lkft/linux-next-master - next-20250624 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user

Date

June 24, 2025, 11:37 a.m.

Environment
dragonboard-845c
qemu-arm64
qemu-x86_64

[   77.551244] ==================================================================
[   77.558555] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0
[   77.565528] Write of size 121 at addr ffff0000947c2c00 by task kunit_try_catch/383
[   77.573192] 
[   77.574718] CPU: 7 UID: 0 PID: 383 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250624 #1 PREEMPT 
[   77.574746] Tainted: [B]=BAD_PAGE, [N]=TEST
[   77.574754] Hardware name: Thundercomm Dragonboard 845c (DT)
[   77.574765] Call trace:
[   77.574771]  show_stack+0x20/0x38 (C)
[   77.574788]  dump_stack_lvl+0x8c/0xd0
[   77.574806]  print_report+0x118/0x608
[   77.574825]  kasan_report+0xdc/0x128
[   77.574844]  kasan_check_range+0x100/0x1a8
[   77.574864]  __kasan_check_write+0x20/0x30
[   77.574880]  strncpy_from_user+0x3c/0x2a0
[   77.574896]  copy_user_test_oob+0x5c0/0xec8
[   77.574914]  kunit_try_run_case+0x170/0x3f0
[   77.574933]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   77.574954]  kthread+0x328/0x630
[   77.574968]  ret_from_fork+0x10/0x20
[   77.574985] 
[   77.648151] Allocated by task 383:
[   77.651607]  kasan_save_stack+0x3c/0x68
[   77.655506]  kasan_save_track+0x20/0x40
[   77.659404]  kasan_save_alloc_info+0x40/0x58
[   77.663742]  __kasan_kmalloc+0xd4/0xd8
[   77.667552]  __kmalloc_noprof+0x198/0x4c8
[   77.671622]  kunit_kmalloc_array+0x34/0x88
[   77.675789]  copy_user_test_oob+0xac/0xec8
[   77.679955]  kunit_try_run_case+0x170/0x3f0
[   77.684210]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   77.689778]  kthread+0x328/0x630
[   77.693064]  ret_from_fork+0x10/0x20
[   77.696699] 
[   77.698223] The buggy address belongs to the object at ffff0000947c2c00
[   77.698223]  which belongs to the cache kmalloc-128 of size 128
[   77.710875] The buggy address is located 0 bytes inside of
[   77.710875]  allocated 120-byte region [ffff0000947c2c00, ffff0000947c2c78)
[   77.723445] 
[   77.724969] The buggy address belongs to the physical page:
[   77.730614] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1147c2
[   77.738720] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   77.746467] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   77.753521] page_type: f5(slab)
[   77.756720] raw: 0bfffe0000000040 ffff000080002a00 dead000000000122 0000000000000000
[   77.764557] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   77.772392] head: 0bfffe0000000040 ffff000080002a00 dead000000000122 0000000000000000
[   77.780314] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   77.788237] head: 0bfffe0000000001 fffffdffc251f081 00000000ffffffff 00000000ffffffff
[   77.796159] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   77.804076] page dumped because: kasan: bad access detected
[   77.809723] 
[   77.811246] Memory state around the buggy address:
[   77.816101]  ffff0000947c2b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   77.823415]  ffff0000947c2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   77.830727] >ffff0000947c2c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   77.838037]                                                                 ^
[   77.845261]  ffff0000947c2c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   77.852574]  ffff0000947c2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   77.859884] ==================================================================
[   77.867256] ==================================================================
[   77.874567] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0
[   77.881624] Write of size 1 at addr ffff0000947c2c78 by task kunit_try_catch/383
[   77.889113] 
[   77.890648] CPU: 7 UID: 0 PID: 383 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250624 #1 PREEMPT 
[   77.890678] Tainted: [B]=BAD_PAGE, [N]=TEST
[   77.890686] Hardware name: Thundercomm Dragonboard 845c (DT)
[   77.890697] Call trace:
[   77.890702]  show_stack+0x20/0x38 (C)
[   77.890719]  dump_stack_lvl+0x8c/0xd0
[   77.890738]  print_report+0x118/0x608
[   77.890757]  kasan_report+0xdc/0x128
[   77.890776]  __asan_report_store1_noabort+0x20/0x30
[   77.890793]  strncpy_from_user+0x270/0x2a0
[   77.890810]  copy_user_test_oob+0x5c0/0xec8
[   77.890829]  kunit_try_run_case+0x170/0x3f0
[   77.890846]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   77.890866]  kthread+0x328/0x630
[   77.890881]  ret_from_fork+0x10/0x20
[   77.890897] 
[   77.960792] Allocated by task 383:
[   77.964248]  kasan_save_stack+0x3c/0x68
[   77.968146]  kasan_save_track+0x20/0x40
[   77.972044]  kasan_save_alloc_info+0x40/0x58
[   77.976382]  __kasan_kmalloc+0xd4/0xd8
[   77.980191]  __kmalloc_noprof+0x198/0x4c8
[   77.984261]  kunit_kmalloc_array+0x34/0x88
[   77.988417]  copy_user_test_oob+0xac/0xec8
[   77.992585]  kunit_try_run_case+0x170/0x3f0
[   77.996837]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   78.002404]  kthread+0x328/0x630
[   78.005691]  ret_from_fork+0x10/0x20
[   78.009325] 
[   78.010848] The buggy address belongs to the object at ffff0000947c2c00
[   78.010848]  which belongs to the cache kmalloc-128 of size 128
[   78.023500] The buggy address is located 0 bytes to the right of
[   78.023500]  allocated 120-byte region [ffff0000947c2c00, ffff0000947c2c78)
[   78.036589] 
[   78.038112] The buggy address belongs to the physical page:
[   78.043758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1147c2
[   78.051864] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   78.059611] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   78.066664] page_type: f5(slab)
[   78.069862] raw: 0bfffe0000000040 ffff000080002a00 dead000000000122 0000000000000000
[   78.077699] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   78.085536] head: 0bfffe0000000040 ffff000080002a00 dead000000000122 0000000000000000
[   78.093459] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   78.101382] head: 0bfffe0000000001 fffffdffc251f081 00000000ffffffff 00000000ffffffff
[   78.109303] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   78.117222] page dumped because: kasan: bad access detected
[   78.122867] 
[   78.124390] Memory state around the buggy address:
[   78.129246]  ffff0000947c2b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   78.136558]  ffff0000947c2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   78.143870] >ffff0000947c2c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   78.151180]                                                                 ^
[   78.158403]  ffff0000947c2c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   78.165714]  ffff0000947c2d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   78.173024] ==================================================================

Metadata Full log Test run details

[   37.944956] ==================================================================
[   37.945083] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x270/0x2a0
[   37.945213] Write of size 1 at addr fff00000c77e6a78 by task kunit_try_catch/296
[   37.945341] 
[   37.945442] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250624 #1 PREEMPT 
[   37.945662] Tainted: [B]=BAD_PAGE, [N]=TEST
[   37.945753] Hardware name: linux,dummy-virt (DT)
[   37.945844] Call trace:
[   37.945923]  show_stack+0x20/0x38 (C)
[   37.946066]  dump_stack_lvl+0x8c/0xd0
[   37.946289]  print_report+0x118/0x608
[   37.946431]  kasan_report+0xdc/0x128
[   37.946618]  __asan_report_store1_noabort+0x20/0x30
[   37.946762]  strncpy_from_user+0x270/0x2a0
[   37.946901]  copy_user_test_oob+0x5c0/0xec8
[   37.947024]  kunit_try_run_case+0x170/0x3f0
[   37.947160]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   37.947292]  kthread+0x328/0x630
[   37.947397]  ret_from_fork+0x10/0x20
[   37.947517] 
[   37.947570] Allocated by task 296:
[   37.947639]  kasan_save_stack+0x3c/0x68
[   37.947737]  kasan_save_track+0x20/0x40
[   37.947838]  kasan_save_alloc_info+0x40/0x58
[   37.947960]  __kasan_kmalloc+0xd4/0xd8
[   37.948133]  __kmalloc_noprof+0x198/0x4c8
[   37.948337]  kunit_kmalloc_array+0x34/0x88
[   37.948461]  copy_user_test_oob+0xac/0xec8
[   37.948578]  kunit_try_run_case+0x170/0x3f0
[   37.948715]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   37.948939]  kthread+0x328/0x630
[   37.949141]  ret_from_fork+0x10/0x20
[   37.949260] 
[   37.949318] The buggy address belongs to the object at fff00000c77e6a00
[   37.949318]  which belongs to the cache kmalloc-128 of size 128
[   37.949460] The buggy address is located 0 bytes to the right of
[   37.949460]  allocated 120-byte region [fff00000c77e6a00, fff00000c77e6a78)
[   37.949614] 
[   37.949692] The buggy address belongs to the physical page:
[   37.949785] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e6
[   37.949991] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   37.950268] page_type: f5(slab)
[   37.950457] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   37.950590] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   37.950693] page dumped because: kasan: bad access detected
[   37.950834] 
[   37.950962] Memory state around the buggy address:
[   37.951081]  fff00000c77e6900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   37.951271]  fff00000c77e6980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   37.951382] >fff00000c77e6a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   37.951480]                                                                 ^
[   37.951609]  fff00000c77e6a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   37.951944]  fff00000c77e6b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   37.952226] ==================================================================
[   37.918764] ==================================================================
[   37.918866] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x3c/0x2a0
[   37.919368] Write of size 121 at addr fff00000c77e6a00 by task kunit_try_catch/296
[   37.920429] 
[   37.920591] CPU: 0 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250624 #1 PREEMPT 
[   37.921423] Tainted: [B]=BAD_PAGE, [N]=TEST
[   37.921503] Hardware name: linux,dummy-virt (DT)
[   37.921966] Call trace:
[   37.922496]  show_stack+0x20/0x38 (C)
[   37.923288]  dump_stack_lvl+0x8c/0xd0
[   37.924059]  print_report+0x118/0x608
[   37.924236]  kasan_report+0xdc/0x128
[   37.924809]  kasan_check_range+0x100/0x1a8
[   37.925394]  __kasan_check_write+0x20/0x30
[   37.925783]  strncpy_from_user+0x3c/0x2a0
[   37.925930]  copy_user_test_oob+0x5c0/0xec8
[   37.926057]  kunit_try_run_case+0x170/0x3f0
[   37.927052]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   37.927971]  kthread+0x328/0x630
[   37.928096]  ret_from_fork+0x10/0x20
[   37.928824] 
[   37.928919] Allocated by task 296:
[   37.929009]  kasan_save_stack+0x3c/0x68
[   37.929118]  kasan_save_track+0x20/0x40
[   37.930093]  kasan_save_alloc_info+0x40/0x58
[   37.930564]  __kasan_kmalloc+0xd4/0xd8
[   37.931067]  __kmalloc_noprof+0x198/0x4c8
[   37.931236]  kunit_kmalloc_array+0x34/0x88
[   37.931350]  copy_user_test_oob+0xac/0xec8
[   37.931462]  kunit_try_run_case+0x170/0x3f0
[   37.931948]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   37.932698]  kthread+0x328/0x630
[   37.933388]  ret_from_fork+0x10/0x20
[   37.933510] 
[   37.933800] The buggy address belongs to the object at fff00000c77e6a00
[   37.933800]  which belongs to the cache kmalloc-128 of size 128
[   37.934275] The buggy address is located 0 bytes inside of
[   37.934275]  allocated 120-byte region [fff00000c77e6a00, fff00000c77e6a78)
[   37.934815] 
[   37.934878] The buggy address belongs to the physical page:
[   37.934980] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1077e6
[   37.935115] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   37.935245] page_type: f5(slab)
[   37.935925] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   37.936142] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   37.936254] page dumped because: kasan: bad access detected
[   37.936337] 
[   37.936388] Memory state around the buggy address:
[   37.936926]  fff00000c77e6900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   37.937744]  fff00000c77e6980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   37.938112] >fff00000c77e6a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   37.938223]                                                                 ^
[   37.939130]  fff00000c77e6a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   37.939285]  fff00000c77e6b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   37.939604] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2yx8iABZYbkBMHz2UfLhbVQFSBc

job_id

TEST:linaro@lkft#2yx8mnha0Lu62FmuY96Pi2IVCX2

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2yx8mnha0Lu62FmuY96Pi2IVCX2

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yx8jAY6Eu0Ej50xmM9Wq9W9Kum/Image.gz
sha256sum	08cb64e0f154758cad9002b9f9875074fc1caa5b64a173779c23ca529581230a

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yx8jAY6Eu0Ej50xmM9Wq9W9Kum/modules.tar.xz
sha256sum	1b970a753f25d59f813741ee64d0dae566db66f1284845658803118558976a2f

durations

tests

boot	0
kunit	293.47

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   35.270338] ==================================================================
[   35.271302] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0
[   35.272001] Write of size 1 at addr ffff888102df6578 by task kunit_try_catch/315
[   35.272580] 
[   35.272826] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) 
[   35.272943] Tainted: [B]=BAD_PAGE, [N]=TEST
[   35.272980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   35.273034] Call Trace:
[   35.273079]  <TASK>
[   35.273124]  dump_stack_lvl+0x73/0xb0
[   35.273201]  print_report+0xd1/0x650
[   35.273261]  ? __virt_addr_valid+0x1db/0x2d0
[   35.273328]  ? strncpy_from_user+0x1a5/0x1d0
[   35.273390]  ? kasan_complete_mode_report_info+0x2a/0x200
[   35.273462]  ? strncpy_from_user+0x1a5/0x1d0
[   35.273526]  kasan_report+0x141/0x180
[   35.273607]  ? strncpy_from_user+0x1a5/0x1d0
[   35.273719]  __asan_report_store1_noabort+0x1b/0x30
[   35.273786]  strncpy_from_user+0x1a5/0x1d0
[   35.273858]  copy_user_test_oob+0x760/0x10f0
[   35.273924]  ? __pfx_copy_user_test_oob+0x10/0x10
[   35.273983]  ? finish_task_switch.isra.0+0x153/0x700
[   35.274043]  ? __switch_to+0x47/0xf50
[   35.274109]  ? __schedule+0x10cc/0x2b60
[   35.274178]  ? __pfx_read_tsc+0x10/0x10
[   35.274242]  ? ktime_get_ts64+0x86/0x230
[   35.274303]  kunit_try_run_case+0x1a5/0x480
[   35.274375]  ? __pfx_kunit_try_run_case+0x10/0x10
[   35.274414]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   35.274451]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   35.274486]  ? __kthread_parkme+0x82/0x180
[   35.274515]  ? preempt_count_sub+0x50/0x80
[   35.274569]  ? __pfx_kunit_try_run_case+0x10/0x10
[   35.274606]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   35.274664]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   35.274699]  kthread+0x337/0x6f0
[   35.274728]  ? trace_preempt_on+0x20/0xc0
[   35.274761]  ? __pfx_kthread+0x10/0x10
[   35.274790]  ? _raw_spin_unlock_irq+0x47/0x80
[   35.274821]  ? calculate_sigpending+0x7b/0xa0
[   35.274854]  ? __pfx_kthread+0x10/0x10
[   35.274884]  ret_from_fork+0x116/0x1d0
[   35.274910]  ? __pfx_kthread+0x10/0x10
[   35.274939]  ret_from_fork_asm+0x1a/0x30
[   35.274980]  </TASK>
[   35.274996] 
[   35.289498] Allocated by task 315:
[   35.289887]  kasan_save_stack+0x45/0x70
[   35.290307]  kasan_save_track+0x18/0x40
[   35.290571]  kasan_save_alloc_info+0x3b/0x50
[   35.291028]  __kasan_kmalloc+0xb7/0xc0
[   35.291424]  __kmalloc_noprof+0x1c9/0x500
[   35.291953]  kunit_kmalloc_array+0x25/0x60
[   35.292301]  copy_user_test_oob+0xab/0x10f0
[   35.292827]  kunit_try_run_case+0x1a5/0x480
[   35.293105]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   35.293405]  kthread+0x337/0x6f0
[   35.293742]  ret_from_fork+0x116/0x1d0
[   35.294151]  ret_from_fork_asm+0x1a/0x30
[   35.294652] 
[   35.294960] The buggy address belongs to the object at ffff888102df6500
[   35.294960]  which belongs to the cache kmalloc-128 of size 128
[   35.296085] The buggy address is located 0 bytes to the right of
[   35.296085]  allocated 120-byte region [ffff888102df6500, ffff888102df6578)
[   35.297049] 
[   35.297202] The buggy address belongs to the physical page:
[   35.297477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102df6
[   35.298227] flags: 0x200000000000000(node=0|zone=2)
[   35.298850] page_type: f5(slab)
[   35.299200] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   35.299968] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   35.300576] page dumped because: kasan: bad access detected
[   35.300899] 
[   35.301030] Memory state around the buggy address:
[   35.301313]  ffff888102df6400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   35.302035]  ffff888102df6480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   35.302792] >ffff888102df6500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   35.303507]                                                                 ^
[   35.304215]  ffff888102df6580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   35.304718]  ffff888102df6600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   35.305422] ==================================================================
[   35.231756] ==================================================================
[   35.232461] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0
[   35.233140] Write of size 121 at addr ffff888102df6500 by task kunit_try_catch/315
[   35.233802] 
[   35.233996] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc3-next-20250624 #1 PREEMPT(voluntary) 
[   35.234114] Tainted: [B]=BAD_PAGE, [N]=TEST
[   35.234147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   35.234197] Call Trace:
[   35.234239]  <TASK>
[   35.234280]  dump_stack_lvl+0x73/0xb0
[   35.234349]  print_report+0xd1/0x650
[   35.234401]  ? __virt_addr_valid+0x1db/0x2d0
[   35.234461]  ? strncpy_from_user+0x2e/0x1d0
[   35.234526]  ? kasan_complete_mode_report_info+0x2a/0x200
[   35.234617]  ? strncpy_from_user+0x2e/0x1d0
[   35.234724]  kasan_report+0x141/0x180
[   35.234791]  ? strncpy_from_user+0x2e/0x1d0
[   35.234870]  kasan_check_range+0x10c/0x1c0
[   35.234939]  __kasan_check_write+0x18/0x20
[   35.235005]  strncpy_from_user+0x2e/0x1d0
[   35.235070]  ? __kasan_check_read+0x15/0x20
[   35.235140]  copy_user_test_oob+0x760/0x10f0
[   35.235211]  ? __pfx_copy_user_test_oob+0x10/0x10
[   35.235275]  ? finish_task_switch.isra.0+0x153/0x700
[   35.235341]  ? __switch_to+0x47/0xf50
[   35.235413]  ? __schedule+0x10cc/0x2b60
[   35.235483]  ? __pfx_read_tsc+0x10/0x10
[   35.235562]  ? ktime_get_ts64+0x86/0x230
[   35.235669]  kunit_try_run_case+0x1a5/0x480
[   35.235747]  ? __pfx_kunit_try_run_case+0x10/0x10
[   35.235813]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   35.235893]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   35.235962]  ? __kthread_parkme+0x82/0x180
[   35.236024]  ? preempt_count_sub+0x50/0x80
[   35.236092]  ? __pfx_kunit_try_run_case+0x10/0x10
[   35.236162]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   35.236228]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   35.236291]  kthread+0x337/0x6f0
[   35.236345]  ? trace_preempt_on+0x20/0xc0
[   35.236410]  ? __pfx_kthread+0x10/0x10
[   35.236472]  ? _raw_spin_unlock_irq+0x47/0x80
[   35.236550]  ? calculate_sigpending+0x7b/0xa0
[   35.236611]  ? __pfx_kthread+0x10/0x10
[   35.236713]  ret_from_fork+0x116/0x1d0
[   35.236774]  ? __pfx_kthread+0x10/0x10
[   35.236836]  ret_from_fork_asm+0x1a/0x30
[   35.236922]  </TASK>
[   35.236955] 
[   35.249362] Allocated by task 315:
[   35.249789]  kasan_save_stack+0x45/0x70
[   35.250231]  kasan_save_track+0x18/0x40
[   35.250683]  kasan_save_alloc_info+0x3b/0x50
[   35.251085]  __kasan_kmalloc+0xb7/0xc0
[   35.251396]  __kmalloc_noprof+0x1c9/0x500
[   35.251712]  kunit_kmalloc_array+0x25/0x60
[   35.252005]  copy_user_test_oob+0xab/0x10f0
[   35.252415]  kunit_try_run_case+0x1a5/0x480
[   35.253673]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   35.254220]  kthread+0x337/0x6f0
[   35.254521]  ret_from_fork+0x116/0x1d0
[   35.255990]  ret_from_fork_asm+0x1a/0x30
[   35.257002] 
[   35.257533] The buggy address belongs to the object at ffff888102df6500
[   35.257533]  which belongs to the cache kmalloc-128 of size 128
[   35.259743] The buggy address is located 0 bytes inside of
[   35.259743]  allocated 120-byte region [ffff888102df6500, ffff888102df6578)
[   35.261184] 
[   35.261339] The buggy address belongs to the physical page:
[   35.261958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102df6
[   35.262427] flags: 0x200000000000000(node=0|zone=2)
[   35.262938] page_type: f5(slab)
[   35.263466] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   35.264217] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   35.264926] page dumped because: kasan: bad access detected
[   35.265300] 
[   35.265508] Memory state around the buggy address:
[   35.265898]  ffff888102df6400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   35.266364]  ffff888102df6480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   35.266871] >ffff888102df6500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   35.267316]                                                                 ^
[   35.267895]  ffff888102df6580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   35.268498]  ffff888102df6600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   35.268969] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2yx8iABZYbkBMHz2UfLhbVQFSBc

job_id

TEST:linaro@lkft#2yx8nqbxHyU9q5QFLSgoSfpxg7c

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2yx8nqbxHyU9q5QFLSgoSfpxg7c

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yx8kMWyAcZURSq8fq3I4LTYNnI/bzImage
sha256sum	e4af8fb0c4f818dc00f998896a3bb1036c581a265d8c629b665739ffdae0ee02

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2yx8kMWyAcZURSq8fq3I4LTYNnI/modules.tar.xz
sha256sum	aa90f144ec87f2f93e8f81cdc22f5e1ccf9be8dc2fab92a71c87abdd535262e3

durations

tests

boot	0
kunit	232.61

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - dragonboard-845c - gcc-13-lkftconfig-kunit

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit