lkft/linux-mainline-master - v6.16-rc5-121-gbc9ff192a6c9 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

July 10, 2025, 11:10 p.m.

Environment
qemu-arm64
qemu-x86_64

[   17.913657] ==================================================================
[   17.913752] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   17.913852] Read of size 1 at addr fff00000c5a29873 by task kunit_try_catch/221
[   17.913904] 
[   17.913945] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   17.914033] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.914059] Hardware name: linux,dummy-virt (DT)
[   17.914104] Call trace:
[   17.914129]  show_stack+0x20/0x38 (C)
[   17.914184]  dump_stack_lvl+0x8c/0xd0
[   17.914235]  print_report+0x118/0x608
[   17.914284]  kasan_report+0xdc/0x128
[   17.914329]  __asan_report_load1_noabort+0x20/0x30
[   17.914382]  mempool_oob_right_helper+0x2ac/0x2f0
[   17.914432]  mempool_kmalloc_oob_right+0xc4/0x120
[   17.914484]  kunit_try_run_case+0x170/0x3f0
[   17.914534]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.914588]  kthread+0x328/0x630
[   17.914632]  ret_from_fork+0x10/0x20
[   17.914683] 
[   17.914701] Allocated by task 221:
[   17.914730]  kasan_save_stack+0x3c/0x68
[   17.914773]  kasan_save_track+0x20/0x40
[   17.914810]  kasan_save_alloc_info+0x40/0x58
[   17.914852]  __kasan_mempool_unpoison_object+0x11c/0x180
[   17.914895]  remove_element+0x130/0x1f8
[   17.914935]  mempool_alloc_preallocated+0x58/0xc0
[   17.914974]  mempool_oob_right_helper+0x98/0x2f0
[   17.915014]  mempool_kmalloc_oob_right+0xc4/0x120
[   17.915057]  kunit_try_run_case+0x170/0x3f0
[   17.915105]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.915149]  kthread+0x328/0x630
[   17.915182]  ret_from_fork+0x10/0x20
[   17.915218] 
[   17.915237] The buggy address belongs to the object at fff00000c5a29800
[   17.915237]  which belongs to the cache kmalloc-128 of size 128
[   17.915295] The buggy address is located 0 bytes to the right of
[   17.915295]  allocated 115-byte region [fff00000c5a29800, fff00000c5a29873)
[   17.915359] 
[   17.915380] The buggy address belongs to the physical page:
[   17.915415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105a29
[   17.915469] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   17.915522] page_type: f5(slab)
[   17.915563] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   17.915613] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.915654] page dumped because: kasan: bad access detected
[   17.915686] 
[   17.915704] Memory state around the buggy address:
[   17.915738]  fff00000c5a29700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   17.915780]  fff00000c5a29780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.915826] >fff00000c5a29800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   17.915866]                                                              ^
[   17.915904]  fff00000c5a29880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.915946]  fff00000c5a29900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   17.915985] ==================================================================
[   17.946473] ==================================================================
[   17.946553] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   17.946624] Read of size 1 at addr fff00000c7806001 by task kunit_try_catch/223
[   17.946675] 
[   17.946716] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   17.946803] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.946830] Hardware name: linux,dummy-virt (DT)
[   17.946862] Call trace:
[   17.946888]  show_stack+0x20/0x38 (C)
[   17.946940]  dump_stack_lvl+0x8c/0xd0
[   17.946990]  print_report+0x118/0x608
[   17.947038]  kasan_report+0xdc/0x128
[   17.947098]  __asan_report_load1_noabort+0x20/0x30
[   17.947152]  mempool_oob_right_helper+0x2ac/0x2f0
[   17.947201]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   17.947255]  kunit_try_run_case+0x170/0x3f0
[   17.947303]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.947357]  kthread+0x328/0x630
[   17.947401]  ret_from_fork+0x10/0x20
[   17.947450] 
[   17.947471] The buggy address belongs to the physical page:
[   17.947508] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107804
[   17.947565] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.947612] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.947669] page_type: f8(unknown)
[   17.947710] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.947759] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.947809] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.947858] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.947907] head: 0bfffe0000000002 ffffc1ffc31e0101 00000000ffffffff 00000000ffffffff
[   17.947956] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.947999] page dumped because: kasan: bad access detected
[   17.948028] 
[   17.948048] Memory state around the buggy address:
[   17.948089]  fff00000c7805f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.948132]  fff00000c7805f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.948174] >fff00000c7806000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.948212]                    ^
[   17.948240]  fff00000c7806080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.948282]  fff00000c7806100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.948320] ==================================================================
[   17.969432] ==================================================================
[   17.969504] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   17.969569] Read of size 1 at addr fff00000c64522bb by task kunit_try_catch/225
[   17.969634] 
[   17.969675] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   17.969792] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.969825] Hardware name: linux,dummy-virt (DT)
[   17.969857] Call trace:
[   17.969960]  show_stack+0x20/0x38 (C)
[   17.970138]  dump_stack_lvl+0x8c/0xd0
[   17.970256]  print_report+0x118/0x608
[   17.970402]  kasan_report+0xdc/0x128
[   17.970508]  __asan_report_load1_noabort+0x20/0x30
[   17.970617]  mempool_oob_right_helper+0x2ac/0x2f0
[   17.970718]  mempool_slab_oob_right+0xc0/0x118
[   17.970768]  kunit_try_run_case+0x170/0x3f0
[   17.970818]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.970995]  kthread+0x328/0x630
[   17.971047]  ret_from_fork+0x10/0x20
[   17.971110] 
[   17.971165] Allocated by task 225:
[   17.971221]  kasan_save_stack+0x3c/0x68
[   17.971347]  kasan_save_track+0x20/0x40
[   17.971407]  kasan_save_alloc_info+0x40/0x58
[   17.971755]  __kasan_mempool_unpoison_object+0xbc/0x180
[   17.971884]  remove_element+0x16c/0x1f8
[   17.971982]  mempool_alloc_preallocated+0x58/0xc0
[   17.972098]  mempool_oob_right_helper+0x98/0x2f0
[   17.972150]  mempool_slab_oob_right+0xc0/0x118
[   17.972191]  kunit_try_run_case+0x170/0x3f0
[   17.972228]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.972281]  kthread+0x328/0x630
[   17.972331]  ret_from_fork+0x10/0x20
[   17.972369] 
[   17.972398] The buggy address belongs to the object at fff00000c6452240
[   17.972398]  which belongs to the cache test_cache of size 123
[   17.972472] The buggy address is located 0 bytes to the right of
[   17.972472]  allocated 123-byte region [fff00000c6452240, fff00000c64522bb)
[   17.972535] 
[   17.972558] The buggy address belongs to the physical page:
[   17.972590] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106452
[   17.972642] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   17.972694] page_type: f5(slab)
[   17.972753] raw: 0bfffe0000000000 fff00000c5945a00 dead000000000122 0000000000000000
[   17.972804] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   17.972853] page dumped because: kasan: bad access detected
[   17.972886] 
[   17.972905] Memory state around the buggy address:
[   17.972956]  fff00000c6452180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   17.973009]  fff00000c6452200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   17.973051] >fff00000c6452280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   17.973099]                                         ^
[   17.973132]  fff00000c6452300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.973173]  fff00000c6452380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.973211] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zhh1TJxKKGPTGH75tVSg7ZQ5K3

job_id

TEST:linaro@lkft#2zhh6X6WqdeLDmlh57VpXaQEIUm

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zhh6X6WqdeLDmlh57VpXaQEIUm

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zhh2whOnzYxMMUeqyuTKj9MhA1/Image.gz
sha256sum	6a33a49c12017576e8ec763ec43b279cc0364750541d180ab972292e17b20e1f

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zhh2whOnzYxMMUeqyuTKj9MhA1/modules.tar.xz
sha256sum	763eb41fbf87dbccc620abd6da1c60b3280f435cb05c0722314c5afc56c818a8

durations

tests

boot	0
kunit	169.25

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   14.150814] ==================================================================
[   14.151341] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   14.151943] Read of size 1 at addr ffff8881039f6001 by task kunit_try_catch/240
[   14.152241] 
[   14.152333] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.152437] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.152450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.152470] Call Trace:
[   14.152482]  <TASK>
[   14.152496]  dump_stack_lvl+0x73/0xb0
[   14.152527]  print_report+0xd1/0x650
[   14.152549]  ? __virt_addr_valid+0x1db/0x2d0
[   14.152573]  ? mempool_oob_right_helper+0x318/0x380
[   14.152596]  ? kasan_addr_to_slab+0x11/0xa0
[   14.152616]  ? mempool_oob_right_helper+0x318/0x380
[   14.152640]  kasan_report+0x141/0x180
[   14.152661]  ? mempool_oob_right_helper+0x318/0x380
[   14.152690]  __asan_report_load1_noabort+0x18/0x20
[   14.152715]  mempool_oob_right_helper+0x318/0x380
[   14.152740]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   14.152763]  ? update_load_avg+0x1be/0x21b0
[   14.152790]  ? finish_task_switch.isra.0+0x153/0x700
[   14.152816]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   14.152841]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   14.152870]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.152893]  ? __pfx_mempool_kfree+0x10/0x10
[   14.152918]  ? __pfx_read_tsc+0x10/0x10
[   14.152938]  ? ktime_get_ts64+0x86/0x230
[   14.152962]  kunit_try_run_case+0x1a5/0x480
[   14.152986]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.153009]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.153034]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.153057]  ? __kthread_parkme+0x82/0x180
[   14.153079]  ? preempt_count_sub+0x50/0x80
[   14.153101]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.153126]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.153150]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.153175]  kthread+0x337/0x6f0
[   14.153194]  ? trace_preempt_on+0x20/0xc0
[   14.153217]  ? __pfx_kthread+0x10/0x10
[   14.153237]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.153258]  ? calculate_sigpending+0x7b/0xa0
[   14.153282]  ? __pfx_kthread+0x10/0x10
[   14.153303]  ret_from_fork+0x116/0x1d0
[   14.153321]  ? __pfx_kthread+0x10/0x10
[   14.153341]  ret_from_fork_asm+0x1a/0x30
[   14.153448]  </TASK>
[   14.153458] 
[   14.163005] The buggy address belongs to the physical page:
[   14.163242] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4
[   14.163498] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   14.163723] flags: 0x200000000000040(head|node=0|zone=2)
[   14.164013] page_type: f8(unknown)
[   14.164195] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.164485] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.164714] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.165562] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.165927] head: 0200000000000002 ffffea00040e7d01 00000000ffffffff 00000000ffffffff
[   14.166263] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   14.166675] page dumped because: kasan: bad access detected
[   14.166896] 
[   14.166992] Memory state around the buggy address:
[   14.167185]  ffff8881039f5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.167570]  ffff8881039f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.167820] >ffff8881039f6000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   14.168031]                    ^
[   14.168199]  ffff8881039f6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   14.168530]  ffff8881039f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   14.168810] ==================================================================
[   14.173153] ==================================================================
[   14.173938] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   14.174253] Read of size 1 at addr ffff8881039b62bb by task kunit_try_catch/242
[   14.174630] 
[   14.174749] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.174792] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.174803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.174823] Call Trace:
[   14.174836]  <TASK>
[   14.174853]  dump_stack_lvl+0x73/0xb0
[   14.174884]  print_report+0xd1/0x650
[   14.174908]  ? __virt_addr_valid+0x1db/0x2d0
[   14.174933]  ? mempool_oob_right_helper+0x318/0x380
[   14.174957]  ? kasan_complete_mode_report_info+0x2a/0x200
[   14.174980]  ? mempool_oob_right_helper+0x318/0x380
[   14.175005]  kasan_report+0x141/0x180
[   14.175027]  ? mempool_oob_right_helper+0x318/0x380
[   14.175056]  __asan_report_load1_noabort+0x18/0x20
[   14.175081]  mempool_oob_right_helper+0x318/0x380
[   14.175106]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   14.175133]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.175158]  ? finish_task_switch.isra.0+0x153/0x700
[   14.175184]  mempool_slab_oob_right+0xed/0x140
[   14.175209]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   14.175238]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   14.175264]  ? __pfx_mempool_free_slab+0x10/0x10
[   14.175291]  ? __pfx_read_tsc+0x10/0x10
[   14.175312]  ? ktime_get_ts64+0x86/0x230
[   14.175338]  kunit_try_run_case+0x1a5/0x480
[   14.175438]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.175463]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.175489]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.175513]  ? __kthread_parkme+0x82/0x180
[   14.175535]  ? preempt_count_sub+0x50/0x80
[   14.175558]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.175583]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.175607]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.175633]  kthread+0x337/0x6f0
[   14.175652]  ? trace_preempt_on+0x20/0xc0
[   14.175677]  ? __pfx_kthread+0x10/0x10
[   14.175698]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.175720]  ? calculate_sigpending+0x7b/0xa0
[   14.175744]  ? __pfx_kthread+0x10/0x10
[   14.175766]  ret_from_fork+0x116/0x1d0
[   14.175784]  ? __pfx_kthread+0x10/0x10
[   14.175804]  ret_from_fork_asm+0x1a/0x30
[   14.175836]  </TASK>
[   14.175846] 
[   14.183841] Allocated by task 242:
[   14.184021]  kasan_save_stack+0x45/0x70
[   14.184235]  kasan_save_track+0x18/0x40
[   14.184443]  kasan_save_alloc_info+0x3b/0x50
[   14.184698]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   14.184878]  remove_element+0x11e/0x190
[   14.185016]  mempool_alloc_preallocated+0x4d/0x90
[   14.185217]  mempool_oob_right_helper+0x8a/0x380
[   14.185616]  mempool_slab_oob_right+0xed/0x140
[   14.185840]  kunit_try_run_case+0x1a5/0x480
[   14.186053]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.186314]  kthread+0x337/0x6f0
[   14.186573]  ret_from_fork+0x116/0x1d0
[   14.186774]  ret_from_fork_asm+0x1a/0x30
[   14.186954] 
[   14.187031] The buggy address belongs to the object at ffff8881039b6240
[   14.187031]  which belongs to the cache test_cache of size 123
[   14.187605] The buggy address is located 0 bytes to the right of
[   14.187605]  allocated 123-byte region [ffff8881039b6240, ffff8881039b62bb)
[   14.188002] 
[   14.188074] The buggy address belongs to the physical page:
[   14.188248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039b6
[   14.188528] flags: 0x200000000000000(node=0|zone=2)
[   14.188966] page_type: f5(slab)
[   14.189133] raw: 0200000000000000 ffff8881039b0140 dead000000000122 0000000000000000
[   14.189481] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   14.189814] page dumped because: kasan: bad access detected
[   14.190255] 
[   14.190328] Memory state around the buggy address:
[   14.190693]  ffff8881039b6180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.190972]  ffff8881039b6200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   14.191220] >ffff8881039b6280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   14.191550]                                         ^
[   14.191964]  ffff8881039b6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.192263]  ffff8881039b6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.192640] ==================================================================
[   14.123095] ==================================================================
[   14.123742] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   14.124025] Read of size 1 at addr ffff8881027a3973 by task kunit_try_catch/238
[   14.124247] 
[   14.124338] CPU: 0 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.124399] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.124410] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.124433] Call Trace:
[   14.124444]  <TASK>
[   14.124463]  dump_stack_lvl+0x73/0xb0
[   14.124495]  print_report+0xd1/0x650
[   14.124519]  ? __virt_addr_valid+0x1db/0x2d0
[   14.124542]  ? mempool_oob_right_helper+0x318/0x380
[   14.124566]  ? kasan_complete_mode_report_info+0x2a/0x200
[   14.124590]  ? mempool_oob_right_helper+0x318/0x380
[   14.125088]  kasan_report+0x141/0x180
[   14.125112]  ? mempool_oob_right_helper+0x318/0x380
[   14.125148]  __asan_report_load1_noabort+0x18/0x20
[   14.125173]  mempool_oob_right_helper+0x318/0x380
[   14.125198]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   14.125222]  ? update_load_avg+0x1be/0x21b0
[   14.125246]  ? dequeue_entities+0x27e/0x1740
[   14.125269]  ? __kasan_check_write+0x18/0x20
[   14.125290]  ? finish_task_switch.isra.0+0x153/0x700
[   14.125316]  mempool_kmalloc_oob_right+0xf2/0x150
[   14.125340]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   14.125390]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.125417]  ? __pfx_mempool_kfree+0x10/0x10
[   14.125442]  ? __pfx_read_tsc+0x10/0x10
[   14.125474]  ? ktime_get_ts64+0x86/0x230
[   14.125499]  kunit_try_run_case+0x1a5/0x480
[   14.125524]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.125548]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.125573]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.125597]  ? __kthread_parkme+0x82/0x180
[   14.125618]  ? preempt_count_sub+0x50/0x80
[   14.125640]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.125665]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.125689]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.125714]  kthread+0x337/0x6f0
[   14.125732]  ? trace_preempt_on+0x20/0xc0
[   14.125757]  ? __pfx_kthread+0x10/0x10
[   14.125777]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.125798]  ? calculate_sigpending+0x7b/0xa0
[   14.125823]  ? __pfx_kthread+0x10/0x10
[   14.125844]  ret_from_fork+0x116/0x1d0
[   14.125863]  ? __pfx_kthread+0x10/0x10
[   14.125883]  ret_from_fork_asm+0x1a/0x30
[   14.125914]  </TASK>
[   14.125925] 
[   14.138188] Allocated by task 238:
[   14.138322]  kasan_save_stack+0x45/0x70
[   14.138557]  kasan_save_track+0x18/0x40
[   14.138735]  kasan_save_alloc_info+0x3b/0x50
[   14.138996]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   14.139233]  remove_element+0x11e/0x190
[   14.139440]  mempool_alloc_preallocated+0x4d/0x90
[   14.139692]  mempool_oob_right_helper+0x8a/0x380
[   14.139917]  mempool_kmalloc_oob_right+0xf2/0x150
[   14.140090]  kunit_try_run_case+0x1a5/0x480
[   14.140329]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.140531]  kthread+0x337/0x6f0
[   14.140831]  ret_from_fork+0x116/0x1d0
[   14.141079]  ret_from_fork_asm+0x1a/0x30
[   14.141283] 
[   14.141376] The buggy address belongs to the object at ffff8881027a3900
[   14.141376]  which belongs to the cache kmalloc-128 of size 128
[   14.142084] The buggy address is located 0 bytes to the right of
[   14.142084]  allocated 115-byte region [ffff8881027a3900, ffff8881027a3973)
[   14.142701] 
[   14.142957] The buggy address belongs to the physical page:
[   14.143154] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a3
[   14.143629] flags: 0x200000000000000(node=0|zone=2)
[   14.143882] page_type: f5(slab)
[   14.144031] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   14.144362] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   14.144896] page dumped because: kasan: bad access detected
[   14.145124] 
[   14.145214] Memory state around the buggy address:
[   14.145688]  ffff8881027a3800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.145913]  ffff8881027a3880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.146231] >ffff8881027a3900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   14.146657]                                                              ^
[   14.147101]  ffff8881027a3980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.147429]  ffff8881027a3a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   14.147807] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zhh1TJxKKGPTGH75tVSg7ZQ5K3

job_id

TEST:linaro@lkft#2zhh7dPmlkqdlppZDQ6XzM0iF30

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zhh7dPmlkqdlppZDQ6XzM0iF30

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zhh4brPbFRP8L5HT7aQLwDEuSt/bzImage
sha256sum	51ed52f1f68ba5ea27b558c10c847ec34107981e2f70718cbc1574acf045c7d6

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zhh4brPbFRP8L5HT7aQLwDEuSt/modules.tar.xz
sha256sum	39c646aa7715edec9a01d30f4285c974624ae561cc143942bb43adde90a6040d

durations

tests

boot	0
kunit	203.16

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit