lkft/sashal-linus-next - v6.13-rc7-44054-ga0826ac5bfa4 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper

Date

July 20, 2025, 8:11 p.m.

Environment
qemu-arm64
qemu-x86_64

[   17.106081] ==================================================================
[   17.106415] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   17.106547] Read of size 1 at addr fff00000c64ef2bb by task kunit_try_catch/226
[   17.106597] 
[   17.106652] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   17.107633] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.107902] Hardware name: linux,dummy-virt (DT)
[   17.107939] Call trace:
[   17.108266]  show_stack+0x20/0x38 (C)
[   17.108621]  dump_stack_lvl+0x8c/0xd0
[   17.108692]  print_report+0x118/0x5d0
[   17.109225]  kasan_report+0xdc/0x128
[   17.109425]  __asan_report_load1_noabort+0x20/0x30
[   17.109737]  mempool_oob_right_helper+0x2ac/0x2f0
[   17.110148]  mempool_slab_oob_right+0xc0/0x118
[   17.110228]  kunit_try_run_case+0x170/0x3f0
[   17.110415]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.110618]  kthread+0x328/0x630
[   17.111153]  ret_from_fork+0x10/0x20
[   17.111499] 
[   17.111526] Allocated by task 226:
[   17.111616]  kasan_save_stack+0x3c/0x68
[   17.111997]  kasan_save_track+0x20/0x40
[   17.112168]  kasan_save_alloc_info+0x40/0x58
[   17.112497]  __kasan_mempool_unpoison_object+0xbc/0x180
[   17.112553]  remove_element+0x16c/0x1f8
[   17.112588]  mempool_alloc_preallocated+0x58/0xc0
[   17.113089]  mempool_oob_right_helper+0x98/0x2f0
[   17.113203]  mempool_slab_oob_right+0xc0/0x118
[   17.113409]  kunit_try_run_case+0x170/0x3f0
[   17.113473]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.113518]  kthread+0x328/0x630
[   17.113982]  ret_from_fork+0x10/0x20
[   17.114048] 
[   17.114249] The buggy address belongs to the object at fff00000c64ef240
[   17.114249]  which belongs to the cache test_cache of size 123
[   17.114469] The buggy address is located 0 bytes to the right of
[   17.114469]  allocated 123-byte region [fff00000c64ef240, fff00000c64ef2bb)
[   17.114759] 
[   17.114874] The buggy address belongs to the physical page:
[   17.114907] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064ef
[   17.115348] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   17.115619] page_type: f5(slab)
[   17.115736] raw: 0bfffe0000000000 fff00000c1af1780 dead000000000122 0000000000000000
[   17.115966] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   17.116197] page dumped because: kasan: bad access detected
[   17.116560] 
[   17.116871] Memory state around the buggy address:
[   17.116998]  fff00000c64ef180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   17.117099]  fff00000c64ef200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   17.117159] >fff00000c64ef280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   17.117382]                                         ^
[   17.117421]  fff00000c64ef300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.117788]  fff00000c64ef380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.117839] ==================================================================
[   17.087166] ==================================================================
[   17.087238] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   17.087290] Read of size 1 at addr fff00000c6486001 by task kunit_try_catch/224
[   17.087340] 
[   17.087369] CPU: 0 UID: 0 PID: 224 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   17.087449] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.087477] Hardware name: linux,dummy-virt (DT)
[   17.087507] Call trace:
[   17.087532]  show_stack+0x20/0x38 (C)
[   17.088975]  dump_stack_lvl+0x8c/0xd0
[   17.089059]  print_report+0x118/0x5d0
[   17.089107]  kasan_report+0xdc/0x128
[   17.089154]  __asan_report_load1_noabort+0x20/0x30
[   17.089214]  mempool_oob_right_helper+0x2ac/0x2f0
[   17.089264]  mempool_kmalloc_large_oob_right+0xc4/0x120
[   17.089316]  kunit_try_run_case+0x170/0x3f0
[   17.089363]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.089413]  kthread+0x328/0x630
[   17.089459]  ret_from_fork+0x10/0x20
[   17.089509] 
[   17.089530] The buggy address belongs to the physical page:
[   17.089563] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x106484
[   17.089641] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   17.089736] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   17.089941] page_type: f8(unknown)
[   17.089988] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.090038] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.090096] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   17.090256] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   17.090315] head: 0bfffe0000000002 ffffc1ffc3192101 00000000ffffffff 00000000ffffffff
[   17.090366] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   17.090407] page dumped because: kasan: bad access detected
[   17.090441] 
[   17.090460] Memory state around the buggy address:
[   17.090494]  fff00000c6485f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.090537]  fff00000c6485f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   17.090580] >fff00000c6486000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.090618]                    ^
[   17.090647]  fff00000c6486080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.090691]  fff00000c6486100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   17.090730] ==================================================================
[   17.070647] ==================================================================
[   17.070715] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x2ac/0x2f0
[   17.070791] Read of size 1 at addr fff00000c64d8073 by task kunit_try_catch/222
[   17.070842] 
[   17.070887] CPU: 0 UID: 0 PID: 222 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT 
[   17.070975] Tainted: [B]=BAD_PAGE, [N]=TEST
[   17.071003] Hardware name: linux,dummy-virt (DT)
[   17.071039] Call trace:
[   17.071066]  show_stack+0x20/0x38 (C)
[   17.071118]  dump_stack_lvl+0x8c/0xd0
[   17.071170]  print_report+0x118/0x5d0
[   17.071231]  kasan_report+0xdc/0x128
[   17.071277]  __asan_report_load1_noabort+0x20/0x30
[   17.071326]  mempool_oob_right_helper+0x2ac/0x2f0
[   17.071375]  mempool_kmalloc_oob_right+0xc4/0x120
[   17.071423]  kunit_try_run_case+0x170/0x3f0
[   17.071473]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.071526]  kthread+0x328/0x630
[   17.071570]  ret_from_fork+0x10/0x20
[   17.071620] 
[   17.071640] Allocated by task 222:
[   17.071672]  kasan_save_stack+0x3c/0x68
[   17.071712]  kasan_save_track+0x20/0x40
[   17.071751]  kasan_save_alloc_info+0x40/0x58
[   17.071790]  __kasan_mempool_unpoison_object+0x11c/0x180
[   17.071834]  remove_element+0x130/0x1f8
[   17.071873]  mempool_alloc_preallocated+0x58/0xc0
[   17.071913]  mempool_oob_right_helper+0x98/0x2f0
[   17.071951]  mempool_kmalloc_oob_right+0xc4/0x120
[   17.071990]  kunit_try_run_case+0x170/0x3f0
[   17.072029]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   17.072074]  kthread+0x328/0x630
[   17.072106]  ret_from_fork+0x10/0x20
[   17.072143] 
[   17.072164] The buggy address belongs to the object at fff00000c64d8000
[   17.072164]  which belongs to the cache kmalloc-128 of size 128
[   17.072232] The buggy address is located 0 bytes to the right of
[   17.072232]  allocated 115-byte region [fff00000c64d8000, fff00000c64d8073)
[   17.072296] 
[   17.072320] The buggy address belongs to the physical page:
[   17.072353] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064d8
[   17.072410] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   17.072463] page_type: f5(slab)
[   17.072506] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   17.072557] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   17.072600] page dumped because: kasan: bad access detected
[   17.072633] 
[   17.072651] Memory state around the buggy address:
[   17.072687]  fff00000c64d7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.072731]  fff00000c64d7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.072775] >fff00000c64d8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   17.072814]                                                              ^
[   17.072852]  fff00000c64d8080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   17.072910]  fff00000c64d8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   17.072951] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

309aWYwhlSaX86OR0tyxd83BkVP

job_id

TEST:linaro@lkft#309aanSV96FyzA0myvVcjb3yGd6

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/309aanSV96FyzA0myvVcjb3yGd6

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/309aXwXoGoTp4GczYC9pgbmH2fu/Image.gz
sha256sum	dd3efc46eaa5f6736b74b81818643c0723c262296650250cc4efcb52f7cb79a7

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/309aXwXoGoTp4GczYC9pgbmH2fu/modules.tar.xz
sha256sum	f1c09dfa4ab8134d947ef1ee155c8283abaf591e8ee31c2f7bd7de0ce8dedb59

durations

tests

boot	0
kunit	165.81

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

[   14.420405] ==================================================================
[   14.420948] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   14.421581] Read of size 1 at addr ffff8881032682bb by task kunit_try_catch/243
[   14.422041] 
[   14.422168] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   14.422218] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.422230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.422253] Call Trace:
[   14.422267]  <TASK>
[   14.422285]  dump_stack_lvl+0x73/0xb0
[   14.422320]  print_report+0xd1/0x610
[   14.422346]  ? __virt_addr_valid+0x1db/0x2d0
[   14.422372]  ? mempool_oob_right_helper+0x318/0x380
[   14.422395]  ? kasan_complete_mode_report_info+0x2a/0x200
[   14.422418]  ? mempool_oob_right_helper+0x318/0x380
[   14.422443]  kasan_report+0x141/0x180
[   14.422465]  ? mempool_oob_right_helper+0x318/0x380
[   14.422507]  __asan_report_load1_noabort+0x18/0x20
[   14.422532]  mempool_oob_right_helper+0x318/0x380
[   14.422557]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   14.422584]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.422607]  ? finish_task_switch.isra.0+0x153/0x700
[   14.422634]  mempool_slab_oob_right+0xed/0x140
[   14.422658]  ? __pfx_mempool_slab_oob_right+0x10/0x10
[   14.422686]  ? __pfx_mempool_alloc_slab+0x10/0x10
[   14.422712]  ? __pfx_mempool_free_slab+0x10/0x10
[   14.422738]  ? __pfx_read_tsc+0x10/0x10
[   14.422759]  ? ktime_get_ts64+0x86/0x230
[   14.422785]  kunit_try_run_case+0x1a5/0x480
[   14.422812]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.422835]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.422861]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.422885]  ? __kthread_parkme+0x82/0x180
[   14.422909]  ? preempt_count_sub+0x50/0x80
[   14.422932]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.422957]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.422980]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.423005]  kthread+0x337/0x6f0
[   14.423024]  ? trace_preempt_on+0x20/0xc0
[   14.423065]  ? __pfx_kthread+0x10/0x10
[   14.423086]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.423109]  ? calculate_sigpending+0x7b/0xa0
[   14.423134]  ? __pfx_kthread+0x10/0x10
[   14.423156]  ret_from_fork+0x116/0x1d0
[   14.423176]  ? __pfx_kthread+0x10/0x10
[   14.423197]  ret_from_fork_asm+0x1a/0x30
[   14.423230]  </TASK>
[   14.423240] 
[   14.434682] Allocated by task 243:
[   14.435201]  kasan_save_stack+0x45/0x70
[   14.435419]  kasan_save_track+0x18/0x40
[   14.435631]  kasan_save_alloc_info+0x3b/0x50
[   14.436246]  __kasan_mempool_unpoison_object+0x1bb/0x200
[   14.436609]  remove_element+0x11e/0x190
[   14.436914]  mempool_alloc_preallocated+0x4d/0x90
[   14.437285]  mempool_oob_right_helper+0x8a/0x380
[   14.437614]  mempool_slab_oob_right+0xed/0x140
[   14.437823]  kunit_try_run_case+0x1a5/0x480
[   14.438036]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.438499]  kthread+0x337/0x6f0
[   14.438660]  ret_from_fork+0x116/0x1d0
[   14.439104]  ret_from_fork_asm+0x1a/0x30
[   14.439306] 
[   14.439387] The buggy address belongs to the object at ffff888103268240
[   14.439387]  which belongs to the cache test_cache of size 123
[   14.440205] The buggy address is located 0 bytes to the right of
[   14.440205]  allocated 123-byte region [ffff888103268240, ffff8881032682bb)
[   14.440906] 
[   14.441026] The buggy address belongs to the physical page:
[   14.441278] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103268
[   14.441630] flags: 0x200000000000000(node=0|zone=2)
[   14.441896] page_type: f5(slab)
[   14.442595] raw: 0200000000000000 ffff888103260280 dead000000000122 0000000000000000
[   14.442964] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000
[   14.443567] page dumped because: kasan: bad access detected
[   14.443971] 
[   14.444129] Memory state around the buggy address:
[   14.444328]  ffff888103268180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.444654]  ffff888103268200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00
[   14.445230] >ffff888103268280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc
[   14.445516]                                         ^
[   14.445964]  ffff888103268300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.446520]  ffff888103268380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.446868] ==================================================================
[   14.393642] ==================================================================
[   14.394343] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   14.394665] Read of size 1 at addr ffff8881038d6001 by task kunit_try_catch/241
[   14.395016] 
[   14.395136] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   14.395187] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.395199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.395224] Call Trace:
[   14.395236]  <TASK>
[   14.395254]  dump_stack_lvl+0x73/0xb0
[   14.395287]  print_report+0xd1/0x610
[   14.395311]  ? __virt_addr_valid+0x1db/0x2d0
[   14.395356]  ? mempool_oob_right_helper+0x318/0x380
[   14.395381]  ? kasan_addr_to_slab+0x11/0xa0
[   14.395402]  ? mempool_oob_right_helper+0x318/0x380
[   14.395426]  kasan_report+0x141/0x180
[   14.395449]  ? mempool_oob_right_helper+0x318/0x380
[   14.395487]  __asan_report_load1_noabort+0x18/0x20
[   14.395513]  mempool_oob_right_helper+0x318/0x380
[   14.395537]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   14.395565]  ? finish_task_switch.isra.0+0x153/0x700
[   14.395593]  mempool_kmalloc_large_oob_right+0xf2/0x150
[   14.395618]  ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10
[   14.395646]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.395671]  ? __pfx_mempool_kfree+0x10/0x10
[   14.395697]  ? __pfx_read_tsc+0x10/0x10
[   14.395718]  ? ktime_get_ts64+0x86/0x230
[   14.395762]  kunit_try_run_case+0x1a5/0x480
[   14.395789]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.395812]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.395837]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.395862]  ? __kthread_parkme+0x82/0x180
[   14.395882]  ? preempt_count_sub+0x50/0x80
[   14.395905]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.395930]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.395954]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.395978]  kthread+0x337/0x6f0
[   14.395998]  ? trace_preempt_on+0x20/0xc0
[   14.396053]  ? __pfx_kthread+0x10/0x10
[   14.396075]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.396098]  ? calculate_sigpending+0x7b/0xa0
[   14.396122]  ? __pfx_kthread+0x10/0x10
[   14.396144]  ret_from_fork+0x116/0x1d0
[   14.396164]  ? __pfx_kthread+0x10/0x10
[   14.396184]  ret_from_fork_asm+0x1a/0x30
[   14.396216]  </TASK>
[   14.396226] 
[   14.407622] The buggy address belongs to the physical page:
[   14.407856] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d4
[   14.408800] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   14.409154] flags: 0x200000000000040(head|node=0|zone=2)
[   14.409585] page_type: f8(unknown)
[   14.409830] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.410308] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.410754] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.411055] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.411668] head: 0200000000000002 ffffea00040e3501 00000000ffffffff 00000000ffffffff
[   14.412126] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   14.412556] page dumped because: kasan: bad access detected
[   14.412900] 
[   14.412985] Memory state around the buggy address:
[   14.413609]  ffff8881038d5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.413973]  ffff8881038d5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.414363] >ffff8881038d6000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   14.414703]                    ^
[   14.415120]  ffff8881038d6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   14.415457]  ffff8881038d6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[   14.415886] ==================================================================
[   14.363852] ==================================================================
[   14.364257] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380
[   14.365294] Read of size 1 at addr ffff888103249a73 by task kunit_try_catch/239
[   14.365592] 
[   14.365701] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6 #1 PREEMPT(voluntary) 
[   14.365757] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.365769] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.365794] Call Trace:
[   14.365809]  <TASK>
[   14.365830]  dump_stack_lvl+0x73/0xb0
[   14.365867]  print_report+0xd1/0x610
[   14.365892]  ? __virt_addr_valid+0x1db/0x2d0
[   14.365919]  ? mempool_oob_right_helper+0x318/0x380
[   14.365945]  ? kasan_complete_mode_report_info+0x2a/0x200
[   14.365968]  ? mempool_oob_right_helper+0x318/0x380
[   14.365992]  kasan_report+0x141/0x180
[   14.366014]  ? mempool_oob_right_helper+0x318/0x380
[   14.366043]  __asan_report_load1_noabort+0x18/0x20
[   14.366084]  mempool_oob_right_helper+0x318/0x380
[   14.366113]  ? __pfx_mempool_oob_right_helper+0x10/0x10
[   14.366139]  ? __kasan_check_write+0x18/0x20
[   14.366158]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.366183]  ? finish_task_switch.isra.0+0x153/0x700
[   14.366210]  mempool_kmalloc_oob_right+0xf2/0x150
[   14.366234]  ? __pfx_mempool_kmalloc_oob_right+0x10/0x10
[   14.366260]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.366288]  ? __pfx_mempool_kfree+0x10/0x10
[   14.366313]  ? __pfx_read_tsc+0x10/0x10
[   14.366336]  ? ktime_get_ts64+0x86/0x230
[   14.366361]  kunit_try_run_case+0x1a5/0x480
[   14.366390]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.366412]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.366439]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.366462]  ? __kthread_parkme+0x82/0x180
[   14.366495]  ? preempt_count_sub+0x50/0x80
[   14.366518]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.366542]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.366566]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.366589]  kthread+0x337/0x6f0
[   14.366609]  ? trace_preempt_on+0x20/0xc0
[   14.366634]  ? __pfx_kthread+0x10/0x10
[   14.366656]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.366678]  ? calculate_sigpending+0x7b/0xa0
[   14.366704]  ? __pfx_kthread+0x10/0x10
[   14.366725]  ret_from_fork+0x116/0x1d0
[   14.366745]  ? __pfx_kthread+0x10/0x10
[   14.366765]  ret_from_fork_asm+0x1a/0x30
[   14.366814]  </TASK>
[   14.366825] 
[   14.378039] Allocated by task 239:
[   14.378562]  kasan_save_stack+0x45/0x70
[   14.378797]  kasan_save_track+0x18/0x40
[   14.379208]  kasan_save_alloc_info+0x3b/0x50
[   14.379383]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   14.379664]  remove_element+0x11e/0x190
[   14.379858]  mempool_alloc_preallocated+0x4d/0x90
[   14.380423]  mempool_oob_right_helper+0x8a/0x380
[   14.380733]  mempool_kmalloc_oob_right+0xf2/0x150
[   14.380989]  kunit_try_run_case+0x1a5/0x480
[   14.381392]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.381747]  kthread+0x337/0x6f0
[   14.381922]  ret_from_fork+0x116/0x1d0
[   14.382091]  ret_from_fork_asm+0x1a/0x30
[   14.382414] 
[   14.382530] The buggy address belongs to the object at ffff888103249a00
[   14.382530]  which belongs to the cache kmalloc-128 of size 128
[   14.383400] The buggy address is located 0 bytes to the right of
[   14.383400]  allocated 115-byte region [ffff888103249a00, ffff888103249a73)
[   14.384228] 
[   14.384333] The buggy address belongs to the physical page:
[   14.384598] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103249
[   14.385270] flags: 0x200000000000000(node=0|zone=2)
[   14.385495] page_type: f5(slab)
[   14.385670] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   14.386250] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   14.386601] page dumped because: kasan: bad access detected
[   14.386877] 
[   14.387055] Memory state around the buggy address:
[   14.387306]  ffff888103249900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.387743]  ffff888103249980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.388260] >ffff888103249a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   14.388536]                                                              ^
[   14.389136]  ffff888103249a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.389561]  ffff888103249b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc
[   14.389899] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

309aWYwhlSaX86OR0tyxd83BkVP

job_id

TEST:linaro@lkft#309abhHRloGo6mUcqoKlDU4ru3c

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/309abhHRloGo6mUcqoKlDU4ru3c

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/309aZB5NzMRrrXvciMs4oS7OUp5/bzImage
sha256sum	5de0322184970aef882697713de6fec8525f446885c5f985efe758dc3916b299

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/309aZB5NzMRrrXvciMs4oS7OUp5/modules.tar.xz
sha256sum	864aee9916a5d44816f3b48962b2c1a6fbaa1d2aa14a1b69233d00be09ee20a2

durations

tests

boot	0
kunit	226.46

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.2+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit