lkft/linux-stable-rc-linux-6.15.y - v6.15.1-35-g04e133874a24 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

June 7, 2025, 10:40 a.m.

Environment
qemu-arm64
qemu-x86_64

[   25.007551] ==================================================================
[   25.007653] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   25.007753] Read of size 1 at addr fff00000c770e2bb by task kunit_try_catch/229
[   25.008712] 
[   25.008793] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G    B            N  6.15.2-rc1 #1 PREEMPT 
[   25.009251] Tainted: [B]=BAD_PAGE, [N]=TEST
[   25.009296] Hardware name: linux,dummy-virt (DT)
[   25.009338] Call trace:
[   25.009373]  show_stack+0x20/0x38 (C)
[   25.009465]  dump_stack_lvl+0x8c/0xd0
[   25.009526]  print_report+0x118/0x608
[   25.009579]  kasan_report+0xdc/0x128
[   25.009629]  __asan_report_load1_noabort+0x20/0x30
[   25.009689]  mempool_oob_right_helper+0x2ac/0x2f0
[   25.009748]  mempool_slab_oob_right+0xc0/0x118
[   25.009803]  kunit_try_run_case+0x170/0x3f0
[   25.009874]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   25.009994]  kthread+0x328/0x630
[   25.010094]  ret_from_fork+0x10/0x20
[   25.010213] 
[   25.010237] Allocated by task 229:
[   25.010275]  kasan_save_stack+0x3c/0x68
[   25.010341]  kasan_save_track+0x20/0x40
[   25.010434]  kasan_save_alloc_info+0x40/0x58
[   25.010486]  __kasan_mempool_unpoison_object+0xbc/0x180
[   25.010539]  remove_element+0x16c/0x1f8
[   25.010592]  mempool_alloc_preallocated+0x58/0xc0
[   25.011020]  mempool_oob_right_helper+0x98/0x2f0
[   25.011127]  mempool_slab_oob_right+0xc0/0x118
[   25.011218]  kunit_try_run_case+0x170/0x3f0
[   25.011290]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   25.011368]  kthread+0x328/0x630
[   25.011424]  ret_from_fork+0x10/0x20
[   25.011474] 
[   25.011501] The buggy address belongs to the object at fff00000c770e240
[   25.011501]  which belongs to the cache test_cache of size 123
[   25.011608] The buggy address is located 0 bytes to the right of
[   25.011608]  allocated 123-byte region [fff00000c770e240, fff00000c770e2bb)
[   25.011689] 
[   25.011877] The buggy address belongs to the physical page:
[   25.011965] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10770e
[   25.012052] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   25.012125] page_type: f5(slab)
[   25.012184] raw: 0bfffe0000000000 fff00000c56b5780 dead000000000122 0000000000000000
[   25.012536] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   25.012608] page dumped because: kasan: bad access detected
[   25.012664] 
[   25.012723] Memory state around the buggy address:
[   25.012807]  fff00000c770e180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   25.012879]  fff00000c770e200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   25.012928] >fff00000c770e280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   25.012972]                                         ^
[   25.013015]  fff00000c770e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.013065]  fff00000c770e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   25.013182] ==================================================================
[   24.992233] ==================================================================
[   24.992355] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   24.992484] Read of size 1 at addr fff00000c784a001 by task kunit_try_catch/227
[   24.992548] 
[   24.992604] CPU: 1 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G    B            N  6.15.2-rc1 #1 PREEMPT 
[   24.992715] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.992745] Hardware name: linux,dummy-virt (DT)
[   24.992790] Call trace:
[   24.992822]  show_stack+0x20/0x38 (C)
[   24.992884]  dump_stack_lvl+0x8c/0xd0
[   24.992945]  print_report+0x118/0x608
[   24.992996]  kasan_report+0xdc/0x128
[   24.993048]  __asan_report_load1_noabort+0x20/0x30
[   24.993108]  mempool_oob_right_helper+0x2ac/0x2f0
[   24.993178]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   24.993301]  kunit_try_run_case+0x170/0x3f0
[   24.993365]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.993442]  kthread+0x328/0x630
[   24.993500]  ret_from_fork+0x10/0x20
[   24.993627] 
[   24.993801] The buggy address belongs to the physical page:
[   24.993993] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107848
[   24.994081] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   24.994140] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   24.994787] page_type: f8(unknown)
[   24.994918] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   24.994984] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   24.995045] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   24.995102] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   24.995160] head: 0bfffe0000000002 ffffc1ffc31e1201 00000000ffffffff 00000000ffffffff
[   24.995216] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   24.995261] page dumped because: kasan: bad access detected
[   24.995301] 
[   24.995322] Memory state around the buggy address:
[   24.995369]  fff00000c7849f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.995441]  fff00000c7849f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   24.995583] >fff00000c784a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.995645]                    ^
[   24.995687]  fff00000c784a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.995754]  fff00000c784a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   24.995797] ==================================================================
[   24.959523] ==================================================================
[   24.959664] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   24.959782] Read of size 1 at addr fff00000c6a86a73 by task kunit_try_catch/225
[   24.959846] 
[   24.959906] CPU: 0 UID: 0 PID: 225 Comm: kunit_try_catch Tainted: G    B            N  6.15.2-rc1 #1 PREEMPT 
[   24.960016] Tainted: [B]=BAD_PAGE, [N]=TEST
[   24.960049] Hardware name: linux,dummy-virt (DT)
[   24.960094] Call trace:
[   24.960127]  show_stack+0x20/0x38 (C)
[   24.960191]  dump_stack_lvl+0x8c/0xd0
[   24.960256]  print_report+0x118/0x608
[   24.960309]  kasan_report+0xdc/0x128
[   24.960361]  __asan_report_load1_noabort+0x20/0x30
[   24.960435]  mempool_oob_right_helper+0x2ac/0x2f0
[   24.960500]  mempool_kmalloc_oob_right+0xc4/0x120
[   24.960559]  kunit_try_run_case+0x170/0x3f0
[   24.960622]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.960686]  kthread+0x328/0x630
[   24.960743]  ret_from_fork+0x10/0x20
[   24.960800] 
[   24.960823] Allocated by task 225:
[   24.960861]  kasan_save_stack+0x3c/0x68
[   24.960914]  kasan_save_track+0x20/0x40
[   24.960960]  kasan_save_alloc_info+0x40/0x58
[   24.961007]  __kasan_mempool_unpoison_object+0x11c/0x180
[   24.961059]  remove_element+0x130/0x1f8
[   24.961106]  mempool_alloc_preallocated+0x58/0xc0
[   24.961158]  mempool_oob_right_helper+0x98/0x2f0
[   24.961209]  mempool_kmalloc_oob_right+0xc4/0x120
[   24.961273]  kunit_try_run_case+0x170/0x3f0
[   24.961327]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   24.961380]  kthread+0x328/0x630
[   24.961436]  ret_from_fork+0x10/0x20
[   24.961484] 
[   24.961512] The buggy address belongs to the object at fff00000c6a86a00
[   24.961512]  which belongs to the cache kmalloc-128 of size 128
[   24.961582] The buggy address is located 0 bytes to the right of
[   24.961582]  allocated 115-byte region [fff00000c6a86a00, fff00000c6a86a73)
[   24.961658] 
[   24.961687] The buggy address belongs to the physical page:
[   24.961730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106a86
[   24.961797] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   24.961863] page_type: f5(slab)
[   24.961916] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   24.961979] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   24.962028] page dumped because: kasan: bad access detected
[   24.962064] 
[   24.962087] Memory state around the buggy address:
[   24.962128]  fff00000c6a86900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   24.962180]  fff00000c6a86980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.962233] >fff00000c6a86a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   24.962277]                                                              ^
[   24.962338]  fff00000c6a86a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   24.962417]  fff00000c6a86b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   24.962495] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2yB0gIpV00SQv6iVnfHfZMmLnJi

job_id

TEST:linaro@lkft#2yB0l1lM4PPUPWLjAP2OyhEuEu2

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2yB0l1lM4PPUPWLjAP2OyhEuEu2

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yB0hRG4OZ41JIc4J6kshzREMIB/Image.gz
sha256sum	1b531226140e142190e4cd0e4f3862050b0e2c45e059974a53d69b2b25304bf8

rootfs

url	https://storage.tuxboot.com/debian/20250605/trixie/arm64/rootfs.ext4.xz
sha256sum	905f5619346e1db164ac162d2472afab1c1502c840ccd8eb365c2a644148903b

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yB0hRG4OZ41JIc4J6kshzREMIB/modules.tar.xz
sha256sum	96aed9ab36b698bb4c9bf06650847db2adf83170cdf96c9ed9e744a15d7b27ec

durations

tests

boot	0
kunit	362.08

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   15.409864] ==================================================================
[   15.410294] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   15.411181] Read of size 1 at addr ffff8881039f02bb by task kunit_try_catch/245
[   15.411348] 
[   15.411597] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G    B            N  6.15.2-rc1 #1 PREEMPT(voluntary) 
[   15.411741] Tainted: [B]=BAD_PAGE, [N]=TEST
[   15.411834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   15.411862] Call Trace:
[   15.411879]  <TASK>
[   15.411977]  dump_stack_lvl+0x73/0xb0
[   15.412019]  print_report+0xd1/0x650
[   15.412045]  ? __virt_addr_valid+0x1db/0x2d0
[   15.412071]  ? mempool_oob_right_helper+0x318/0x380
[   15.412093]  ? kasan_complete_mode_report_info+0x2a/0x200
[   15.412114]  ? mempool_oob_right_helper+0x318/0x380
[   15.412137]  kasan_report+0x141/0x180
[   15.412158]  ? mempool_oob_right_helper+0x318/0x380
[   15.412573]  __asan_report_load1_noabort+0x18/0x20
[   15.412612]  mempool_oob_right_helper+0x318/0x380
[   15.412641]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   15.412667]  ? finish_task_switch.isra.0+0x153/0x700
[   15.412698]  mempool_slab_oob_right+0xed/0x140
[   15.412719]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   15.412739]  ? dequeue_task_fair+0x166/0x4e0
[   15.412776]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   15.412799]  ? __pfx_mempool_free_slab+0x10/0x10
[   15.412819]  ? __pfx_read_tsc+0x10/0x10
[   15.412839]  ? ktime_get_ts64+0x86/0x230
[   15.412866]  kunit_try_run_case+0x1a5/0x480
[   15.412893]  ? __pfx_kunit_try_run_case+0x10/0x10
[   15.412914]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   15.412939]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   15.412961]  ? __kthread_parkme+0x82/0x180
[   15.412983]  ? preempt_count_sub+0x50/0x80
[   15.413006]  ? __pfx_kunit_try_run_case+0x10/0x10
[   15.413027]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   15.413048]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   15.413069]  kthread+0x337/0x6f0
[   15.413086]  ? trace_preempt_on+0x20/0xc0
[   15.413111]  ? __pfx_kthread+0x10/0x10
[   15.413128]  ? _raw_spin_unlock_irq+0x47/0x80
[   15.413148]  ? calculate_sigpending+0x7b/0xa0
[   15.413171]  ? __pfx_kthread+0x10/0x10
[   15.413190]  ret_from_fork+0x41/0x80
[   15.413210]  ? __pfx_kthread+0x10/0x10
[   15.413228]  ret_from_fork_asm+0x1a/0x30
[   15.413259]  </TASK>
[   15.413273] 
[   15.425071] Allocated by task 245:
[   15.425659]  kasan_save_stack+0x45/0x70
[   15.425915]  kasan_save_track+0x18/0x40
[   15.426659]  kasan_save_alloc_info+0x3b/0x50
[   15.427144]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   15.427290]  remove_element+0x11e/0x190
[   15.427987]  mempool_alloc_preallocated+0x4d/0x90
[   15.428121]  mempool_oob_right_helper+0x8a/0x380
[   15.428289]  mempool_slab_oob_right+0xed/0x140
[   15.428577]  kunit_try_run_case+0x1a5/0x480
[   15.428882]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   15.429254]  kthread+0x337/0x6f0
[   15.429755]  ret_from_fork+0x41/0x80
[   15.430097]  ret_from_fork_asm+0x1a/0x30
[   15.430426] 
[   15.430498] The buggy address belongs to the object at ffff8881039f0240
[   15.430498]  which belongs to the cache test_cache of size 123
[   15.431528] The buggy address is located 0 bytes to the right of
[   15.431528]  allocated 123-byte region [ffff8881039f0240, ffff8881039f02bb)
[   15.432336] 
[   15.432457] The buggy address belongs to the physical page:
[   15.432632] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f0
[   15.433680] flags: 0x200000000000000(node=0|zone=2)
[   15.434016] page_type: f5(slab)
[   15.434144] raw: 0200000000000000 ffff888101c8f8c0 dead000000000122 0000000000000000
[   15.434512] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   15.434766] page dumped because: kasan: bad access detected
[   15.435059] 
[   15.435148] Memory state around the buggy address:
[   15.435383]  ffff8881039f0180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   15.436169]  ffff8881039f0200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   15.436431] >ffff8881039f0280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   15.437037]                                         ^
[   15.437343]  ffff8881039f0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.437884]  ffff8881039f0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.438535] ==================================================================
[   15.383445] ==================================================================
[   15.384150] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   15.384383] Read of size 1 at addr ffff888103986001 by task kunit_try_catch/243
[   15.384826] 
[   15.384946] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G    B            N  6.15.2-rc1 #1 PREEMPT(voluntary) 
[   15.385025] Tainted: [B]=BAD_PAGE, [N]=TEST
[   15.385039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   15.385063] Call Trace:
[   15.385079]  <TASK>
[   15.385100]  dump_stack_lvl+0x73/0xb0
[   15.385131]  print_report+0xd1/0x650
[   15.385157]  ? __virt_addr_valid+0x1db/0x2d0
[   15.385181]  ? mempool_oob_right_helper+0x318/0x380
[   15.385206]  ? kasan_addr_to_slab+0x11/0xa0
[   15.385227]  ? mempool_oob_right_helper+0x318/0x380
[   15.385536]  kasan_report+0x141/0x180
[   15.385619]  ? mempool_oob_right_helper+0x318/0x380
[   15.385669]  __asan_report_load1_noabort+0x18/0x20
[   15.385704]  mempool_oob_right_helper+0x318/0x380
[   15.385730]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   15.385755]  ? dequeue_entities+0x852/0x1740
[   15.385783]  ? finish_task_switch.isra.0+0x153/0x700
[   15.385811]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   15.385837]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   15.385862]  ? dequeue_task_fair+0x166/0x4e0
[   15.385885]  ? __pfx_mempool_kmalloc+0x10/0x10
[   15.385907]  ? __pfx_mempool_kfree+0x10/0x10
[   15.385929]  ? __pfx_read_tsc+0x10/0x10
[   15.385950]  ? ktime_get_ts64+0x86/0x230
[   15.385976]  kunit_try_run_case+0x1a5/0x480
[   15.386003]  ? __pfx_kunit_try_run_case+0x10/0x10
[   15.386026]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   15.386053]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   15.386076]  ? __kthread_parkme+0x82/0x180
[   15.386099]  ? preempt_count_sub+0x50/0x80
[   15.386124]  ? __pfx_kunit_try_run_case+0x10/0x10
[   15.386149]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   15.386172]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   15.386195]  kthread+0x337/0x6f0
[   15.386212]  ? trace_preempt_on+0x20/0xc0
[   15.386237]  ? __pfx_kthread+0x10/0x10
[   15.386256]  ? _raw_spin_unlock_irq+0x47/0x80
[   15.386277]  ? calculate_sigpending+0x7b/0xa0
[   15.386300]  ? __pfx_kthread+0x10/0x10
[   15.386319]  ret_from_fork+0x41/0x80
[   15.386341]  ? __pfx_kthread+0x10/0x10
[   15.386360]  ret_from_fork_asm+0x1a/0x30
[   15.386390]  </TASK>
[   15.386402] 
[   15.395564] The buggy address belongs to the physical page:
[   15.395908] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103984
[   15.396265] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   15.396565] flags: 0x200000000000040(head|node=0|zone=2)
[   15.397079] page_type: f8(unknown)
[   15.397236] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   15.397492] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   15.397943] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   15.398266] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   15.398551] head: 0200000000000002 ffffea00040e6101 00000000ffffffff 00000000ffffffff
[   15.398858] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   15.399217] page dumped because: kasan: bad access detected
[   15.399430] 
[   15.399568] Memory state around the buggy address:
[   15.399848]  ffff888103985f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   15.400232]  ffff888103985f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   15.400820] >ffff888103986000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   15.401006]                    ^
[   15.401214]  ffff888103986080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   15.401364]  ffff888103986100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   15.401769] ==================================================================
[   15.350074] ==================================================================
[   15.350565] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   15.351664] Read of size 1 at addr ffff888103391e73 by task kunit_try_catch/241
[   15.352004] 
[   15.352357] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G    B            N  6.15.2-rc1 #1 PREEMPT(voluntary) 
[   15.352711] Tainted: [B]=BAD_PAGE, [N]=TEST
[   15.352736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   15.352765] Call Trace:
[   15.352782]  <TASK>
[   15.352806]  dump_stack_lvl+0x73/0xb0
[   15.352851]  print_report+0xd1/0x650
[   15.352877]  ? __virt_addr_valid+0x1db/0x2d0
[   15.352904]  ? mempool_oob_right_helper+0x318/0x380
[   15.352929]  ? kasan_complete_mode_report_info+0x2a/0x200
[   15.352953]  ? mempool_oob_right_helper+0x318/0x380
[   15.352978]  kasan_report+0x141/0x180
[   15.353002]  ? mempool_oob_right_helper+0x318/0x380
[   15.353031]  __asan_report_load1_noabort+0x18/0x20
[   15.353052]  mempool_oob_right_helper+0x318/0x380
[   15.353078]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   15.353103]  ? dequeue_entities+0x852/0x1740
[   15.353132]  ? finish_task_switch.isra.0+0x153/0x700
[   15.353160]  mempool_kmalloc_oob_right+0xf2/0x150
[   15.353185]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   15.353210]  ? dequeue_task_fair+0x166/0x4e0
[   15.353233]  ? __pfx_mempool_kmalloc+0x10/0x10
[   15.353257]  ? __pfx_mempool_kfree+0x10/0x10
[   15.353280]  ? __pfx_read_tsc+0x10/0x10
[   15.353302]  ? ktime_get_ts64+0x86/0x230
[   15.353329]  kunit_try_run_case+0x1a5/0x480
[   15.353356]  ? __pfx_kunit_try_run_case+0x10/0x10
[   15.353379]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   15.353405]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   15.353428]  ? __kthread_parkme+0x82/0x180
[   15.353452]  ? preempt_count_sub+0x50/0x80
[   15.353477]  ? __pfx_kunit_try_run_case+0x10/0x10
[   15.353503]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   15.353527]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   15.353552]  kthread+0x337/0x6f0
[   15.353593]  ? trace_preempt_on+0x20/0xc0
[   15.353619]  ? __pfx_kthread+0x10/0x10
[   15.353637]  ? _raw_spin_unlock_irq+0x47/0x80
[   15.353658]  ? calculate_sigpending+0x7b/0xa0
[   15.353681]  ? __pfx_kthread+0x10/0x10
[   15.353700]  ret_from_fork+0x41/0x80
[   15.353721]  ? __pfx_kthread+0x10/0x10
[   15.353739]  ret_from_fork_asm+0x1a/0x30
[   15.353770]  </TASK>
[   15.353783] 
[   15.364414] Allocated by task 241:
[   15.364593]  kasan_save_stack+0x45/0x70
[   15.364715]  kasan_save_track+0x18/0x40
[   15.364810]  kasan_save_alloc_info+0x3b/0x50
[   15.364908]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   15.365599]  remove_element+0x11e/0x190
[   15.365877]  mempool_alloc_preallocated+0x4d/0x90
[   15.366294]  mempool_oob_right_helper+0x8a/0x380
[   15.366807]  mempool_kmalloc_oob_right+0xf2/0x150
[   15.366957]  kunit_try_run_case+0x1a5/0x480
[   15.367369]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   15.367506]  kthread+0x337/0x6f0
[   15.367754]  ret_from_fork+0x41/0x80
[   15.367891]  ret_from_fork_asm+0x1a/0x30
[   15.368178] 
[   15.368236] The buggy address belongs to the object at ffff888103391e00
[   15.368236]  which belongs to the cache kmalloc-128 of size 128
[   15.369396] The buggy address is located 0 bytes to the right of
[   15.369396]  allocated 115-byte region [ffff888103391e00, ffff888103391e73)
[   15.370554] 
[   15.370911] The buggy address belongs to the physical page:
[   15.371054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103391
[   15.371480] flags: 0x200000000000000(node=0|zone=2)
[   15.371635] page_type: f5(slab)
[   15.371968] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   15.372218] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   15.372516] page dumped because: kasan: bad access detected
[   15.373153] 
[   15.373232] Memory state around the buggy address:
[   15.373507]  ffff888103391d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   15.373808]  ffff888103391d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.374180] >ffff888103391e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   15.375212]                                                              ^
[   15.375470]  ffff888103391e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   15.375766]  ffff888103391f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   15.376146] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2yB0gIpV00SQv6iVnfHfZMmLnJi

job_id

TEST:linaro@lkft#2yB0mjaDXA0CwqutKjQjRIFyOIe

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2yB0mjaDXA0CwqutKjQjRIFyOIe

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yB0iWsIpvkPL1CcASqfwUWosuV/bzImage
sha256sum	47ba1de281267f956a3a48f9181f4c477feef4bcb70a0c3d7e92edaf4b0c05cf

rootfs

url	https://storage.tuxboot.com/debian/20250605/trixie/amd64/rootfs.ext4.xz
sha256sum	bb36936f45b20f4af35993e582d98e781104116519f71565c7a97bddc546f892

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yB0iWsIpvkPL1CcASqfwUWosuV/modules.tar.xz
sha256sum	8e7e333ca033c5e02b3a17a5149fd9967683e83e27203dc8ee3885518ea01f50

durations

tests

boot	0
kunit	394.68

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit