lkft/sashal-linus-next - v6.13-rc7-43420-g0bb7ecc6c892 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

July 9, 2025, 12:11 a.m.

Environment
qemu-arm64
qemu-x86_64

[   21.594977] ==================================================================
[   21.595432] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   21.595987] Read of size 1 at addr fff00000c639c2bb by task kunit_try_catch/226
[   21.596210] 
[   21.596248] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   21.596562] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.596595] Hardware name: linux,dummy-virt (DT)
[   21.596636] Call trace:
[   21.596660]  show_stack+0x20/0x38 (C)
[   21.596713]  dump_stack_lvl+0x8c/0xd0
[   21.597145]  print_report+0x118/0x608
[   21.597610]  kasan_report+0xdc/0x128
[   21.597847]  __asan_report_load1_noabort+0x20/0x30
[   21.598272]  mempool_oob_right_helper+0x2ac/0x2f0
[   21.598531]  mempool_slab_oob_right+0xc0/0x118
[   21.598890]  kunit_try_run_case+0x170/0x3f0
[   21.598992]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.599050]  kthread+0x328/0x630
[   21.599504]  ret_from_fork+0x10/0x20
[   21.599560] 
[   21.599579] Allocated by task 226:
[   21.599713]  kasan_save_stack+0x3c/0x68
[   21.599945]  kasan_save_track+0x20/0x40
[   21.600089]  kasan_save_alloc_info+0x40/0x58
[   21.600378]  __kasan_mempool_unpoison_object+0xbc/0x180
[   21.600624]  remove_element+0x16c/0x1f8
[   21.600672]  mempool_alloc_preallocated+0x58/0xc0
[   21.600818]  mempool_oob_right_helper+0x98/0x2f0
[   21.601123]  mempool_slab_oob_right+0xc0/0x118
[   21.601347]  kunit_try_run_case+0x170/0x3f0
[   21.601386]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.601444]  kthread+0x328/0x630
[   21.601481]  ret_from_fork+0x10/0x20
[   21.601519] 
[   21.601539] The buggy address belongs to the object at fff00000c639c240
[   21.601539]  which belongs to the cache test_cache of size 123
[   21.602811] The buggy address is located 0 bytes to the right of
[   21.602811]  allocated 123-byte region [fff00000c639c240, fff00000c639c2bb)
[   21.603085] 
[   21.603222] The buggy address belongs to the physical page:
[   21.603337] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10639c
[   21.603427] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   21.603477] page_type: f5(slab)
[   21.603535] raw: 0bfffe0000000000 fff00000c471aa00 dead000000000122 0000000000000000
[   21.603704] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   21.603780] page dumped because: kasan: bad access detected
[   21.603813] 
[   21.603831] Memory state around the buggy address:
[   21.603873]  fff00000c639c180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   21.603933]  fff00000c639c200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   21.603994] >fff00000c639c280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   21.604046]                                         ^
[   21.604082]  fff00000c639c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.604130]  fff00000c639c380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.604169] ==================================================================
[   21.562822] ==================================================================
[   21.562896] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   21.562973] Read of size 1 at addr fff00000c64b5673 by task kunit_try_catch/222
[   21.563024] 
[   21.563069] CPU: 1 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   21.563159] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.563188] Hardware name: linux,dummy-virt (DT)
[   21.563222] Call trace:
[   21.563248]  show_stack+0x20/0x38 (C)
[   21.563301]  dump_stack_lvl+0x8c/0xd0
[   21.563349]  print_report+0x118/0x608
[   21.563413]  kasan_report+0xdc/0x128
[   21.563459]  __asan_report_load1_noabort+0x20/0x30
[   21.563512]  mempool_oob_right_helper+0x2ac/0x2f0
[   21.563562]  mempool_kmalloc_oob_right+0xc4/0x120
[   21.563611]  kunit_try_run_case+0x170/0x3f0
[   21.563663]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.563715]  kthread+0x328/0x630
[   21.563761]  ret_from_fork+0x10/0x20
[   21.563811] 
[   21.563831] Allocated by task 222:
[   21.563863]  kasan_save_stack+0x3c/0x68
[   21.563906]  kasan_save_track+0x20/0x40
[   21.563946]  kasan_save_alloc_info+0x40/0x58
[   21.563986]  __kasan_mempool_unpoison_object+0x11c/0x180
[   21.564031]  remove_element+0x130/0x1f8
[   21.564180]  mempool_alloc_preallocated+0x58/0xc0
[   21.564226]  mempool_oob_right_helper+0x98/0x2f0
[   21.564267]  mempool_kmalloc_oob_right+0xc4/0x120
[   21.564309]  kunit_try_run_case+0x170/0x3f0
[   21.564349]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.564394]  kthread+0x328/0x630
[   21.564446]  ret_from_fork+0x10/0x20
[   21.564488] 
[   21.564509] The buggy address belongs to the object at fff00000c64b5600
[   21.564509]  which belongs to the cache kmalloc-128 of size 128
[   21.564569] The buggy address is located 0 bytes to the right of
[   21.564569]  allocated 115-byte region [fff00000c64b5600, fff00000c64b5673)
[   21.564635] 
[   21.564658] The buggy address belongs to the physical page:
[   21.564693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064b5
[   21.564753] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   21.564811] page_type: f5(slab)
[   21.564858] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   21.564909] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   21.564952] page dumped because: kasan: bad access detected
[   21.564983] 
[   21.565001] Memory state around the buggy address:
[   21.565037]  fff00000c64b5500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   21.565086]  fff00000c64b5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.565132] >fff00000c64b5600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   21.565172]                                                              ^
[   21.565212]  fff00000c64b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.565257]  fff00000c64b5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   21.565297] ==================================================================
[   21.582732] ==================================================================
[   21.582792] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   21.582845] Read of size 1 at addr fff00000c77de001 by task kunit_try_catch/224
[   21.582896] 
[   21.582927] CPU: 1 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   21.583011] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.583039] Hardware name: linux,dummy-virt (DT)
[   21.583071] Call trace:
[   21.583094]  show_stack+0x20/0x38 (C)
[   21.583144]  dump_stack_lvl+0x8c/0xd0
[   21.583190]  print_report+0x118/0x608
[   21.583236]  kasan_report+0xdc/0x128
[   21.583282]  __asan_report_load1_noabort+0x20/0x30
[   21.583333]  mempool_oob_right_helper+0x2ac/0x2f0
[   21.583383]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   21.583478]  kunit_try_run_case+0x170/0x3f0
[   21.583528]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.583581]  kthread+0x328/0x630
[   21.583623]  ret_from_fork+0x10/0x20
[   21.583680] 
[   21.583703] The buggy address belongs to the physical page:
[   21.583743] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077dc
[   21.583800] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.583847] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   21.583902] page_type: f8(unknown)
[   21.583940] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.583990] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   21.584040] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.584124] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   21.584527] head: 0bfffe0000000002 ffffc1ffc31df701 00000000ffffffff 00000000ffffffff
[   21.584580] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   21.584630] page dumped because: kasan: bad access detected
[   21.584663] 
[   21.584681] Memory state around the buggy address:
[   21.584714]  fff00000c77ddf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.585021]  fff00000c77ddf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.585087] >fff00000c77de000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.585142]                    ^
[   21.585178]  fff00000c77de080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.585258]  fff00000c77de100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   21.585306] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zcAAYYuPsfT6JOjQ0cWxv2fjOU

job_id

TEST:linaro@lkft#2zcAEs3GnocWqbWkV7rOIaC0ynd

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zcAEs3GnocWqbWkV7rOIaC0ynd

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zcABpPI3ZfT1t9tMDG7X8q8lao/Image.gz
sha256sum	43942746c31837a748f7022cb72cf36f2b91f61e7d895fc8b55a1572e458e713

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zcABpPI3ZfT1t9tMDG7X8q8lao/modules.tar.xz
sha256sum	8807b7479e37c86501e73242d675a1e38566097096d6197d93fffacaa4ec941e

durations

tests

boot	0
kunit	176.36

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   14.130169] ==================================================================
[   14.130777] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   14.131150] Read of size 1 at addr ffff88810a626001 by task kunit_try_catch/240
[   14.131694] 
[   14.131827] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.131875] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.131888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.131910] Call Trace:
[   14.131922]  <TASK>
[   14.131954]  dump_stack_lvl+0x73/0xb0
[   14.131992]  print_report+0xd1/0x650
[   14.132016]  ? __virt_addr_valid+0x1db/0x2d0
[   14.132042]  ? mempool_oob_right_helper+0x318/0x380
[   14.132066]  ? kasan_addr_to_slab+0x11/0xa0
[   14.132087]  ? mempool_oob_right_helper+0x318/0x380
[   14.132111]  kasan_report+0x141/0x180
[   14.132133]  ? mempool_oob_right_helper+0x318/0x380
[   14.132161]  __asan_report_load1_noabort+0x18/0x20
[   14.132186]  mempool_oob_right_helper+0x318/0x380
[   14.132211]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   14.132238]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.132439]  ? finish_task_switch.isra.0+0x153/0x700
[   14.132478]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   14.132506]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   14.132535]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.132560]  ? __pfx_mempool_kfree+0x10/0x10
[   14.132585]  ? __pfx_read_tsc+0x10/0x10
[   14.132607]  ? ktime_get_ts64+0x86/0x230
[   14.132632]  kunit_try_run_case+0x1a5/0x480
[   14.132659]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.132682]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.132708]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.132731]  ? __kthread_parkme+0x82/0x180
[   14.132753]  ? preempt_count_sub+0x50/0x80
[   14.132776]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.132801]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.132825]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.132850]  kthread+0x337/0x6f0
[   14.132869]  ? trace_preempt_on+0x20/0xc0
[   14.132893]  ? __pfx_kthread+0x10/0x10
[   14.132914]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.132950]  ? calculate_sigpending+0x7b/0xa0
[   14.132989]  ? __pfx_kthread+0x10/0x10
[   14.133011]  ret_from_fork+0x116/0x1d0
[   14.133030]  ? __pfx_kthread+0x10/0x10
[   14.133049]  ret_from_fork_asm+0x1a/0x30
[   14.133081]  </TASK>
[   14.133092] 
[   14.143681] The buggy address belongs to the physical page:
[   14.143905] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a624
[   14.144285] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   14.144501] flags: 0x200000000000040(head|node=0|zone=2)
[   14.144943] page_type: f8(unknown)
[   14.145332] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.145704] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.146244] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.146541] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.146856] head: 0200000000000002 ffffea0004298901 00000000ffffffff 00000000ffffffff
[   14.147266] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   14.147567] page dumped because: kasan: bad access detected
[   14.147820] 
[   14.147942] Memory state around the buggy address:
[   14.148180]  ffff88810a625f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.148560]  ffff88810a625f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.148875] >ffff88810a626000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   14.149328]                    ^
[   14.149451]  ffff88810a626080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   14.149801]  ffff88810a626100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   14.150127] ==================================================================
[   14.157827] ==================================================================
[   14.158461] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   14.158813] Read of size 1 at addr ffff8881026be2bb by task kunit_try_catch/242
[   14.159149] 
[   14.159268] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.159313] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.159325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.159347] Call Trace:
[   14.159359]  <TASK>
[   14.159380]  dump_stack_lvl+0x73/0xb0
[   14.159413]  print_report+0xd1/0x650
[   14.159437]  ? __virt_addr_valid+0x1db/0x2d0
[   14.159467]  ? mempool_oob_right_helper+0x318/0x380
[   14.159492]  ? kasan_complete_mode_report_info+0x2a/0x200
[   14.159535]  ? mempool_oob_right_helper+0x318/0x380
[   14.159560]  kasan_report+0x141/0x180
[   14.159581]  ? mempool_oob_right_helper+0x318/0x380
[   14.159610]  __asan_report_load1_noabort+0x18/0x20
[   14.159635]  mempool_oob_right_helper+0x318/0x380
[   14.159660]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   14.159688]  ? finish_task_switch.isra.0+0x153/0x700
[   14.159718]  mempool_slab_oob_right+0xed/0x140
[   14.159743]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   14.159770]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   14.159797]  ? __pfx_mempool_free_slab+0x10/0x10
[   14.159823]  ? __pfx_read_tsc+0x10/0x10
[   14.159867]  ? ktime_get_ts64+0x86/0x230
[   14.159892]  kunit_try_run_case+0x1a5/0x480
[   14.159920]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.159952]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.159978]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.160002]  ? __kthread_parkme+0x82/0x180
[   14.160024]  ? preempt_count_sub+0x50/0x80
[   14.160048]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.160073]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.160097]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.160122]  kthread+0x337/0x6f0
[   14.160141]  ? trace_preempt_on+0x20/0xc0
[   14.160165]  ? __pfx_kthread+0x10/0x10
[   14.160186]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.160207]  ? calculate_sigpending+0x7b/0xa0
[   14.160232]  ? __pfx_kthread+0x10/0x10
[   14.160253]  ret_from_fork+0x116/0x1d0
[   14.160286]  ? __pfx_kthread+0x10/0x10
[   14.160307]  ret_from_fork_asm+0x1a/0x30
[   14.160339]  </TASK>
[   14.160350] 
[   14.167665] Allocated by task 242:
[   14.167837]  kasan_save_stack+0x45/0x70
[   14.168041]  kasan_save_track+0x18/0x40
[   14.168212]  kasan_save_alloc_info+0x3b/0x50
[   14.168481]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   14.168699]  remove_element+0x11e/0x190
[   14.168886]  mempool_alloc_preallocated+0x4d/0x90
[   14.169116]  mempool_oob_right_helper+0x8a/0x380
[   14.169344]  mempool_slab_oob_right+0xed/0x140
[   14.169551]  kunit_try_run_case+0x1a5/0x480
[   14.169739]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.169965]  kthread+0x337/0x6f0
[   14.170127]  ret_from_fork+0x116/0x1d0
[   14.170271]  ret_from_fork_asm+0x1a/0x30
[   14.170577] 
[   14.170646] The buggy address belongs to the object at ffff8881026be240
[   14.170646]  which belongs to the cache test_cache of size 123
[   14.171145] The buggy address is located 0 bytes to the right of
[   14.171145]  allocated 123-byte region [ffff8881026be240, ffff8881026be2bb)
[   14.171495] 
[   14.171565] The buggy address belongs to the physical page:
[   14.171730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026be
[   14.172102] flags: 0x200000000000000(node=0|zone=2)
[   14.172416] page_type: f5(slab)
[   14.172584] raw: 0200000000000000 ffff8881026b4500 dead000000000122 0000000000000000
[   14.172919] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   14.173248] page dumped because: kasan: bad access detected
[   14.173489] 
[   14.173579] Memory state around the buggy address:
[   14.173740]  ffff8881026be180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.173956]  ffff8881026be200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   14.174161] >ffff8881026be280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   14.174656]                                         ^
[   14.174901]  ffff8881026be300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.175163]  ffff8881026be380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.175645] ==================================================================
[   14.097270] ==================================================================
[   14.097702] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   14.098179] Read of size 1 at addr ffff888102ab9073 by task kunit_try_catch/238
[   14.098411] 
[   14.098506] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.098555] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.098566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.098588] Call Trace:
[   14.098601]  <TASK>
[   14.098621]  dump_stack_lvl+0x73/0xb0
[   14.098655]  print_report+0xd1/0x650
[   14.098679]  ? __virt_addr_valid+0x1db/0x2d0
[   14.098711]  ? mempool_oob_right_helper+0x318/0x380
[   14.098735]  ? kasan_complete_mode_report_info+0x2a/0x200
[   14.098759]  ? mempool_oob_right_helper+0x318/0x380
[   14.098782]  kasan_report+0x141/0x180
[   14.098804]  ? mempool_oob_right_helper+0x318/0x380
[   14.098832]  __asan_report_load1_noabort+0x18/0x20
[   14.098857]  mempool_oob_right_helper+0x318/0x380
[   14.098882]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   14.098908]  ? __kasan_check_write+0x18/0x20
[   14.098937]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.098961]  ? finish_task_switch.isra.0+0x153/0x700
[   14.098989]  mempool_kmalloc_oob_right+0xf2/0x150
[   14.099013]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   14.099039]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.099066]  ? __pfx_mempool_kfree+0x10/0x10
[   14.099090]  ? __pfx_read_tsc+0x10/0x10
[   14.099113]  ? ktime_get_ts64+0x86/0x230
[   14.099605]  kunit_try_run_case+0x1a5/0x480
[   14.099644]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.099668]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.099694]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.099718]  ? __kthread_parkme+0x82/0x180
[   14.099740]  ? preempt_count_sub+0x50/0x80
[   14.099764]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.099789]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.099814]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.099840]  kthread+0x337/0x6f0
[   14.099859]  ? trace_preempt_on+0x20/0xc0
[   14.099883]  ? __pfx_kthread+0x10/0x10
[   14.099903]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.099924]  ? calculate_sigpending+0x7b/0xa0
[   14.099960]  ? __pfx_kthread+0x10/0x10
[   14.099982]  ret_from_fork+0x116/0x1d0
[   14.100001]  ? __pfx_kthread+0x10/0x10
[   14.100021]  ret_from_fork_asm+0x1a/0x30
[   14.100053]  </TASK>
[   14.100065] 
[   14.112742] Allocated by task 238:
[   14.113102]  kasan_save_stack+0x45/0x70
[   14.113287]  kasan_save_track+0x18/0x40
[   14.113472]  kasan_save_alloc_info+0x3b/0x50
[   14.113676]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   14.113901]  remove_element+0x11e/0x190
[   14.114570]  mempool_alloc_preallocated+0x4d/0x90
[   14.114782]  mempool_oob_right_helper+0x8a/0x380
[   14.115359]  mempool_kmalloc_oob_right+0xf2/0x150
[   14.115581]  kunit_try_run_case+0x1a5/0x480
[   14.116013]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.116411]  kthread+0x337/0x6f0
[   14.116659]  ret_from_fork+0x116/0x1d0
[   14.116879]  ret_from_fork_asm+0x1a/0x30
[   14.117222] 
[   14.117326] The buggy address belongs to the object at ffff888102ab9000
[   14.117326]  which belongs to the cache kmalloc-128 of size 128
[   14.118110] The buggy address is located 0 bytes to the right of
[   14.118110]  allocated 115-byte region [ffff888102ab9000, ffff888102ab9073)
[   14.118938] 
[   14.119318] The buggy address belongs to the physical page:
[   14.119548] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ab9
[   14.119885] flags: 0x200000000000000(node=0|zone=2)
[   14.120432] page_type: f5(slab)
[   14.120697] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   14.121216] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   14.121649] page dumped because: kasan: bad access detected
[   14.121922] 
[   14.122024] Memory state around the buggy address:
[   14.122538]  ffff888102ab8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.122812]  ffff888102ab8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.123526] >ffff888102ab9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   14.123945]                                                              ^
[   14.124470]  ffff888102ab9080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.124746]  ffff888102ab9100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   14.125360] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zcAAYYuPsfT6JOjQ0cWxv2fjOU

job_id

TEST:linaro@lkft#2zcAFkblEHml5vWceVaiL0Z7pv2

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zcAFkblEHml5vWceVaiL0Z7pv2

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zcACy0pDahAR5qrdOicKU9PONK/bzImage
sha256sum	27b537d7ff0cc2505073732e0426981d2e11aae2d444edf9f87b5f4cd09a88c1

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zcACy0pDahAR5qrdOicKU9PONK/modules.tar.xz
sha256sum	de6330518eae5656446007b0b43210efdfbd212f286fe2bf16230e157f9f0923

durations

tests

boot	0
kunit	201.85

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit