lkft/linux-mainline-master - v6.16-rc5-38-g733923397fd9 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

July 8, 2025, 11:09 p.m.

Environment
qemu-arm64
qemu-x86_64

[   21.209749] ==================================================================
[   21.209812] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   21.209866] Read of size 1 at addr fff00000c653e001 by task kunit_try_catch/223
[   21.209915] 
[   21.209947] CPU: 0 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   21.210030] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.210056] Hardware name: linux,dummy-virt (DT)
[   21.210101] Call trace:
[   21.210124]  show_stack+0x20/0x38 (C)
[   21.210680]  dump_stack_lvl+0x8c/0xd0
[   21.210976]  print_report+0x118/0x608
[   21.211097]  kasan_report+0xdc/0x128
[   21.211236]  __asan_report_load1_noabort+0x20/0x30
[   21.211473]  mempool_oob_right_helper+0x2ac/0x2f0
[   21.211586]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   21.211839]  kunit_try_run_case+0x170/0x3f0
[   21.211895]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.211949]  kthread+0x328/0x630
[   21.212241]  ret_from_fork+0x10/0x20
[   21.212342] 
[   21.212363] The buggy address belongs to the physical page:
[   21.212403] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10653c
[   21.212495] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.212791] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   21.213010] page_type: f8(unknown)
[   21.213056] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.213337] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   21.213561] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.213613] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   21.213664] head: 0bfffe0000000002 ffffc1ffc3194f01 00000000ffffffff 00000000ffffffff
[   21.214031] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   21.214077] page dumped because: kasan: bad access detected
[   21.214232] 
[   21.214251] Memory state around the buggy address:
[   21.214343]  fff00000c653df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.214560]  fff00000c653df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.214834] >fff00000c653e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.214940]                    ^
[   21.215112]  fff00000c653e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.215323]  fff00000c653e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.215451] ==================================================================
[   21.198463] ==================================================================
[   21.198534] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   21.198608] Read of size 1 at addr fff00000c7706273 by task kunit_try_catch/221
[   21.198659] 
[   21.198702] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   21.198791] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.198817] Hardware name: linux,dummy-virt (DT)
[   21.198851] Call trace:
[   21.198876]  show_stack+0x20/0x38 (C)
[   21.198935]  dump_stack_lvl+0x8c/0xd0
[   21.198985]  print_report+0x118/0x608
[   21.199032]  kasan_report+0xdc/0x128
[   21.199075]  __asan_report_load1_noabort+0x20/0x30
[   21.199126]  mempool_oob_right_helper+0x2ac/0x2f0
[   21.199186]  mempool_kmalloc_oob_right+0xc4/0x120
[   21.199233]  kunit_try_run_case+0x170/0x3f0
[   21.199284]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.199335]  kthread+0x328/0x630
[   21.199376]  ret_from_fork+0x10/0x20
[   21.199426] 
[   21.199446] Allocated by task 221:
[   21.199475]  kasan_save_stack+0x3c/0x68
[   21.199623]  kasan_save_track+0x20/0x40
[   21.199666]  kasan_save_alloc_info+0x40/0x58
[   21.199707]  __kasan_mempool_unpoison_object+0x11c/0x180
[   21.199752]  remove_element+0x130/0x1f8
[   21.199791]  mempool_alloc_preallocated+0x58/0xc0
[   21.199829]  mempool_oob_right_helper+0x98/0x2f0
[   21.199869]  mempool_kmalloc_oob_right+0xc4/0x120
[   21.199909]  kunit_try_run_case+0x170/0x3f0
[   21.199947]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.199991]  kthread+0x328/0x630
[   21.200024]  ret_from_fork+0x10/0x20
[   21.200062] 
[   21.200082] The buggy address belongs to the object at fff00000c7706200
[   21.200082]  which belongs to the cache kmalloc-128 of size 128
[   21.200142] The buggy address is located 0 bytes to the right of
[   21.200142]  allocated 115-byte region [fff00000c7706200, fff00000c7706273)
[   21.200222] 
[   21.200244] The buggy address belongs to the physical page:
[   21.200279] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107706
[   21.200336] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   21.200390] page_type: f5(slab)
[   21.200434] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   21.200483] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   21.200524] page dumped because: kasan: bad access detected
[   21.200556] 
[   21.200575] Memory state around the buggy address:
[   21.200607]  fff00000c7706100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   21.200650]  fff00000c7706180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.200693] >fff00000c7706200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   21.200730]                                                              ^
[   21.200771]  fff00000c7706280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.200813]  fff00000c7706300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   21.200852] ==================================================================
[   21.226687] ==================================================================
[   21.226752] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   21.226960] Read of size 1 at addr fff00000c76e52bb by task kunit_try_catch/225
[   21.227182] 
[   21.227215] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   21.228025] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.228068] Hardware name: linux,dummy-virt (DT)
[   21.228121] Call trace:
[   21.228146]  show_stack+0x20/0x38 (C)
[   21.228231]  dump_stack_lvl+0x8c/0xd0
[   21.228278]  print_report+0x118/0x608
[   21.228324]  kasan_report+0xdc/0x128
[   21.228502]  __asan_report_load1_noabort+0x20/0x30
[   21.228555]  mempool_oob_right_helper+0x2ac/0x2f0
[   21.228706]  mempool_slab_oob_right+0xc0/0x118
[   21.228752]  kunit_try_run_case+0x170/0x3f0
[   21.228812]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.229037]  kthread+0x328/0x630
[   21.229108]  ret_from_fork+0x10/0x20
[   21.229258] 
[   21.229278] Allocated by task 225:
[   21.229309]  kasan_save_stack+0x3c/0x68
[   21.229353]  kasan_save_track+0x20/0x40
[   21.229392]  kasan_save_alloc_info+0x40/0x58
[   21.229443]  __kasan_mempool_unpoison_object+0xbc/0x180
[   21.229488]  remove_element+0x16c/0x1f8
[   21.229765]  mempool_alloc_preallocated+0x58/0xc0
[   21.229824]  mempool_oob_right_helper+0x98/0x2f0
[   21.229863]  mempool_slab_oob_right+0xc0/0x118
[   21.229913]  kunit_try_run_case+0x170/0x3f0
[   21.230138]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.230193]  kthread+0x328/0x630
[   21.230227]  ret_from_fork+0x10/0x20
[   21.230272] 
[   21.230291] The buggy address belongs to the object at fff00000c76e5240
[   21.230291]  which belongs to the cache test_cache of size 123
[   21.230351] The buggy address is located 0 bytes to the right of
[   21.230351]  allocated 123-byte region [fff00000c76e5240, fff00000c76e52bb)
[   21.230591] 
[   21.230614] The buggy address belongs to the physical page:
[   21.230873] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1076e5
[   21.230980] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   21.231072] page_type: f5(slab)
[   21.231177] raw: 0bfffe0000000000 fff00000c1757b40 dead000000000122 0000000000000000
[   21.231241] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   21.231283] page dumped because: kasan: bad access detected
[   21.231315] 
[   21.231333] Memory state around the buggy address:
[   21.231781]  fff00000c76e5180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   21.231934]  fff00000c76e5200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   21.231983] >fff00000c76e5280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   21.232024]                                         ^
[   21.232059]  fff00000c76e5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.232103]  fff00000c76e5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.232142] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zc2fAgxa2SvAeue0jkCQWn7vUV

job_id

TEST:linaro@lkft#2zc2kP8qq1eGtg0vZPMgeaFOibs

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zc2kP8qq1eGtg0vZPMgeaFOibs

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zc2gsJeEJv3OObdyYWW7vaSUjE/Image.gz
sha256sum	4295dd3f8a9104f192ab48fe03e9799ce1a72a725e4e680194f6f3244902a569

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zc2gsJeEJv3OObdyYWW7vaSUjE/modules.tar.xz
sha256sum	798a67f8b1be586b3f0cd90eea157ad905fdc7ec29b6c056fb912c6626a9d1b6

durations

tests

boot	0
kunit	171.06

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   14.020321] ==================================================================
[   14.021339] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   14.022228] Read of size 1 at addr ffff888102b9c2bb by task kunit_try_catch/243
[   14.023158] 
[   14.023269] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.023502] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.023517] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.023539] Call Trace:
[   14.023553]  <TASK>
[   14.023571]  dump_stack_lvl+0x73/0xb0
[   14.023619]  print_report+0xd1/0x650
[   14.023643]  ? __virt_addr_valid+0x1db/0x2d0
[   14.023667]  ? mempool_oob_right_helper+0x318/0x380
[   14.023691]  ? kasan_complete_mode_report_info+0x2a/0x200
[   14.023715]  ? mempool_oob_right_helper+0x318/0x380
[   14.023739]  kasan_report+0x141/0x180
[   14.023761]  ? mempool_oob_right_helper+0x318/0x380
[   14.023790]  __asan_report_load1_noabort+0x18/0x20
[   14.023815]  mempool_oob_right_helper+0x318/0x380
[   14.023843]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   14.023871]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.023894]  ? finish_task_switch.isra.0+0x153/0x700
[   14.023920]  mempool_slab_oob_right+0xed/0x140
[   14.023946]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   14.023973]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   14.023999]  ? __pfx_mempool_free_slab+0x10/0x10
[   14.024026]  ? __pfx_read_tsc+0x10/0x10
[   14.024047]  ? ktime_get_ts64+0x86/0x230
[   14.024073]  kunit_try_run_case+0x1a5/0x480
[   14.024098]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.024120]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.024146]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.024170]  ? __kthread_parkme+0x82/0x180
[   14.024191]  ? preempt_count_sub+0x50/0x80
[   14.024215]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.024239]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.024263]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.024288]  kthread+0x337/0x6f0
[   14.024307]  ? trace_preempt_on+0x20/0xc0
[   14.024333]  ? __pfx_kthread+0x10/0x10
[   14.024353]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.024375]  ? calculate_sigpending+0x7b/0xa0
[   14.024400]  ? __pfx_kthread+0x10/0x10
[   14.024421]  ret_from_fork+0x116/0x1d0
[   14.024439]  ? __pfx_kthread+0x10/0x10
[   14.024460]  ret_from_fork_asm+0x1a/0x30
[   14.024492]  </TASK>
[   14.024503] 
[   14.037649] Allocated by task 243:
[   14.037789]  kasan_save_stack+0x45/0x70
[   14.038108]  kasan_save_track+0x18/0x40
[   14.038623]  kasan_save_alloc_info+0x3b/0x50
[   14.039181]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   14.039762]  remove_element+0x11e/0x190
[   14.040241]  mempool_alloc_preallocated+0x4d/0x90
[   14.040728]  mempool_oob_right_helper+0x8a/0x380
[   14.041217]  mempool_slab_oob_right+0xed/0x140
[   14.041653]  kunit_try_run_case+0x1a5/0x480
[   14.042195]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.042788]  kthread+0x337/0x6f0
[   14.043031]  ret_from_fork+0x116/0x1d0
[   14.043255]  ret_from_fork_asm+0x1a/0x30
[   14.043396] 
[   14.043466] The buggy address belongs to the object at ffff888102b9c240
[   14.043466]  which belongs to the cache test_cache of size 123
[   14.044439] The buggy address is located 0 bytes to the right of
[   14.044439]  allocated 123-byte region [ffff888102b9c240, ffff888102b9c2bb)
[   14.045733] 
[   14.045968] The buggy address belongs to the physical page:
[   14.046321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b9c
[   14.046596] flags: 0x200000000000000(node=0|zone=2)
[   14.047135] page_type: f5(slab)
[   14.047464] raw: 0200000000000000 ffff888102b913c0 dead000000000122 0000000000000000
[   14.048296] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   14.048809] page dumped because: kasan: bad access detected
[   14.049189] 
[   14.049368] Memory state around the buggy address:
[   14.049846]  ffff888102b9c180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.050394]  ffff888102b9c200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   14.050883] >ffff888102b9c280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   14.051631]                                         ^
[   14.052039]  ffff888102b9c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.052442]  ffff888102b9c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.053016] ==================================================================
[   13.995681] ==================================================================
[   13.996208] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   13.996520] Read of size 1 at addr ffff88810298a001 by task kunit_try_catch/241
[   13.996871] 
[   13.996974] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   13.997022] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.997034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.997056] Call Trace:
[   13.997070]  <TASK>
[   13.997087]  dump_stack_lvl+0x73/0xb0
[   13.997119]  print_report+0xd1/0x650
[   13.997143]  ? __virt_addr_valid+0x1db/0x2d0
[   13.997168]  ? mempool_oob_right_helper+0x318/0x380
[   13.997191]  ? kasan_addr_to_slab+0x11/0xa0
[   13.997212]  ? mempool_oob_right_helper+0x318/0x380
[   13.997236]  kasan_report+0x141/0x180
[   13.997258]  ? mempool_oob_right_helper+0x318/0x380
[   13.997287]  __asan_report_load1_noabort+0x18/0x20
[   13.997312]  mempool_oob_right_helper+0x318/0x380
[   13.997337]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   13.997362]  ? __kasan_check_write+0x18/0x20
[   13.997382]  ? __pfx_sched_clock_cpu+0x10/0x10
[   13.997406]  ? finish_task_switch.isra.0+0x153/0x700
[   13.997434]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   13.997461]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   13.997490]  ? __pfx_mempool_kmalloc+0x10/0x10
[   13.997554]  ? __pfx_mempool_kfree+0x10/0x10
[   13.997580]  ? __pfx_read_tsc+0x10/0x10
[   13.997614]  ? ktime_get_ts64+0x86/0x230
[   13.997640]  kunit_try_run_case+0x1a5/0x480
[   13.997665]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.997687]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.997715]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.997739]  ? __kthread_parkme+0x82/0x180
[   13.997761]  ? preempt_count_sub+0x50/0x80
[   13.997784]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.997808]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.997832]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.997858]  kthread+0x337/0x6f0
[   13.997877]  ? trace_preempt_on+0x20/0xc0
[   13.997901]  ? __pfx_kthread+0x10/0x10
[   13.997922]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.998300]  ? calculate_sigpending+0x7b/0xa0
[   13.998327]  ? __pfx_kthread+0x10/0x10
[   13.998350]  ret_from_fork+0x116/0x1d0
[   13.998368]  ? __pfx_kthread+0x10/0x10
[   13.998389]  ret_from_fork_asm+0x1a/0x30
[   13.998422]  </TASK>
[   13.998434] 
[   14.009393] The buggy address belongs to the physical page:
[   14.009777] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102988
[   14.010176] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   14.010525] flags: 0x200000000000040(head|node=0|zone=2)
[   14.010737] page_type: f8(unknown)
[   14.010891] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.011323] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.011689] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.012143] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.012456] head: 0200000000000002 ffffea00040a6201 00000000ffffffff 00000000ffffffff
[   14.012840] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   14.013256] page dumped because: kasan: bad access detected
[   14.013511] 
[   14.013633] Memory state around the buggy address:
[   14.013855]  ffff888102989f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.014237]  ffff888102989f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.014576] >ffff88810298a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   14.014901]                    ^
[   14.015139]  ffff88810298a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   14.015452]  ffff88810298a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   14.015758] ==================================================================
[   13.969219] ==================================================================
[   13.969797] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   13.970190] Read of size 1 at addr ffff888102675373 by task kunit_try_catch/239
[   13.970997] 
[   13.971197] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   13.971247] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.971259] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.971282] Call Trace:
[   13.971308]  <TASK>
[   13.971327]  dump_stack_lvl+0x73/0xb0
[   13.971375]  print_report+0xd1/0x650
[   13.971399]  ? __virt_addr_valid+0x1db/0x2d0
[   13.971424]  ? mempool_oob_right_helper+0x318/0x380
[   13.971447]  ? kasan_complete_mode_report_info+0x2a/0x200
[   13.971471]  ? mempool_oob_right_helper+0x318/0x380
[   13.971497]  kasan_report+0x141/0x180
[   13.971539]  ? mempool_oob_right_helper+0x318/0x380
[   13.971569]  __asan_report_load1_noabort+0x18/0x20
[   13.971594]  mempool_oob_right_helper+0x318/0x380
[   13.971630]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   13.971653]  ? update_load_avg+0x1be/0x21b0
[   13.971678]  ? dequeue_entities+0x27e/0x1740
[   13.971703]  ? finish_task_switch.isra.0+0x153/0x700
[   13.971730]  mempool_kmalloc_oob_right+0xf2/0x150
[   13.971754]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   13.971782]  ? __pfx_mempool_kmalloc+0x10/0x10
[   13.971807]  ? __pfx_mempool_kfree+0x10/0x10
[   13.971832]  ? __pfx_read_tsc+0x10/0x10
[   13.971854]  ? ktime_get_ts64+0x86/0x230
[   13.971880]  kunit_try_run_case+0x1a5/0x480
[   13.971907]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.971986]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.972015]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.972039]  ? __kthread_parkme+0x82/0x180
[   13.972062]  ? preempt_count_sub+0x50/0x80
[   13.972085]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.972111]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.972135]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.972160]  kthread+0x337/0x6f0
[   13.972178]  ? trace_preempt_on+0x20/0xc0
[   13.972202]  ? __pfx_kthread+0x10/0x10
[   13.972223]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.972244]  ? calculate_sigpending+0x7b/0xa0
[   13.972269]  ? __pfx_kthread+0x10/0x10
[   13.972290]  ret_from_fork+0x116/0x1d0
[   13.972308]  ? __pfx_kthread+0x10/0x10
[   13.972328]  ret_from_fork_asm+0x1a/0x30
[   13.972361]  </TASK>
[   13.972372] 
[   13.981947] Allocated by task 239:
[   13.982355]  kasan_save_stack+0x45/0x70
[   13.982510]  kasan_save_track+0x18/0x40
[   13.982709]  kasan_save_alloc_info+0x3b/0x50
[   13.982862]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   13.983384]  remove_element+0x11e/0x190
[   13.983684]  mempool_alloc_preallocated+0x4d/0x90
[   13.984000]  mempool_oob_right_helper+0x8a/0x380
[   13.984283]  mempool_kmalloc_oob_right+0xf2/0x150
[   13.984509]  kunit_try_run_case+0x1a5/0x480
[   13.984750]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.984950]  kthread+0x337/0x6f0
[   13.985069]  ret_from_fork+0x116/0x1d0
[   13.985365]  ret_from_fork_asm+0x1a/0x30
[   13.985653] 
[   13.985882] The buggy address belongs to the object at ffff888102675300
[   13.985882]  which belongs to the cache kmalloc-128 of size 128
[   13.986339] The buggy address is located 0 bytes to the right of
[   13.986339]  allocated 115-byte region [ffff888102675300, ffff888102675373)
[   13.987313] 
[   13.987409] The buggy address belongs to the physical page:
[   13.987692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102675
[   13.988131] flags: 0x200000000000000(node=0|zone=2)
[   13.988343] page_type: f5(slab)
[   13.988535] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   13.988795] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   13.989222] page dumped because: kasan: bad access detected
[   13.989414] 
[   13.989483] Memory state around the buggy address:
[   13.989771]  ffff888102675200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.990177]  ffff888102675280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.990655] >ffff888102675300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   13.990907]                                                              ^
[   13.991427]  ffff888102675380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.991761]  ffff888102675400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   13.992084] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zc2fAgxa2SvAeue0jkCQWn7vUV

job_id

TEST:linaro@lkft#2zc2lcTBxJmBkRbP0LsmwuesywD

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zc2lcTBxJmBkRbP0LsmwuesywD

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zc2iJmK5AZxQbPUBI8eOknzMTx/bzImage
sha256sum	0d11f4c26ab10e31dc6843de35281b4bf95f794a4482d9f9237ddfa45c7c3f59

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zc2iJmK5AZxQbPUBI8eOknzMTx/modules.tar.xz
sha256sum	a7139be3f3122145b6b24141429c87c9bb7bea3073266108fb33100dce65d51a

durations

tests

boot	0
kunit	218.66

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit