lkft/linux-mainline-master - v6.16-rc4-324-g1f988d0788f5 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

July 6, 2025, 11:09 a.m.

Environment
qemu-arm64
qemu-x86_64

[   20.088961] ==================================================================
[   20.089328] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   20.089414] Read of size 1 at addr fff00000c56ed373 by task kunit_try_catch/221
[   20.089656] 
[   20.089727] CPU: 1 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   20.089924] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.090059] Hardware name: linux,dummy-virt (DT)
[   20.090095] Call trace:
[   20.090161]  show_stack+0x20/0x38 (C)
[   20.090314]  dump_stack_lvl+0x8c/0xd0
[   20.090365]  print_report+0x118/0x608
[   20.090418]  kasan_report+0xdc/0x128
[   20.090469]  __asan_report_load1_noabort+0x20/0x30
[   20.090768]  mempool_oob_right_helper+0x2ac/0x2f0
[   20.090846]  mempool_kmalloc_oob_right+0xc4/0x120
[   20.091135]  kunit_try_run_case+0x170/0x3f0
[   20.091261]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.091674]  kthread+0x328/0x630
[   20.091720]  ret_from_fork+0x10/0x20
[   20.091770] 
[   20.091891] Allocated by task 221:
[   20.091923]  kasan_save_stack+0x3c/0x68
[   20.092243]  kasan_save_track+0x20/0x40
[   20.092281]  kasan_save_alloc_info+0x40/0x58
[   20.092960]  __kasan_mempool_unpoison_object+0x11c/0x180
[   20.093096]  remove_element+0x130/0x1f8
[   20.093572]  mempool_alloc_preallocated+0x58/0xc0
[   20.093628]  mempool_oob_right_helper+0x98/0x2f0
[   20.093670]  mempool_kmalloc_oob_right+0xc4/0x120
[   20.093748]  kunit_try_run_case+0x170/0x3f0
[   20.094208]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.094469]  kthread+0x328/0x630
[   20.094509]  ret_from_fork+0x10/0x20
[   20.094892] 
[   20.094955] The buggy address belongs to the object at fff00000c56ed300
[   20.094955]  which belongs to the cache kmalloc-128 of size 128
[   20.095290] The buggy address is located 0 bytes to the right of
[   20.095290]  allocated 115-byte region [fff00000c56ed300, fff00000c56ed373)
[   20.095424] 
[   20.095564] The buggy address belongs to the physical page:
[   20.095600] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056ed
[   20.095657] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   20.096030] page_type: f5(slab)
[   20.096094] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   20.096151] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   20.096583] page dumped because: kasan: bad access detected
[   20.096618] 
[   20.096644] Memory state around the buggy address:
[   20.097012]  fff00000c56ed200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   20.097075]  fff00000c56ed280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.097119] >fff00000c56ed300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   20.097158]                                                              ^
[   20.097215]  fff00000c56ed380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.097582]  fff00000c56ed400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   20.097834] ==================================================================
[   20.126985] ==================================================================
[   20.127261] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   20.127482] Read of size 1 at addr fff00000c56e32bb by task kunit_try_catch/225
[   20.127546] 
[   20.127672] CPU: 1 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   20.127912] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.128045] Hardware name: linux,dummy-virt (DT)
[   20.128247] Call trace:
[   20.128271]  show_stack+0x20/0x38 (C)
[   20.128319]  dump_stack_lvl+0x8c/0xd0
[   20.128365]  print_report+0x118/0x608
[   20.128411]  kasan_report+0xdc/0x128
[   20.128456]  __asan_report_load1_noabort+0x20/0x30
[   20.128507]  mempool_oob_right_helper+0x2ac/0x2f0
[   20.128554]  mempool_slab_oob_right+0xc0/0x118
[   20.128663]  kunit_try_run_case+0x170/0x3f0
[   20.128719]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.128874]  kthread+0x328/0x630
[   20.128949]  ret_from_fork+0x10/0x20
[   20.128997] 
[   20.129015] Allocated by task 225:
[   20.129053]  kasan_save_stack+0x3c/0x68
[   20.129094]  kasan_save_track+0x20/0x40
[   20.129130]  kasan_save_alloc_info+0x40/0x58
[   20.129171]  __kasan_mempool_unpoison_object+0xbc/0x180
[   20.129226]  remove_element+0x16c/0x1f8
[   20.129268]  mempool_alloc_preallocated+0x58/0xc0
[   20.129305]  mempool_oob_right_helper+0x98/0x2f0
[   20.129450]  mempool_slab_oob_right+0xc0/0x118
[   20.129592]  kunit_try_run_case+0x170/0x3f0
[   20.129776]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.129821]  kthread+0x328/0x630
[   20.129853]  ret_from_fork+0x10/0x20
[   20.129889] 
[   20.129909] The buggy address belongs to the object at fff00000c56e3240
[   20.129909]  which belongs to the cache test_cache of size 123
[   20.129965] The buggy address is located 0 bytes to the right of
[   20.129965]  allocated 123-byte region [fff00000c56e3240, fff00000c56e32bb)
[   20.130027] 
[   20.130047] The buggy address belongs to the physical page:
[   20.130078] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1056e3
[   20.130152] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   20.130221] page_type: f5(slab)
[   20.130265] raw: 0bfffe0000000000 fff00000c56e6000 dead000000000122 0000000000000000
[   20.130505] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   20.130574] page dumped because: kasan: bad access detected
[   20.130605] 
[   20.130624] Memory state around the buggy address:
[   20.130704]  fff00000c56e3180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   20.130808]  fff00000c56e3200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   20.130902] >fff00000c56e3280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   20.131013]                                         ^
[   20.131097]  fff00000c56e3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.131163]  fff00000c56e3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   20.131221] ==================================================================
[   20.119301] ==================================================================
[   20.119378] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   20.119437] Read of size 1 at addr fff00000c78da001 by task kunit_try_catch/223
[   20.119488] 
[   20.119521] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   20.119602] Tainted: [B]=BAD_PAGE, [N]=TEST
[   20.119630] Hardware name: linux,dummy-virt (DT)
[   20.119662] Call trace:
[   20.119685]  show_stack+0x20/0x38 (C)
[   20.119732]  dump_stack_lvl+0x8c/0xd0
[   20.119778]  print_report+0x118/0x608
[   20.119825]  kasan_report+0xdc/0x128
[   20.119870]  __asan_report_load1_noabort+0x20/0x30
[   20.119919]  mempool_oob_right_helper+0x2ac/0x2f0
[   20.119968]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   20.120018]  kunit_try_run_case+0x170/0x3f0
[   20.120068]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   20.120120]  kthread+0x328/0x630
[   20.120160]  ret_from_fork+0x10/0x20
[   20.120217] 
[   20.120239] The buggy address belongs to the physical page:
[   20.120273] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078d8
[   20.120326] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   20.120371] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   20.120424] page_type: f8(unknown)
[   20.120463] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.120514] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   20.120563] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   20.120610] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   20.120659] head: 0bfffe0000000002 ffffc1ffc31e3601 00000000ffffffff 00000000ffffffff
[   20.120707] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   20.120747] page dumped because: kasan: bad access detected
[   20.120779] 
[   20.120797] Memory state around the buggy address:
[   20.120829]  fff00000c78d9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.120871]  fff00000c78d9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   20.120913] >fff00000c78da000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.120951]                    ^
[   20.120980]  fff00000c78da080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.121021]  fff00000c78da100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   20.121058] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zUyns4bBvJgsOeHTwSzB14BtXy

job_id

TEST:linaro@lkft#2zUyssrHyt2jcP8yPQqYdfR4u49

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zUyssrHyt2jcP8yPQqYdfR4u49

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zUypMiNO3jFX9e8gXLicpOScyJ/Image.gz
sha256sum	20138ff04fbdb8b45f1eeb9004b1d0cf48a53b032c3e8f76779495b2c7e2954a

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zUypMiNO3jFX9e8gXLicpOScyJ/modules.tar.xz
sha256sum	ae84c0452ffc57473194b7ff1a0410047a3c87f102f4efa2c73a07bec335e1f4

durations

tests

boot	0
kunit	172.71

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   13.066564] ==================================================================
[   13.067281] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   13.067641] Read of size 1 at addr ffff888103aee001 by task kunit_try_catch/240
[   13.068111] 
[   13.068239] CPU: 1 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT(voluntary) 
[   13.068287] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.068299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.068323] Call Trace:
[   13.068337]  <TASK>
[   13.068355]  dump_stack_lvl+0x73/0xb0
[   13.068388]  print_report+0xd1/0x650
[   13.068412]  ? __virt_addr_valid+0x1db/0x2d0
[   13.068437]  ? mempool_oob_right_helper+0x318/0x380
[   13.068460]  ? kasan_addr_to_slab+0x11/0xa0
[   13.068548]  ? mempool_oob_right_helper+0x318/0x380
[   13.068578]  kasan_report+0x141/0x180
[   13.068621]  ? mempool_oob_right_helper+0x318/0x380
[   13.068650]  __asan_report_load1_noabort+0x18/0x20
[   13.068674]  mempool_oob_right_helper+0x318/0x380
[   13.068697]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   13.068722]  ? __kasan_check_write+0x18/0x20
[   13.068741]  ? __pfx_sched_clock_cpu+0x10/0x10
[   13.068764]  ? finish_task_switch.isra.0+0x153/0x700
[   13.068790]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   13.068814]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   13.068842]  ? __pfx_mempool_kmalloc+0x10/0x10
[   13.068865]  ? __pfx_mempool_kfree+0x10/0x10
[   13.068890]  ? __pfx_read_tsc+0x10/0x10
[   13.068913]  ? ktime_get_ts64+0x86/0x230
[   13.068954]  kunit_try_run_case+0x1a5/0x480
[   13.069000]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.069022]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.069048]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.069072]  ? __kthread_parkme+0x82/0x180
[   13.069093]  ? preempt_count_sub+0x50/0x80
[   13.069116]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.069139]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.069162]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.069186]  kthread+0x337/0x6f0
[   13.069206]  ? trace_preempt_on+0x20/0xc0
[   13.069230]  ? __pfx_kthread+0x10/0x10
[   13.069251]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.069272]  ? calculate_sigpending+0x7b/0xa0
[   13.069297]  ? __pfx_kthread+0x10/0x10
[   13.069318]  ret_from_fork+0x116/0x1d0
[   13.069337]  ? __pfx_kthread+0x10/0x10
[   13.069359]  ret_from_fork_asm+0x1a/0x30
[   13.069389]  </TASK>
[   13.069402] 
[   13.080558] The buggy address belongs to the physical page:
[   13.081230] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103aec
[   13.081565] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   13.082039] flags: 0x200000000000040(head|node=0|zone=2)
[   13.082301] page_type: f8(unknown)
[   13.082540] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   13.082988] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   13.083438] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   13.083809] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   13.084213] head: 0200000000000002 ffffea00040ebb01 00000000ffffffff 00000000ffffffff
[   13.085000] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   13.085829] page dumped because: kasan: bad access detected
[   13.086214] 
[   13.086290] Memory state around the buggy address:
[   13.086453]  ffff888103aedf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   13.087329]  ffff888103aedf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   13.088103] >ffff888103aee000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   13.088448]                    ^
[   13.088810]  ffff888103aee080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   13.089409]  ffff888103aee100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   13.089923] ==================================================================
[   13.094924] ==================================================================
[   13.096056] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   13.096633] Read of size 1 at addr ffff888103a142bb by task kunit_try_catch/242
[   13.096862] 
[   13.096987] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT(voluntary) 
[   13.097037] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.097060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.097083] Call Trace:
[   13.097098]  <TASK>
[   13.097118]  dump_stack_lvl+0x73/0xb0
[   13.097151]  print_report+0xd1/0x650
[   13.097173]  ? __virt_addr_valid+0x1db/0x2d0
[   13.097199]  ? mempool_oob_right_helper+0x318/0x380
[   13.097222]  ? kasan_complete_mode_report_info+0x2a/0x200
[   13.097244]  ? mempool_oob_right_helper+0x318/0x380
[   13.097268]  kasan_report+0x141/0x180
[   13.097290]  ? mempool_oob_right_helper+0x318/0x380
[   13.097318]  __asan_report_load1_noabort+0x18/0x20
[   13.097342]  mempool_oob_right_helper+0x318/0x380
[   13.097366]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   13.097392]  ? __pfx_sched_clock_cpu+0x10/0x10
[   13.097415]  ? finish_task_switch.isra.0+0x153/0x700
[   13.097441]  mempool_slab_oob_right+0xed/0x140
[   13.097464]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   13.097490]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   13.097511]  ? __pfx_mempool_free_slab+0x10/0x10
[   13.097544]  ? __pfx_read_tsc+0x10/0x10
[   13.097565]  ? ktime_get_ts64+0x86/0x230
[   13.097591]  kunit_try_run_case+0x1a5/0x480
[   13.097627]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.097650]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.097674]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.097697]  ? __kthread_parkme+0x82/0x180
[   13.097719]  ? preempt_count_sub+0x50/0x80
[   13.097741]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.097764]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.097787]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.097810]  kthread+0x337/0x6f0
[   13.097830]  ? trace_preempt_on+0x20/0xc0
[   13.097854]  ? __pfx_kthread+0x10/0x10
[   13.097875]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.097895]  ? calculate_sigpending+0x7b/0xa0
[   13.097921]  ? __pfx_kthread+0x10/0x10
[   13.097952]  ret_from_fork+0x116/0x1d0
[   13.097969]  ? __pfx_kthread+0x10/0x10
[   13.097990]  ret_from_fork_asm+0x1a/0x30
[   13.098022]  </TASK>
[   13.098034] 
[   13.107927] Allocated by task 242:
[   13.108185]  kasan_save_stack+0x45/0x70
[   13.108395]  kasan_save_track+0x18/0x40
[   13.108776]  kasan_save_alloc_info+0x3b/0x50
[   13.108986]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   13.109282]  remove_element+0x11e/0x190
[   13.109421]  mempool_alloc_preallocated+0x4d/0x90
[   13.109576]  mempool_oob_right_helper+0x8a/0x380
[   13.109778]  mempool_slab_oob_right+0xed/0x140
[   13.110033]  kunit_try_run_case+0x1a5/0x480
[   13.110332]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.110841]  kthread+0x337/0x6f0
[   13.111049]  ret_from_fork+0x116/0x1d0
[   13.111254]  ret_from_fork_asm+0x1a/0x30
[   13.111411] 
[   13.111485] The buggy address belongs to the object at ffff888103a14240
[   13.111485]  which belongs to the cache test_cache of size 123
[   13.111919] The buggy address is located 0 bytes to the right of
[   13.111919]  allocated 123-byte region [ffff888103a14240, ffff888103a142bb)
[   13.112566] 
[   13.112655] The buggy address belongs to the physical page:
[   13.112834] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a14
[   13.113086] flags: 0x200000000000000(node=0|zone=2)
[   13.113355] page_type: f5(slab)
[   13.113682] raw: 0200000000000000 ffff888101dc28c0 dead000000000122 0000000000000000
[   13.114086] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   13.114515] page dumped because: kasan: bad access detected
[   13.114791] 
[   13.114895] Memory state around the buggy address:
[   13.115167]  ffff888103a14180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.115393]  ffff888103a14200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   13.115800] >ffff888103a14280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   13.116225]                                         ^
[   13.116465]  ffff888103a14300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.116776]  ffff888103a14380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.117105] ==================================================================
[   13.031913] ==================================================================
[   13.032811] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   13.033202] Read of size 1 at addr ffff888102794773 by task kunit_try_catch/238
[   13.036209] 
[   13.036355] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT(voluntary) 
[   13.036409] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.036680] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.036706] Call Trace:
[   13.036722]  <TASK>
[   13.036744]  dump_stack_lvl+0x73/0xb0
[   13.036784]  print_report+0xd1/0x650
[   13.036809]  ? __virt_addr_valid+0x1db/0x2d0
[   13.036835]  ? mempool_oob_right_helper+0x318/0x380
[   13.036860]  ? kasan_complete_mode_report_info+0x2a/0x200
[   13.036883]  ? mempool_oob_right_helper+0x318/0x380
[   13.036909]  kasan_report+0x141/0x180
[   13.036931]  ? mempool_oob_right_helper+0x318/0x380
[   13.036970]  __asan_report_load1_noabort+0x18/0x20
[   13.036994]  mempool_oob_right_helper+0x318/0x380
[   13.037018]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   13.037045]  ? finish_task_switch.isra.0+0x153/0x700
[   13.037095]  mempool_kmalloc_oob_right+0xf2/0x150
[   13.037132]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   13.037159]  ? __pfx_mempool_kmalloc+0x10/0x10
[   13.037184]  ? __pfx_mempool_kfree+0x10/0x10
[   13.037209]  ? __pfx_read_tsc+0x10/0x10
[   13.037231]  ? ktime_get_ts64+0x86/0x230
[   13.037256]  kunit_try_run_case+0x1a5/0x480
[   13.037283]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.037305]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.037330]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.037353]  ? __kthread_parkme+0x82/0x180
[   13.037375]  ? preempt_count_sub+0x50/0x80
[   13.037398]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.037421]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.037443]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.037485]  kthread+0x337/0x6f0
[   13.037504]  ? trace_preempt_on+0x20/0xc0
[   13.037528]  ? __pfx_kthread+0x10/0x10
[   13.037549]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.037570]  ? calculate_sigpending+0x7b/0xa0
[   13.037595]  ? __pfx_kthread+0x10/0x10
[   13.037616]  ret_from_fork+0x116/0x1d0
[   13.037635]  ? __pfx_kthread+0x10/0x10
[   13.037655]  ret_from_fork_asm+0x1a/0x30
[   13.037686]  </TASK>
[   13.037699] 
[   13.049374] Allocated by task 238:
[   13.049648]  kasan_save_stack+0x45/0x70
[   13.049900]  kasan_save_track+0x18/0x40
[   13.050289]  kasan_save_alloc_info+0x3b/0x50
[   13.050703]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   13.050958]  remove_element+0x11e/0x190
[   13.051355]  mempool_alloc_preallocated+0x4d/0x90
[   13.051873]  mempool_oob_right_helper+0x8a/0x380
[   13.052244]  mempool_kmalloc_oob_right+0xf2/0x150
[   13.052463]  kunit_try_run_case+0x1a5/0x480
[   13.052911]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.053359]  kthread+0x337/0x6f0
[   13.053744]  ret_from_fork+0x116/0x1d0
[   13.053943]  ret_from_fork_asm+0x1a/0x30
[   13.054275] 
[   13.054410] The buggy address belongs to the object at ffff888102794700
[   13.054410]  which belongs to the cache kmalloc-128 of size 128
[   13.055276] The buggy address is located 0 bytes to the right of
[   13.055276]  allocated 115-byte region [ffff888102794700, ffff888102794773)
[   13.056192] 
[   13.056293] The buggy address belongs to the physical page:
[   13.056845] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102794
[   13.057246] flags: 0x200000000000000(node=0|zone=2)
[   13.057649] page_type: f5(slab)
[   13.057796] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   13.058521] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   13.058859] page dumped because: kasan: bad access detected
[   13.059227] 
[   13.059354] Memory state around the buggy address:
[   13.060009]  ffff888102794600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.060492]  ffff888102794680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.060819] >ffff888102794700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   13.061417]                                                              ^
[   13.061754]  ffff888102794780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.062222]  ffff888102794800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   13.062713] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zUyns4bBvJgsOeHTwSzB14BtXy

job_id

TEST:linaro@lkft#2zUyu2HzOIhrWdigGxE1n02NgIH

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zUyu2HzOIhrWdigGxE1n02NgIH

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zUyqpSVEGJuU14lZjYbktxi5ks/bzImage
sha256sum	eb3a236ffe04c7b8cec8d887ec6c90f532d889cb3e6061e4be63b00dbfbee3e8

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zUyqpSVEGJuU14lZjYbktxi5ks/modules.tar.xz
sha256sum	5901b75e8ac24e9b96c3260a67030d9eb9e0418b66a6907ac121941a493d3a5e

durations

tests

boot	0
kunit	227.24

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit