lkft/linux-next-master - next-20250716 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

July 16, 2025, 12:11 p.m.

Environment
qemu-arm64
qemu-x86_64

[   32.638202] ==================================================================
[   32.638270] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   32.638526] Read of size 1 at addr fff00000c9bf2001 by task kunit_try_catch/254
[   32.638578] 
[   32.639161] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250716 #1 PREEMPT 
[   32.639370] Tainted: [B]=BAD_PAGE, [N]=TEST
[   32.639436] Hardware name: linux,dummy-virt (DT)
[   32.639468] Call trace:
[   32.639493]  show_stack+0x20/0x38 (C)
[   32.639925]  dump_stack_lvl+0x8c/0xd0
[   32.639978]  print_report+0x118/0x5d0
[   32.640023]  kasan_report+0xdc/0x128
[   32.640067]  __asan_report_load1_noabort+0x20/0x30
[   32.640114]  mempool_oob_right_helper+0x2ac/0x2f0
[   32.640388]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   32.640862]  kunit_try_run_case+0x170/0x3f0
[   32.640923]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.640976]  kthread+0x328/0x630
[   32.641392]  ret_from_fork+0x10/0x20
[   32.641488] 
[   32.641529] The buggy address belongs to the physical page:
[   32.641562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109bf0
[   32.641920] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   32.641974] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   32.642175] page_type: f8(unknown)
[   32.642379] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   32.642435] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   32.642486] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   32.642612] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   32.642879] head: 0bfffe0000000002 ffffc1ffc326fc01 00000000ffffffff 00000000ffffffff
[   32.642967] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   32.643016] page dumped because: kasan: bad access detected
[   32.643202] 
[   32.643222] Memory state around the buggy address:
[   32.643298]  fff00000c9bf1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   32.643373]  fff00000c9bf1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   32.643431] >fff00000c9bf2000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   32.643816]                    ^
[   32.643951]  fff00000c9bf2080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   32.643998]  fff00000c9bf2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   32.644038] ==================================================================
[   32.626891] ==================================================================
[   32.626961] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   32.627035] Read of size 1 at addr fff00000c9ba2273 by task kunit_try_catch/252
[   32.627087] 
[   32.627128] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250716 #1 PREEMPT 
[   32.627219] Tainted: [B]=BAD_PAGE, [N]=TEST
[   32.627247] Hardware name: linux,dummy-virt (DT)
[   32.627282] Call trace:
[   32.627308]  show_stack+0x20/0x38 (C)
[   32.627359]  dump_stack_lvl+0x8c/0xd0
[   32.627409]  print_report+0x118/0x5d0
[   32.627453]  kasan_report+0xdc/0x128
[   32.627495]  __asan_report_load1_noabort+0x20/0x30
[   32.627560]  mempool_oob_right_helper+0x2ac/0x2f0
[   32.627610]  mempool_kmalloc_oob_right+0xc4/0x120
[   32.627660]  kunit_try_run_case+0x170/0x3f0
[   32.627712]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.627775]  kthread+0x328/0x630
[   32.628026]  ret_from_fork+0x10/0x20
[   32.628076] 
[   32.628096] Allocated by task 252:
[   32.628126]  kasan_save_stack+0x3c/0x68
[   32.628168]  kasan_save_track+0x20/0x40
[   32.628204]  kasan_save_alloc_info+0x40/0x58
[   32.628244]  __kasan_mempool_unpoison_object+0x11c/0x180
[   32.628291]  remove_element+0x130/0x1f8
[   32.628333]  mempool_alloc_preallocated+0x58/0xc0
[   32.628375]  mempool_oob_right_helper+0x98/0x2f0
[   32.628416]  mempool_kmalloc_oob_right+0xc4/0x120
[   32.628459]  kunit_try_run_case+0x170/0x3f0
[   32.628496]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.628555]  kthread+0x328/0x630
[   32.628588]  ret_from_fork+0x10/0x20
[   32.628623] 
[   32.628644] The buggy address belongs to the object at fff00000c9ba2200
[   32.628644]  which belongs to the cache kmalloc-128 of size 128
[   32.628705] The buggy address is located 0 bytes to the right of
[   32.628705]  allocated 115-byte region [fff00000c9ba2200, fff00000c9ba2273)
[   32.628771] 
[   32.628794] The buggy address belongs to the physical page:
[   32.628828] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109ba2
[   32.628887] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   32.628940] page_type: f5(slab)
[   32.628987] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   32.629039] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   32.629084] page dumped because: kasan: bad access detected
[   32.629118] 
[   32.629136] Memory state around the buggy address:
[   32.629172]  fff00000c9ba2100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   32.629217]  fff00000c9ba2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.629260] >fff00000c9ba2200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   32.629301]                                                              ^
[   32.629344]  fff00000c9ba2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.629388]  fff00000c9ba2300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   32.629427] ==================================================================
[   32.654890] ==================================================================
[   32.655153] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   32.655393] Read of size 1 at addr fff00000c9b0a2bb by task kunit_try_catch/256
[   32.655640] 
[   32.655922] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250716 #1 PREEMPT 
[   32.656198] Tainted: [B]=BAD_PAGE, [N]=TEST
[   32.656395] Hardware name: linux,dummy-virt (DT)
[   32.656535] Call trace:
[   32.656569]  show_stack+0x20/0x38 (C)
[   32.656649]  dump_stack_lvl+0x8c/0xd0
[   32.656955]  print_report+0x118/0x5d0
[   32.657245]  kasan_report+0xdc/0x128
[   32.657483]  __asan_report_load1_noabort+0x20/0x30
[   32.657548]  mempool_oob_right_helper+0x2ac/0x2f0
[   32.657599]  mempool_slab_oob_right+0xc0/0x118
[   32.657690]  kunit_try_run_case+0x170/0x3f0
[   32.657917]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.657972]  kthread+0x328/0x630
[   32.658014]  ret_from_fork+0x10/0x20
[   32.658114] 
[   32.658133] Allocated by task 256:
[   32.658184]  kasan_save_stack+0x3c/0x68
[   32.658234]  kasan_save_track+0x20/0x40
[   32.658270]  kasan_save_alloc_info+0x40/0x58
[   32.658308]  __kasan_mempool_unpoison_object+0xbc/0x180
[   32.658350]  remove_element+0x16c/0x1f8
[   32.658438]  mempool_alloc_preallocated+0x58/0xc0
[   32.658652]  mempool_oob_right_helper+0x98/0x2f0
[   32.658693]  mempool_slab_oob_right+0xc0/0x118
[   32.658734]  kunit_try_run_case+0x170/0x3f0
[   32.658810]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.659014]  kthread+0x328/0x630
[   32.659143]  ret_from_fork+0x10/0x20
[   32.659181] 
[   32.659200] The buggy address belongs to the object at fff00000c9b0a240
[   32.659200]  which belongs to the cache test_cache of size 123
[   32.659303] The buggy address is located 0 bytes to the right of
[   32.659303]  allocated 123-byte region [fff00000c9b0a240, fff00000c9b0a2bb)
[   32.659461] 
[   32.659481] The buggy address belongs to the physical page:
[   32.659527] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109b0a
[   32.659580] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   32.659627] page_type: f5(slab)
[   32.659665] raw: 0bfffe0000000000 fff00000c56a1c80 dead000000000122 0000000000000000
[   32.659717] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   32.660016] page dumped because: kasan: bad access detected
[   32.660189] 
[   32.660383] Memory state around the buggy address:
[   32.660423]  fff00000c9b0a180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   32.660490]  fff00000c9b0a200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   32.660545] >fff00000c9b0a280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   32.660584]                                         ^
[   32.660618]  fff00000c9b0a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.660875]  fff00000c9b0a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.660973] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zxLYbkO55A3MZOuL8WgggPQedZ

job_id

TEST:linaro@lkft#2zxLeGb0Cz9DWdDOuIcvrHgzPHF

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zxLeGb0Cz9DWdDOuIcvrHgzPHF

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zxLaFD9LrwPBdmkVRgfB1whiL3/Image.gz
sha256sum	52b0e0b4d3e1142256a1a9b955e87dd8182ac318909544344275afea897b330f

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zxLaFD9LrwPBdmkVRgfB1whiL3/modules.tar.xz
sha256sum	45cab41eb8bcd09ba6c3a39112d26defc4ebbd207b893e79d28b0eac868edbc7

durations

tests

boot	0
kunit	166.17

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   24.753112] ==================================================================
[   24.753666] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   24.754227] Read of size 1 at addr ffff8881060fe001 by task kunit_try_catch/272
[   24.754739] 
[   24.754864] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) 
[   24.754923] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.754937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   24.754960] Call Trace:
[   24.754977]  <TASK>
[   24.755000]  dump_stack_lvl+0x73/0xb0
[   24.755039]  print_report+0xd1/0x610
[   24.755066]  ? __virt_addr_valid+0x1db/0x2d0
[   24.755096]  ? mempool_oob_right_helper+0x318/0x380
[   24.755123]  ? kasan_addr_to_slab+0x11/0xa0
[   24.755146]  ? mempool_oob_right_helper+0x318/0x380
[   24.755171]  kasan_report+0x141/0x180
[   24.755194]  ? mempool_oob_right_helper+0x318/0x380
[   24.755224]  __asan_report_load1_noabort+0x18/0x20
[   24.755249]  mempool_oob_right_helper+0x318/0x380
[   24.755275]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   24.755315]  ? dequeue_entities+0x23f/0x1630
[   24.755344]  ? __pfx_sched_clock_cpu+0x10/0x10
[   24.755369]  ? finish_task_switch.isra.0+0x153/0x700
[   24.755397]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   24.755424]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   24.755455]  ? __pfx_mempool_kmalloc+0x10/0x10
[   24.755483]  ? __pfx_mempool_kfree+0x10/0x10
[   24.755510]  ? __pfx_read_tsc+0x10/0x10
[   24.755537]  ? ktime_get_ts64+0x86/0x230
[   24.755565]  kunit_try_run_case+0x1a5/0x480
[   24.755605]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.755628]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   24.755655]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   24.755681]  ? __kthread_parkme+0x82/0x180
[   24.755705]  ? preempt_count_sub+0x50/0x80
[   24.755730]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.755756]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.755785]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   24.755813]  kthread+0x337/0x6f0
[   24.755834]  ? trace_preempt_on+0x20/0xc0
[   24.755862]  ? __pfx_kthread+0x10/0x10
[   24.755884]  ? _raw_spin_unlock_irq+0x47/0x80
[   24.755908]  ? calculate_sigpending+0x7b/0xa0
[   24.755935]  ? __pfx_kthread+0x10/0x10
[   24.755958]  ret_from_fork+0x116/0x1d0
[   24.755980]  ? __pfx_kthread+0x10/0x10
[   24.756002]  ret_from_fork_asm+0x1a/0x30
[   24.756038]  </TASK>
[   24.756051] 
[   24.764438] The buggy address belongs to the physical page:
[   24.764835] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060fc
[   24.765265] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.765642] flags: 0x200000000000040(head|node=0|zone=2)
[   24.765869] page_type: f8(unknown)
[   24.766040] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   24.766356] raw: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   24.766719] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   24.766946] head: 0000000000000000 0000000000000000 00000000f8000000 0000000000000000
[   24.767171] head: 0200000000000002 ffffea0004183f01 00000000ffffffff 00000000ffffffff
[   24.767509] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   24.767840] page dumped because: kasan: bad access detected
[   24.768095] 
[   24.768184] Memory state around the buggy address:
[   24.768414]  ffff8881060fdf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.768759]  ffff8881060fdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.769170] >ffff8881060fe000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.769462]                    ^
[   24.769592]  ffff8881060fe080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.769980]  ffff8881060fe100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.770254] ==================================================================
[   24.775519] ==================================================================
[   24.776021] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   24.776367] Read of size 1 at addr ffff8881053b82bb by task kunit_try_catch/274
[   24.776762] 
[   24.776886] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) 
[   24.776941] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.776954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   24.776977] Call Trace:
[   24.776993]  <TASK>
[   24.777013]  dump_stack_lvl+0x73/0xb0
[   24.777045]  print_report+0xd1/0x610
[   24.777069]  ? __virt_addr_valid+0x1db/0x2d0
[   24.777095]  ? mempool_oob_right_helper+0x318/0x380
[   24.777118]  ? kasan_complete_mode_report_info+0x2a/0x200
[   24.777144]  ? mempool_oob_right_helper+0x318/0x380
[   24.777167]  kasan_report+0x141/0x180
[   24.777188]  ? mempool_oob_right_helper+0x318/0x380
[   24.777217]  __asan_report_load1_noabort+0x18/0x20
[   24.777240]  mempool_oob_right_helper+0x318/0x380
[   24.777264]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   24.777300]  ? __pfx_sched_clock_cpu+0x10/0x10
[   24.777323]  ? finish_task_switch.isra.0+0x153/0x700
[   24.777347]  mempool_slab_oob_right+0xed/0x140
[   24.777371]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   24.777396]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   24.777421]  ? __pfx_mempool_free_slab+0x10/0x10
[   24.777447]  ? __pfx_read_tsc+0x10/0x10
[   24.777469]  ? ktime_get_ts64+0x86/0x230
[   24.777494]  kunit_try_run_case+0x1a5/0x480
[   24.777519]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.777541]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   24.777565]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   24.777594]  ? __kthread_parkme+0x82/0x180
[   24.777615]  ? preempt_count_sub+0x50/0x80
[   24.777636]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.777661]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.777688]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   24.777714]  kthread+0x337/0x6f0
[   24.777743]  ? trace_preempt_on+0x20/0xc0
[   24.777768]  ? __pfx_kthread+0x10/0x10
[   24.777788]  ? _raw_spin_unlock_irq+0x47/0x80
[   24.777808]  ? calculate_sigpending+0x7b/0xa0
[   24.777833]  ? __pfx_kthread+0x10/0x10
[   24.777855]  ret_from_fork+0x116/0x1d0
[   24.777894]  ? __pfx_kthread+0x10/0x10
[   24.777915]  ret_from_fork_asm+0x1a/0x30
[   24.777947]  </TASK>
[   24.777958] 
[   24.785947] Allocated by task 274:
[   24.786144]  kasan_save_stack+0x45/0x70
[   24.786341]  kasan_save_track+0x18/0x40
[   24.786492]  kasan_save_alloc_info+0x3b/0x50
[   24.786698]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   24.786866]  remove_element+0x11e/0x190
[   24.786998]  mempool_alloc_preallocated+0x4d/0x90
[   24.787274]  mempool_oob_right_helper+0x8a/0x380
[   24.787505]  mempool_slab_oob_right+0xed/0x140
[   24.787792]  kunit_try_run_case+0x1a5/0x480
[   24.787934]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.788105]  kthread+0x337/0x6f0
[   24.788220]  ret_from_fork+0x116/0x1d0
[   24.788356]  ret_from_fork_asm+0x1a/0x30
[   24.788529] 
[   24.788617] The buggy address belongs to the object at ffff8881053b8240
[   24.788617]  which belongs to the cache test_cache of size 123
[   24.789137] The buggy address is located 0 bytes to the right of
[   24.789137]  allocated 123-byte region [ffff8881053b8240, ffff8881053b82bb)
[   24.789848] 
[   24.792296] The buggy address belongs to the physical page:
[   24.792520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1053b8
[   24.792868] flags: 0x200000000000000(node=0|zone=2)
[   24.793066] page_type: f5(slab)
[   24.793224] raw: 0200000000000000 ffff888101a65dc0 dead000000000122 0000000000000000
[   24.793528] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   24.794134] page dumped because: kasan: bad access detected
[   24.794380] 
[   24.794446] Memory state around the buggy address:
[   24.794680]  ffff8881053b8180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   24.794976]  ffff8881053b8200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   24.795250] >ffff8881053b8280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   24.795545]                                         ^
[   24.795871]  ffff8881053b8300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.796255]  ffff8881053b8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.796561] ==================================================================
[   24.724658] ==================================================================
[   24.725237] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   24.725576] Read of size 1 at addr ffff88810539fe73 by task kunit_try_catch/270
[   24.726414] 
[   24.726525] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250716 #1 PREEMPT(voluntary) 
[   24.726586] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.726600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   24.726624] Call Trace:
[   24.726639]  <TASK>
[   24.726662]  dump_stack_lvl+0x73/0xb0
[   24.726698]  print_report+0xd1/0x610
[   24.726723]  ? __virt_addr_valid+0x1db/0x2d0
[   24.726750]  ? mempool_oob_right_helper+0x318/0x380
[   24.726772]  ? kasan_complete_mode_report_info+0x2a/0x200
[   24.726798]  ? mempool_oob_right_helper+0x318/0x380
[   24.726821]  kasan_report+0x141/0x180
[   24.726843]  ? mempool_oob_right_helper+0x318/0x380
[   24.726870]  __asan_report_load1_noabort+0x18/0x20
[   24.726894]  mempool_oob_right_helper+0x318/0x380
[   24.726918]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   24.726945]  ? finish_task_switch.isra.0+0x153/0x700
[   24.726971]  mempool_kmalloc_oob_right+0xf2/0x150
[   24.726994]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   24.727020]  ? __pfx_mempool_kmalloc+0x10/0x10
[   24.727047]  ? __pfx_mempool_kfree+0x10/0x10
[   24.727072]  ? __pfx_read_tsc+0x10/0x10
[   24.727094]  ? ktime_get_ts64+0x86/0x230
[   24.727120]  kunit_try_run_case+0x1a5/0x480
[   24.727147]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.727168]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   24.727192]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   24.727214]  ? __kthread_parkme+0x82/0x180
[   24.727235]  ? preempt_count_sub+0x50/0x80
[   24.727257]  ? __pfx_kunit_try_run_case+0x10/0x10
[   24.727279]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.727515]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   24.727550]  kthread+0x337/0x6f0
[   24.727573]  ? trace_preempt_on+0x20/0xc0
[   24.727598]  ? __pfx_kthread+0x10/0x10
[   24.727618]  ? _raw_spin_unlock_irq+0x47/0x80
[   24.727639]  ? calculate_sigpending+0x7b/0xa0
[   24.727665]  ? __pfx_kthread+0x10/0x10
[   24.727687]  ret_from_fork+0x116/0x1d0
[   24.727707]  ? __pfx_kthread+0x10/0x10
[   24.727727]  ret_from_fork_asm+0x1a/0x30
[   24.727760]  </TASK>
[   24.727772] 
[   24.738753] Allocated by task 270:
[   24.738954]  kasan_save_stack+0x45/0x70
[   24.739278]  kasan_save_track+0x18/0x40
[   24.739467]  kasan_save_alloc_info+0x3b/0x50
[   24.739701]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   24.740232]  remove_element+0x11e/0x190
[   24.740397]  mempool_alloc_preallocated+0x4d/0x90
[   24.740556]  mempool_oob_right_helper+0x8a/0x380
[   24.740879]  mempool_kmalloc_oob_right+0xf2/0x150
[   24.741191]  kunit_try_run_case+0x1a5/0x480
[   24.741428]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   24.741784]  kthread+0x337/0x6f0
[   24.742081]  ret_from_fork+0x116/0x1d0
[   24.742280]  ret_from_fork_asm+0x1a/0x30
[   24.742472] 
[   24.742566] The buggy address belongs to the object at ffff88810539fe00
[   24.742566]  which belongs to the cache kmalloc-128 of size 128
[   24.742968] The buggy address is located 0 bytes to the right of
[   24.742968]  allocated 115-byte region [ffff88810539fe00, ffff88810539fe73)
[   24.743785] 
[   24.743939] The buggy address belongs to the physical page:
[   24.744158] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10539f
[   24.744727] flags: 0x200000000000000(node=0|zone=2)
[   24.745048] page_type: f5(slab)
[   24.745244] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   24.745565] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   24.745863] page dumped because: kasan: bad access detected
[   24.746027] 
[   24.746185] Memory state around the buggy address:
[   24.746456]  ffff88810539fd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   24.746793]  ffff88810539fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.747180] >ffff88810539fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   24.747422]                                                              ^
[   24.747862]  ffff88810539fe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.748363]  ffff88810539ff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   24.748763] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zxLYbkO55A3MZOuL8WgggPQedZ

job_id

TEST:linaro@lkft#2zxLfHMSY6akRqbBhVsf5z5iz9e

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zxLfHMSY6akRqbBhVsf5z5iz9e

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zxLbmLo3GA6FujcMpRElLVLfuq/bzImage
sha256sum	97fecc995324d61966003161d99859708a9b079452d45536b9403860fef72719

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zxLbmLo3GA6FujcMpRElLVLfuq/modules.tar.xz
sha256sum	ce1222732442295d109620928fd8d84fb1cc2fb5dcb61e49ba48e8a442ce3bba

durations

tests

boot	0
kunit	232.49

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit