lkft/linux-mainline-master - v6.16-rc6-253-g4871b7cb27f4 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

July 19, 2025, 11:11 a.m.

Environment
qemu-arm64
qemu-x86_64

[   17.235983] ==================================================================
[   17.236058] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   17.236131] Read of size 1 at addr fff00000c6e65473 by task kunit_try_catch/222
[   17.236179] 
[   17.236220] CPU: 1 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   17.236308] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.236337] Hardware name: linux,dummy-virt (DT)
[   17.236370] Call trace:
[   17.236395]  show_stack+0x20/0x38 (C)
[   17.236446]  dump_stack_lvl+0x8c/0xd0
[   17.236496]  print_report+0x118/0x5d0
[   17.236558]  kasan_report+0xdc/0x128
[   17.236604]  __asan_report_load1_noabort+0x20/0x30
[   17.236654]  mempool_oob_right_helper+0x2ac/0x2f0
[   17.236702]  mempool_kmalloc_oob_right+0xc4/0x120
[   17.236751]  kunit_try_run_case+0x170/0x3f0
[   17.236800]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.236853]  kthread+0x328/0x630
[   17.236897]  ret_from_fork+0x10/0x20
[   17.236946] 
[   17.236964] Allocated by task 222:
[   17.236995]  kasan_save_stack+0x3c/0x68
[   17.237036]  kasan_save_track+0x20/0x40
[   17.237074]  kasan_save_alloc_info+0x40/0x58
[   17.237113]  __kasan_mempool_unpoison_object+0x11c/0x180
[   17.237158]  remove_element+0x130/0x1f8
[   17.237195]  mempool_alloc_preallocated+0x58/0xc0
[   17.237235]  mempool_oob_right_helper+0x98/0x2f0
[   17.237274]  mempool_kmalloc_oob_right+0xc4/0x120
[   17.237313]  kunit_try_run_case+0x170/0x3f0
[   17.237352]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.237396]  kthread+0x328/0x630
[   17.237427]  ret_from_fork+0x10/0x20
[   17.237463] 
[   17.237484] The buggy address belongs to the object at fff00000c6e65400
[   17.237484]  which belongs to the cache kmalloc-128 of size 128
[   17.237556] The buggy address is located 0 bytes to the right of
[   17.237556]  allocated 115-byte region [fff00000c6e65400, fff00000c6e65473)
[   17.237620] 
[   17.237642] The buggy address belongs to the physical page:
[   17.237675] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e65
[   17.237833] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   17.237889] page_type: f5(slab)
[   17.237933] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   17.237983] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.238025] page dumped because: kasan: bad access detected
[   17.238055] 
[   17.238073] Memory state around the buggy address:
[   17.238108]  fff00000c6e65300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   17.238152]  fff00000c6e65380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.238195] >fff00000c6e65400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   17.238234]                                                              ^
[   17.238275]  fff00000c6e65480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.238318]  fff00000c6e65500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   17.238356] ==================================================================
[   17.253511] ==================================================================
[   17.253587] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   17.253643] Read of size 1 at addr fff00000c7766001 by task kunit_try_catch/224
[   17.254036] 
[   17.254329] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   17.254589] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.254645] Hardware name: linux,dummy-virt (DT)
[   17.254845] Call trace:
[   17.254878]  show_stack+0x20/0x38 (C)
[   17.255181]  dump_stack_lvl+0x8c/0xd0
[   17.255378]  print_report+0x118/0x5d0
[   17.255448]  kasan_report+0xdc/0x128
[   17.255635]  __asan_report_load1_noabort+0x20/0x30
[   17.255870]  mempool_oob_right_helper+0x2ac/0x2f0
[   17.256012]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   17.256066]  kunit_try_run_case+0x170/0x3f0
[   17.256551]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.256616]  kthread+0x328/0x630
[   17.256661]  ret_from_fork+0x10/0x20
[   17.256707] 
[   17.256728] The buggy address belongs to the physical page:
[   17.256761] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107764
[   17.257086] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.257384] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.257448] page_type: f8(unknown)
[   17.257614] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.257772] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.258128] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.258195] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.258294] head: 0bfffe0000000002 ffffc1ffc31dd901 00000000ffffffff 00000000ffffffff
[   17.258354] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.258401] page dumped because: kasan: bad access detected
[   17.258441] 
[   17.258459] Memory state around the buggy address:
[   17.258492]  fff00000c7765f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.258547]  fff00000c7765f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.258589] >fff00000c7766000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.258627]                    ^
[   17.258655]  fff00000c7766080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.258696]  fff00000c7766100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.258734] ==================================================================
[   17.268126] ==================================================================
[   17.268373] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   17.268572] Read of size 1 at addr fff00000c6e882bb by task kunit_try_catch/226
[   17.268797] 
[   17.268983] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   17.269257] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.269291] Hardware name: linux,dummy-virt (DT)
[   17.269321] Call trace:
[   17.269343]  show_stack+0x20/0x38 (C)
[   17.269392]  dump_stack_lvl+0x8c/0xd0
[   17.269437]  print_report+0x118/0x5d0
[   17.269684]  kasan_report+0xdc/0x128
[   17.269901]  __asan_report_load1_noabort+0x20/0x30
[   17.270024]  mempool_oob_right_helper+0x2ac/0x2f0
[   17.270113]  mempool_slab_oob_right+0xc0/0x118
[   17.270160]  kunit_try_run_case+0x170/0x3f0
[   17.270208]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.270260]  kthread+0x328/0x630
[   17.270301]  ret_from_fork+0x10/0x20
[   17.270362] 
[   17.270381] Allocated by task 226:
[   17.270409]  kasan_save_stack+0x3c/0x68
[   17.270481]  kasan_save_track+0x20/0x40
[   17.270520]  kasan_save_alloc_info+0x40/0x58
[   17.270571]  __kasan_mempool_unpoison_object+0xbc/0x180
[   17.270616]  remove_element+0x16c/0x1f8
[   17.270654]  mempool_alloc_preallocated+0x58/0xc0
[   17.270692]  mempool_oob_right_helper+0x98/0x2f0
[   17.270732]  mempool_slab_oob_right+0xc0/0x118
[   17.270935]  kunit_try_run_case+0x170/0x3f0
[   17.270997]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.271053]  kthread+0x328/0x630
[   17.271086]  ret_from_fork+0x10/0x20
[   17.271183] 
[   17.271275] The buggy address belongs to the object at fff00000c6e88240
[   17.271275]  which belongs to the cache test_cache of size 123
[   17.271336] The buggy address is located 0 bytes to the right of
[   17.271336]  allocated 123-byte region [fff00000c6e88240, fff00000c6e882bb)
[   17.271400] 
[   17.271419] The buggy address belongs to the physical page:
[   17.271450] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106e88
[   17.271510] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   17.271569] page_type: f5(slab)
[   17.271630] raw: 0bfffe0000000000 fff00000c5b79a00 dead000000000122 0000000000000000
[   17.272040] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   17.272092] page dumped because: kasan: bad access detected
[   17.272211] 
[   17.272292] Memory state around the buggy address:
[   17.272325]  fff00000c6e88180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   17.272368]  fff00000c6e88200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   17.272410] >fff00000c6e88280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   17.272447]                                         ^
[   17.272481]  fff00000c6e88300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.272522]  fff00000c6e88380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.272570] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

305hfA52FugtYY6azxShkfpp9Gg

job_id

TEST:linaro@lkft#305hjrHVuMhrP4C74zJJY45Voxp

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/305hjrHVuMhrP4C74zJJY45Voxp

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/305hgM7kYn7x5I10V6otKIGzrYL/Image.gz
sha256sum	c169ac4c7e9b0e4bbf64da467768ab89f00b0225b3c522460b0d6d662bcd1ac5

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/305hgM7kYn7x5I10V6otKIGzrYL/modules.tar.xz
sha256sum	999d2f5e28bad9d0877e65fac807375f30017fd2497321fa0aded245299f46f3

durations

tests

boot	0
kunit	166.76

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   13.521152] ==================================================================
[   13.521665] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   13.521974] Read of size 1 at addr ffff8881039f62bb by task kunit_try_catch/243
[   13.522395] 
[   13.522526] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   13.522575] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.522586] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.522609] Call Trace:
[   13.522622]  <TASK>
[   13.522639]  dump_stack_lvl+0x73/0xb0
[   13.522672]  print_report+0xd1/0x610
[   13.522697]  ? __virt_addr_valid+0x1db/0x2d0
[   13.522721]  ? mempool_oob_right_helper+0x318/0x380
[   13.522745]  ? kasan_complete_mode_report_info+0x2a/0x200
[   13.522767]  ? mempool_oob_right_helper+0x318/0x380
[   13.522791]  kasan_report+0x141/0x180
[   13.522812]  ? mempool_oob_right_helper+0x318/0x380
[   13.522841]  __asan_report_load1_noabort+0x18/0x20
[   13.522865]  mempool_oob_right_helper+0x318/0x380
[   13.522890]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   13.522916]  ? __pfx_sched_clock_cpu+0x10/0x10
[   13.522938]  ? finish_task_switch.isra.0+0x153/0x700
[   13.522964]  mempool_slab_oob_right+0xed/0x140
[   13.522989]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   13.523016]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   13.523041]  ? __pfx_mempool_free_slab+0x10/0x10
[   13.523078]  ? __pfx_read_tsc+0x10/0x10
[   13.523100]  ? ktime_get_ts64+0x86/0x230
[   13.523124]  kunit_try_run_case+0x1a5/0x480
[   13.523150]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.523226]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.523252]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.523275]  ? __kthread_parkme+0x82/0x180
[   13.523296]  ? preempt_count_sub+0x50/0x80
[   13.523319]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.523342]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.523366]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.523390]  kthread+0x337/0x6f0
[   13.523409]  ? trace_preempt_on+0x20/0xc0
[   13.523432]  ? __pfx_kthread+0x10/0x10
[   13.523452]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.523474]  ? calculate_sigpending+0x7b/0xa0
[   13.523509]  ? __pfx_kthread+0x10/0x10
[   13.523530]  ret_from_fork+0x116/0x1d0
[   13.523549]  ? __pfx_kthread+0x10/0x10
[   13.523569]  ret_from_fork_asm+0x1a/0x30
[   13.523601]  </TASK>
[   13.523611] 
[   13.532613] Allocated by task 243:
[   13.532775]  kasan_save_stack+0x45/0x70
[   13.532953]  kasan_save_track+0x18/0x40
[   13.533145]  kasan_save_alloc_info+0x3b/0x50
[   13.533685]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   13.533903]  remove_element+0x11e/0x190
[   13.534090]  mempool_alloc_preallocated+0x4d/0x90
[   13.534318]  mempool_oob_right_helper+0x8a/0x380
[   13.534574]  mempool_slab_oob_right+0xed/0x140
[   13.534764]  kunit_try_run_case+0x1a5/0x480
[   13.534969]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.535232]  kthread+0x337/0x6f0
[   13.535392]  ret_from_fork+0x116/0x1d0
[   13.535555]  ret_from_fork_asm+0x1a/0x30
[   13.535751] 
[   13.535848] The buggy address belongs to the object at ffff8881039f6240
[   13.535848]  which belongs to the cache test_cache of size 123
[   13.536285] The buggy address is located 0 bytes to the right of
[   13.536285]  allocated 123-byte region [ffff8881039f6240, ffff8881039f62bb)
[   13.536915] 
[   13.536992] The buggy address belongs to the physical page:
[   13.537166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f6
[   13.537408] flags: 0x200000000000000(node=0|zone=2)
[   13.537622] page_type: f5(slab)
[   13.537788] raw: 0200000000000000 ffff8881018a9b40 dead000000000122 0000000000000000
[   13.538322] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   13.538607] page dumped because: kasan: bad access detected
[   13.538780] 
[   13.538873] Memory state around the buggy address:
[   13.539214]  ffff8881039f6180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.539548]  ffff8881039f6200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   13.539854] >ffff8881039f6280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   13.540177]                                         ^
[   13.540378]  ffff8881039f6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.540689]  ffff8881039f6380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.540947] ==================================================================
[   13.499392] ==================================================================
[   13.499867] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   13.500220] Read of size 1 at addr ffff88810395e001 by task kunit_try_catch/241
[   13.500517] 
[   13.500608] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   13.500655] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.500666] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.500688] Call Trace:
[   13.500700]  <TASK>
[   13.500715]  dump_stack_lvl+0x73/0xb0
[   13.500746]  print_report+0xd1/0x610
[   13.500768]  ? __virt_addr_valid+0x1db/0x2d0
[   13.500789]  ? mempool_oob_right_helper+0x318/0x380
[   13.500812]  ? kasan_addr_to_slab+0x11/0xa0
[   13.500832]  ? mempool_oob_right_helper+0x318/0x380
[   13.500856]  kasan_report+0x141/0x180
[   13.500876]  ? mempool_oob_right_helper+0x318/0x380
[   13.500905]  __asan_report_load1_noabort+0x18/0x20
[   13.500928]  mempool_oob_right_helper+0x318/0x380
[   13.500953]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   13.500979]  ? irqentry_exit+0x2a/0x60
[   13.501001]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   13.501026]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   13.501051]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   13.501078]  ? __pfx_mempool_kmalloc+0x10/0x10
[   13.501101]  ? __pfx_mempool_kfree+0x10/0x10
[   13.501124]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   13.501151]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   13.501178]  kunit_try_run_case+0x1a5/0x480
[   13.501202]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.501224]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.501249]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.501272]  ? __kthread_parkme+0x82/0x180
[   13.501291]  ? preempt_count_sub+0x50/0x80
[   13.501384]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.501408]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.501432]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.501455]  kthread+0x337/0x6f0
[   13.501474]  ? trace_preempt_on+0x20/0xc0
[   13.501509]  ? __pfx_kthread+0x10/0x10
[   13.501528]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.501550]  ? calculate_sigpending+0x7b/0xa0
[   13.501574]  ? __pfx_kthread+0x10/0x10
[   13.501595]  ret_from_fork+0x116/0x1d0
[   13.501615]  ? __pfx_kthread+0x10/0x10
[   13.501634]  ret_from_fork_asm+0x1a/0x30
[   13.501664]  </TASK>
[   13.501675] 
[   13.510132] The buggy address belongs to the physical page:
[   13.510405] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10395c
[   13.510752] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   13.511027] flags: 0x200000000000040(head|node=0|zone=2)
[   13.511414] page_type: f8(unknown)
[   13.511592] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   13.511880] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   13.512273] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   13.512561] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   13.512867] head: 0200000000000002 ffffea00040e5701 00000000ffffffff 00000000ffffffff
[   13.513272] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   13.513558] page dumped because: kasan: bad access detected
[   13.513770] 
[   13.513862] Memory state around the buggy address:
[   13.514068]  ffff88810395df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   13.514372]  ffff88810395df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   13.514642] >ffff88810395e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   13.514853]                    ^
[   13.514968]  ffff88810395e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   13.515188]  ffff88810395e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   13.515504] ==================================================================
[   13.468400] ==================================================================
[   13.468857] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   13.469319] Read of size 1 at addr ffff8881027e4873 by task kunit_try_catch/239
[   13.469599] 
[   13.469768] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   13.469833] Tainted: [B]=BAD_PAGE, [N]=TEST
[   13.469846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   13.469869] Call Trace:
[   13.469882]  <TASK>
[   13.469900]  dump_stack_lvl+0x73/0xb0
[   13.469934]  print_report+0xd1/0x610
[   13.469957]  ? __virt_addr_valid+0x1db/0x2d0
[   13.469982]  ? mempool_oob_right_helper+0x318/0x380
[   13.470037]  ? kasan_complete_mode_report_info+0x2a/0x200
[   13.470060]  ? mempool_oob_right_helper+0x318/0x380
[   13.470084]  kasan_report+0x141/0x180
[   13.470139]  ? mempool_oob_right_helper+0x318/0x380
[   13.470187]  __asan_report_load1_noabort+0x18/0x20
[   13.470239]  mempool_oob_right_helper+0x318/0x380
[   13.470264]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   13.470288]  ? __kasan_check_write+0x18/0x20
[   13.470308]  ? __pfx_sched_clock_cpu+0x10/0x10
[   13.470330]  ? finish_task_switch.isra.0+0x153/0x700
[   13.470358]  mempool_kmalloc_oob_right+0xf2/0x150
[   13.470390]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   13.470418]  ? __pfx_mempool_kmalloc+0x10/0x10
[   13.470442]  ? __pfx_mempool_kfree+0x10/0x10
[   13.470467]  ? __pfx_read_tsc+0x10/0x10
[   13.470519]  ? ktime_get_ts64+0x86/0x230
[   13.470555]  kunit_try_run_case+0x1a5/0x480
[   13.470582]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.470631]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   13.470667]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   13.470690]  ? __kthread_parkme+0x82/0x180
[   13.470711]  ? preempt_count_sub+0x50/0x80
[   13.470744]  ? __pfx_kunit_try_run_case+0x10/0x10
[   13.470768]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.470792]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   13.470815]  kthread+0x337/0x6f0
[   13.470834]  ? trace_preempt_on+0x20/0xc0
[   13.470857]  ? __pfx_kthread+0x10/0x10
[   13.470877]  ? _raw_spin_unlock_irq+0x47/0x80
[   13.470899]  ? calculate_sigpending+0x7b/0xa0
[   13.470924]  ? __pfx_kthread+0x10/0x10
[   13.470944]  ret_from_fork+0x116/0x1d0
[   13.470962]  ? __pfx_kthread+0x10/0x10
[   13.470982]  ret_from_fork_asm+0x1a/0x30
[   13.471013]  </TASK>
[   13.471024] 
[   13.483491] Allocated by task 239:
[   13.483736]  kasan_save_stack+0x45/0x70
[   13.484251]  kasan_save_track+0x18/0x40
[   13.484415]  kasan_save_alloc_info+0x3b/0x50
[   13.484721]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   13.485242]  remove_element+0x11e/0x190
[   13.485418]  mempool_alloc_preallocated+0x4d/0x90
[   13.485802]  mempool_oob_right_helper+0x8a/0x380
[   13.486055]  mempool_kmalloc_oob_right+0xf2/0x150
[   13.486515]  kunit_try_run_case+0x1a5/0x480
[   13.486803]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   13.487062]  kthread+0x337/0x6f0
[   13.487370]  ret_from_fork+0x116/0x1d0
[   13.487575]  ret_from_fork_asm+0x1a/0x30
[   13.487764] 
[   13.487852] The buggy address belongs to the object at ffff8881027e4800
[   13.487852]  which belongs to the cache kmalloc-128 of size 128
[   13.488744] The buggy address is located 0 bytes to the right of
[   13.488744]  allocated 115-byte region [ffff8881027e4800, ffff8881027e4873)
[   13.489461] 
[   13.489584] The buggy address belongs to the physical page:
[   13.490040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027e4
[   13.490525] flags: 0x200000000000000(node=0|zone=2)
[   13.490906] page_type: f5(slab)
[   13.491287] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   13.491640] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   13.492275] page dumped because: kasan: bad access detected
[   13.492538] 
[   13.492630] Memory state around the buggy address:
[   13.492984]  ffff8881027e4700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   13.493450]  ffff8881027e4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.493914] >ffff8881027e4800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   13.494402]                                                              ^
[   13.494871]  ffff8881027e4880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   13.495432]  ffff8881027e4900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   13.495947] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

305hfA52FugtYY6azxShkfpp9Gg

job_id

TEST:linaro@lkft#305hkxk4umYymvAHR1enE6Lr0J7

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/305hkxk4umYymvAHR1enE6Lr0J7

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/305hhgky404tq48MM3xCR4i6zld/bzImage
sha256sum	4b79c38ff9b1d3fd5b9bc01d29127c64ba58368915842f230bb5db740b0e37c2

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/305hhgky404tq48MM3xCR4i6zld/modules.tar.xz
sha256sum	3ef36255dcc209be48379112d67feb901ccf616788896aa1facf84baa027e63e

durations

tests

boot	0
kunit	219.36

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit