asan_report_load1_noabort+0x20/0x30
[   22.027223]  mempool_oob_right_helper+0x2ac/0x2f0
[   22.027457]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   22.027650]  kunit_try_run_case+0x170/0x3f0
[   22.027768]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.028182]  kthread+0x328/0x630
[   22.028365]  ret_from_fork+0x10/0x20
[   22.028505] 
[   22.028832] The buggy address belongs to the physical page:
[   22.028943] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107950
[   22.029098] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   22.029276] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   22.029402] page_type: f8(unknown)
[   22.029573] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   22.029684] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   22.029790] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   22.030195] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   22.030363] head: 0bfffe0000000002 ffffc1ffc31e5401 00000000ffffffff 00000000ffffffff
[   22.030471] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   22.030672] page dumped because: kasan: bad access detected
[   22.030795] 
[   22.030877] Memory state around the buggy address:
[   22.031520]  fff00000c7951f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.031928]  fff00000c7951f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   22.032472] >fff00000c7952000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   22.032584]                    ^
[   22.033129]  fff00000c7952080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   22.033918]  fff00000c7952100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   22.034015] ==================================================================
[   22.068751] ==================================================================
[   22.068901] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   22.069543] Read of size 1 at addr fff00000c77ec2bb by task kunit_try_catch/225
[   22.069845] 
[   22.069971] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   22.070255] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.070333] Hardware name: linux,dummy-virt (DT)
[   22.070631] Call trace:
[   22.070704]  show_stack+0x20/0x38 (C)
[   22.070912]  dump_stack_lvl+0x8c/0xd0
[   22.071087]  print_report+0x118/0x608
[   22.071223]  kasan_report+0xdc/0x128
[   22.071333]  __asan_report_load1_noabort+0x20/0x30
[   22.071449]  mempool_oob_right_helper+0x2ac/0x2f0
[   22.071565]  mempool_slab_oob_right+0xc0/0x118
[   22.071678]  kunit_try_run_case+0x170/0x3f0
[   22.071791]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.072481]  kthread+0x328/0x630
[   22.072735]  ret_from_fork+0x10/0x20
[   22.072922] 
[   22.072975] Allocated by task 225:
[   22.073064]  kasan_save_stack+0x3c/0x68
[   22.073376]  kasan_save_track+0x20/0x40
[   22.073633]  kasan_save_alloc_info+0x40/0x58
[   22.073836]  __kasan_mempool_unpoison_object+0xbc/0x180
[   22.073934]  remove_element+0x16c/0x1f8
[   22.074411]  mempool_alloc_preallocated+0x58/0xc0
[   22.074575]  mempool_oob_right_helper+0x98/0x2f0
[   22.074677]  mempool_slab_oob_right+0xc0/0x118
[   22.075039]  kunit_try_run_case+0x170/0x3f0
[   22.075224]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.075564]  kthread+0x328/0x630
[   22.075667]  ret_from_fork+0x10/0x20
[   22.075749] 
[   22.076111] The buggy address belongs to the object at fff00000c77ec240
[   22.076111]  which belongs to the cache test_cache of size 123
[   22.076278] The buggy address is located 0 bytes to the right of
[   22.076278]  allocated 123-byte region [fff00000c77ec240, fff00000c77ec2bb)
[   22.076431] 
[   22.076482] The buggy address belongs to the physical page:
[   22.076660] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ec
[   22.077150] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   22.077349] page_type: f5(slab)
[   22.077466] raw: 0bfffe0000000000 fff00000c6de6780 dead000000000122 0000000000000000
[   22.077683] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   22.077884] page dumped because: kasan: bad access detected
[   22.077956] 
[   22.077998] Memory state around the buggy address:
[   22.078084]  fff00000c77ec180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   22.078525]  fff00000c77ec200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   22.078630] >fff00000c77ec280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   22.078783]                                         ^
[   22.078976]  fff00000c77ec300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.079166]  fff00000c77ec380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.079474] ==================================================================
[   22.008984] ==================================================================
[   22.009106] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   22.009197] Read of size 1 at addr fff00000c77ef273 by task kunit_try_catch/221
[   22.009247] 
[   22.009296] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   22.009385] Tainted: [B]=BAD_PAGE, [N]=TEST
[   22.009416] Hardware name: linux,dummy-virt (DT)
[   22.009454] Call trace:
[   22.009481]  show_stack+0x20/0x38 (C)
[   22.009537]  dump_stack_lvl+0x8c/0xd0
[   22.009591]  print_report+0x118/0x608
[   22.009640]  kasan_report+0xdc/0x128
[   22.009742]  __asan_report_load1_noabort+0x20/0x30
[   22.009834]  mempool_oob_right_helper+0x2ac/0x2f0
[   22.009930]  mempool_kmalloc_oob_right+0xc4/0x120
[   22.010038]  kunit_try_run_case+0x170/0x3f0
[   22.010115]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.010169]  kthread+0x328/0x630
[   22.010212]  ret_from_fork+0x10/0x20
[   22.010261] 
[   22.010283] Allocated by task 221:
[   22.010314]  kasan_save_stack+0x3c/0x68
[   22.010359]  kasan_save_track+0x20/0x40
[   22.010396]  kasan_save_alloc_info+0x40/0x58
[   22.010436]  __kasan_mempool_unpoison_object+0x11c/0x180
[   22.010477]  remove_element+0x130/0x1f8
[   22.010515]  mempool_alloc_preallocated+0x58/0xc0
[   22.010553]  mempool_oob_right_helper+0x98/0x2f0
[   22.010594]  mempool_kmalloc_oob_right+0xc4/0x120
[   22.010632]  kunit_try_run_case+0x170/0x3f0
[   22.010668]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   22.010710]  kthread+0x328/0x630
[   22.010741]  ret_from_fork+0x10/0x20
[   22.010777] 
[   22.010799] The buggy address belongs to the object at fff00000c77ef200
[   22.010799]  which belongs to the cache kmalloc-128 of size 128
[   22.010858] The buggy address is located 0 bytes to the right of
[   22.010858]  allocated 115-byte region [fff00000c77ef200, fff00000c77ef273)
[   22.010919] 
[   22.010944] The buggy address belongs to the physical page:
[   22.010976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077ef
[   22.011051] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   22.011109] page_type: f5(slab)
[   22.011154] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   22.011204] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   22.011246] page dumped because: kasan: bad access detected
[   22.011278] 
[   22.011296] Memory state around the buggy address:
[   22.011331]  fff00000c77ef100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   22.011375]  fff00000c77ef180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.011419] >fff00000c77ef200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   22.011458]                                                              ^
[   22.011498]  fff00000c77ef280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   22.011540]  fff00000c77ef300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   22.011578] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zNv5yvBPQPFs0AlDSVKFmCWGjk

job_id

TEST:linaro@lkft#2zNvAH2g4ermDeisaxH4EvgiTxa

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zNvAH2g4ermDeisaxH4EvgiTxa

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zNv76IuwowkYB4Sjr8DEDXB6KX/Image.gz
sha256sum	90ec95b90bf87b5324c2dbcf89d31393975c6b7e5ec37927e4403529f8acf5c3

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zNv76IuwowkYB4Sjr8DEDXB6KX/modules.tar.xz
sha256sum	f86904e93834acd0f5a270dfcf178475dde11d8026543e037dd3a943f3bfae11

durations

tests

boot	0
kunit	273.15

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   12.983120] ==================================================================
[   12.983647] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   12.983902] Read of size 1 at addr ffff888102aba001 by task kunit_try_catch/240
[   12.984150] 
[   12.984382] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT(voluntary) 
[   12.984430] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.984443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.984504] Call Trace:
[   12.984517]  <TASK>
[   12.984546]  dump_stack_lvl+0x73/0xb0
[   12.984576]  print_report+0xd1/0x650
[   12.984599]  ? __virt_addr_valid+0x1db/0x2d0
[   12.984621]  ? mempool_oob_right_helper+0x318/0x380
[   12.984644]  ? kasan_addr_to_slab+0x11/0xa0
[   12.984664]  ? mempool_oob_right_helper+0x318/0x380
[   12.984686]  kasan_report+0x141/0x180
[   12.984708]  ? mempool_oob_right_helper+0x318/0x380
[   12.984735]  __asan_report_load1_noabort+0x18/0x20
[   12.984758]  mempool_oob_right_helper+0x318/0x380
[   12.984782]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   12.984806]  ? __kasan_check_write+0x18/0x20
[   12.984825]  ? __pfx_sched_clock_cpu+0x10/0x10
[   12.984847]  ? finish_task_switch.isra.0+0x153/0x700
[   12.984908]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   12.984956]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   12.984996]  ? __pfx_mempool_kmalloc+0x10/0x10
[   12.985021]  ? __pfx_mempool_kfree+0x10/0x10
[   12.985045]  ? __pfx_read_tsc+0x10/0x10
[   12.985066]  ? ktime_get_ts64+0x86/0x230
[   12.985090]  kunit_try_run_case+0x1a5/0x480
[   12.985113]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.985155]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.985178]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.985200]  ? __kthread_parkme+0x82/0x180
[   12.985220]  ? preempt_count_sub+0x50/0x80
[   12.985243]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.985265]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.985287]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.985330]  kthread+0x337/0x6f0
[   12.985349]  ? trace_preempt_on+0x20/0xc0
[   12.985371]  ? __pfx_kthread+0x10/0x10
[   12.985392]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.985412]  ? calculate_sigpending+0x7b/0xa0
[   12.985435]  ? __pfx_kthread+0x10/0x10
[   12.985456]  ret_from_fork+0x116/0x1d0
[   12.985474]  ? __pfx_kthread+0x10/0x10
[   12.985493]  ret_from_fork_asm+0x1a/0x30
[   12.985524]  </TASK>
[   12.985536] 
[   12.996400] The buggy address belongs to the physical page:
[   12.996657] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab8
[   12.997018] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   12.997662] flags: 0x200000000000040(head|node=0|zone=2)
[   12.998036] page_type: f8(unknown)
[   12.998376] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.998997] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   12.999577] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   12.999989] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   13.000555] head: 0200000000000002 ffffea00040aae01 00000000ffffffff 00000000ffffffff
[   13.000884] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   13.001481] page dumped because: kasan: bad access detected
[   13.001841] 
[   13.001949] Memory state around the buggy address:
[   13.002455]  ffff888102ab9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   13.002753]  ffff888102ab9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   13.003235] >ffff888102aba000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   13.003661]                    ^
[   13.004113]  ffff888102aba080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   13.004564]  ffff888102aba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   13.005065] ==================================================================
[   13.011723] ==================================================================
[   13.012496] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   13.013013] Read of size 1 at addr ffff8881039c32bb by task kunit_try_catch/242
[   13.013694] 
[   13.013793] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT(voluntary) 
[   13.013837] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.013849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.013869] Call Trace:
[   13.013881]  <TASK>
[   13.013896]  dump_stack_lvl+0x73/0xb0
[   13.013926]  print_report+0xd1/0x650
[   13.013948]  ? __virt_addr_valid+0x1db/0x2d0
[   13.013972]  ? mempool_oob_right_helper+0x318/0x380
[   13.013994]  ? kasan_complete_mode_report_info+0x2a/0x200
[   13.014015]  ? mempool_oob_right_helper+0x318/0x380
[   13.014038]  kasan_report+0x141/0x180
[   13.014058]  ? mempool_oob_right_helper+0x318/0x380
[   13.014086]  __asan_report_load1_noabort+0x18/0x20
[   13.014110]  mempool_oob_right_helper+0x318/0x380
[   13.014146]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   13.014172]  ? __pfx_sched_clock_cpu+0x10/0x10
[   13.014193]  ? finish_task_switch.isra.0+0x153/0x700
[   13.014218]  mempool_slab_oob_right+0xed/0x140
[   13.014242]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   13.014267]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   13.014287]  ? __pfx_mempool_free_slab+0x10/0x10
[   13.014308]  ? __pfx_read_tsc+0x10/0x10
[   13.014328]  ? ktime_get_ts64+0x86/0x230
[   13.014351]  kunit_try_run_case+0x1a5/0x480
[   13.014375]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.014396]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.014419]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.014441]  ? __kthread_parkme+0x82/0x180
[   13.014461]  ? preempt_count_sub+0x50/0x80
[   13.014482]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.014505]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.014530]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.014552]  kthread+0x337/0x6f0
[   13.014570]  ? trace_preempt_on+0x20/0xc0
[   13.014593]  ? __pfx_kthread+0x10/0x10
[   13.014613]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.014632]  ? calculate_sigpending+0x7b/0xa0
[   13.014656]  ? __pfx_kthread+0x10/0x10
[   13.014676]  ret_from_fork+0x116/0x1d0
[   13.014696]  ? __pfx_kthread+0x10/0x10
[   13.014716]  ret_from_fork_asm+0x1a/0x30
[   13.014747]  </TASK>
[   13.014758] 
[   13.023043] Allocated by task 242:
[   13.023232]  kasan_save_stack+0x45/0x70
[   13.023433]  kasan_save_track+0x18/0x40
[   13.023619]  kasan_save_alloc_info+0x3b/0x50
[   13.023765]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   13.024063]  remove_element+0x11e/0x190
[   13.024564]  mempool_alloc_preallocated+0x4d/0x90
[   13.024801]  mempool_oob_right_helper+0x8a/0x380
[   13.024983]  mempool_slab_oob_right+0xed/0x140
[   13.025270]  kunit_try_run_case+0x1a5/0x480
[   13.025633]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.025827]  kthread+0x337/0x6f0
[   13.025948]  ret_from_fork+0x116/0x1d0
[   13.026080]  ret_from_fork_asm+0x1a/0x30
[   13.026266] 
[   13.026361] The buggy address belongs to the object at ffff8881039c3240
[   13.026361]  which belongs to the cache test_cache of size 123
[   13.026891] The buggy address is located 0 bytes to the right of
[   13.026891]  allocated 123-byte region [ffff8881039c3240, ffff8881039c32bb)
[   13.027493] 
[   13.027567] The buggy address belongs to the physical page:
[   13.027779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c3
[   13.028166] flags: 0x200000000000000(node=0|zone=2)
[   13.028629] page_type: f5(slab)
[   13.028784] raw: 0200000000000000 ffff8881019c6640 dead000000000122 0000000000000000
[   13.029072] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   13.029501] page dumped because: kasan: bad access detected
[   13.029724] 
[   13.029803] Memory state around the buggy address:
[   13.029987]  ffff8881039c3180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.030338]  ffff8881039c3200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   13.030752] >ffff8881039c3280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   13.031029]                                         ^
[   13.031220]  ffff8881039c3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.031427]  ffff8881039c3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.031682] ==================================================================
[   12.951026] ==================================================================
[   12.951712] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   12.952067] Read of size 1 at addr ffff8881039bf273 by task kunit_try_catch/238
[   12.952575] 
[   12.952858] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT(voluntary) 
[   12.952966] Tainted: [B]=BAD_PAGE, [N]=TEST
[   12.952981] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   12.953005] Call Trace:
[   12.953020]  <TASK>
[   12.953039]  dump_stack_lvl+0x73/0xb0
[   12.953069]  print_report+0xd1/0x650
[   12.953093]  ? __virt_addr_valid+0x1db/0x2d0
[   12.953116]  ? mempool_oob_right_helper+0x318/0x380
[   12.953151]  ? kasan_complete_mode_report_info+0x2a/0x200
[   12.953172]  ? mempool_oob_right_helper+0x318/0x380
[   12.953195]  kasan_report+0x141/0x180
[   12.953215]  ? mempool_oob_right_helper+0x318/0x380
[   12.953243]  __asan_report_load1_noabort+0x18/0x20
[   12.953265]  mempool_oob_right_helper+0x318/0x380
[   12.953288]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   12.953312]  ? __kasan_check_write+0x18/0x20
[   12.953330]  ? __pfx_sched_clock_cpu+0x10/0x10
[   12.953354]  ? finish_task_switch.isra.0+0x153/0x700
[   12.953378]  mempool_kmalloc_oob_right+0xf2/0x150
[   12.953401]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   12.953426]  ? __pfx_mempool_kmalloc+0x10/0x10
[   12.953450]  ? __pfx_mempool_kfree+0x10/0x10
[   12.953474]  ? __pfx_read_tsc+0x10/0x10
[   12.953495]  ? ktime_get_ts64+0x86/0x230
[   12.953519]  kunit_try_run_case+0x1a5/0x480
[   12.953545]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.953566]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   12.953590]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   12.953611]  ? __kthread_parkme+0x82/0x180
[   12.953632]  ? preempt_count_sub+0x50/0x80
[   12.953653]  ? __pfx_kunit_try_run_case+0x10/0x10
[   12.953675]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.953697]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   12.953719]  kthread+0x337/0x6f0
[   12.953737]  ? trace_preempt_on+0x20/0xc0
[   12.953760]  ? __pfx_kthread+0x10/0x10
[   12.953779]  ? _raw_spin_unlock_irq+0x47/0x80
[   12.953799]  ? calculate_sigpending+0x7b/0xa0
[   12.953823]  ? __pfx_kthread+0x10/0x10
[   12.953843]  ret_from_fork+0x116/0x1d0
[   12.953861]  ? __pfx_kthread+0x10/0x10
[   12.953880]  ret_from_fork_asm+0x1a/0x30
[   12.953911]  </TASK>
[   12.953922] 
[   12.966322] Allocated by task 238:
[   12.966709]  kasan_save_stack+0x45/0x70
[   12.966921]  kasan_save_track+0x18/0x40
[   12.967097]  kasan_save_alloc_info+0x3b/0x50
[   12.967736]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   12.968049]  remove_element+0x11e/0x190
[   12.968330]  mempool_alloc_preallocated+0x4d/0x90
[   12.968735]  mempool_oob_right_helper+0x8a/0x380
[   12.969068]  mempool_kmalloc_oob_right+0xf2/0x150
[   12.969438]  kunit_try_run_case+0x1a5/0x480
[   12.969755]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   12.970005]  kthread+0x337/0x6f0
[   12.970447]  ret_from_fork+0x116/0x1d0
[   12.970642]  ret_from_fork_asm+0x1a/0x30
[   12.970897] 
[   12.971006] The buggy address belongs to the object at ffff8881039bf200
[   12.971006]  which belongs to the cache kmalloc-128 of size 128
[   12.971784] The buggy address is located 0 bytes to the right of
[   12.971784]  allocated 115-byte region [ffff8881039bf200, ffff8881039bf273)
[   12.972690] 
[   12.972809] The buggy address belongs to the physical page:
[   12.973162] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bf
[   12.973700] flags: 0x200000000000000(node=0|zone=2)
[   12.974054] page_type: f5(slab)
[   12.974212] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   12.974824] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   12.975346] page dumped because: kasan: bad access detected
[   12.975581] 
[   12.975658] Memory state around the buggy address:
[   12.975819]  ffff8881039bf100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   12.976036]  ffff8881039bf180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.976286] >ffff8881039bf200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   12.976836]                                                              ^
[   12.977054]  ffff8881039bf280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   12.977737]  ffff8881039bf300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   12.978268] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zNv5yvBPQPFs0AlDSVKFmCWGjk

job_id

TEST:linaro@lkft#2zNvBO4D4nc0xKyTPLk608IUly0

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zNvBO4D4nc0xKyTPLk608IUly0

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zNv836Th26QbKhGWrQRhDUjHyV/bzImage
sha256sum	48253da22fbaa889314b6cbcef930a574b8fb498c8287c6334dfcaaac35d2646

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zNv836Th26QbKhGWrQRhDUjHyV/modules.tar.xz
sha256sum	ceda07de898d2f66eaee5047a2cf908012cff52074f56af21475cacb7f203cfd

durations

tests

boot	0
kunit	203.42

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit