lkft/linux-next-master - next-20250711 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault

Date

July 11, 2025, 10:11 a.m.

Environment
e850-96
qemu-arm64
qemu-x86_64

[   81.189699] ==================================================================
[   81.203873] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250
[   81.211250] Read of size 8 at addr ffff000800de6578 by task kunit_try_catch/365
[   81.218539] 
[   81.220024] CPU: 7 UID: 0 PID: 365 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250711 #1 PREEMPT 
[   81.220085] Tainted: [B]=BAD_PAGE, [N]=TEST
[   81.220104] Hardware name: WinLink E850-96 board (DT)
[   81.220128] Call trace:
[   81.220144]  show_stack+0x20/0x38 (C)
[   81.220183]  dump_stack_lvl+0x8c/0xd0
[   81.220217]  print_report+0x118/0x5d0
[   81.220249]  kasan_report+0xdc/0x128
[   81.220279]  __asan_report_load8_noabort+0x20/0x30
[   81.220317]  copy_to_kernel_nofault+0x204/0x250
[   81.220356]  copy_to_kernel_nofault_oob+0x158/0x418
[   81.220393]  kunit_try_run_case+0x170/0x3f0
[   81.220435]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   81.220470]  kthread+0x328/0x630
[   81.220499]  ret_from_fork+0x10/0x20
[   81.220536] 
[   81.289285] Allocated by task 365:
[   81.292673]  kasan_save_stack+0x3c/0x68
[   81.296488]  kasan_save_track+0x20/0x40
[   81.300307]  kasan_save_alloc_info+0x40/0x58
[   81.304561]  __kasan_kmalloc+0xd4/0xd8
[   81.308293]  __kmalloc_cache_noprof+0x16c/0x3c0
[   81.312807]  copy_to_kernel_nofault_oob+0xc8/0x418
[   81.317581]  kunit_try_run_case+0x170/0x3f0
[   81.321749]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   81.327218]  kthread+0x328/0x630
[   81.330428]  ret_from_fork+0x10/0x20
[   81.333987] 
[   81.335465] The buggy address belongs to the object at ffff000800de6500
[   81.335465]  which belongs to the cache kmalloc-128 of size 128
[   81.347965] The buggy address is located 0 bytes to the right of
[   81.347965]  allocated 120-byte region [ffff000800de6500, ffff000800de6578)
[   81.360896] 
[   81.362375] The buggy address belongs to the physical page:
[   81.367932] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x880de6
[   81.375917] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   81.383555] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   81.390500] page_type: f5(slab)
[   81.393635] raw: 0bfffe0000000040 ffff000800002a00 dead000000000100 dead000000000122
[   81.401354] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   81.409083] head: 0bfffe0000000040 ffff000800002a00 dead000000000100 dead000000000122
[   81.416891] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   81.424705] head: 0bfffe0000000001 fffffdffe0037981 00000000ffffffff 00000000ffffffff
[   81.432516] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   81.440322] page dumped because: kasan: bad access detected
[   81.445878] 
[   81.447353] Memory state around the buggy address:
[   81.452133]  ffff000800de6400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   81.459336]  ffff000800de6480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   81.466542] >ffff000800de6500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   81.473742]                                                                 ^
[   81.480864]  ffff000800de6580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   81.488070]  ffff000800de6600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   81.495271] ==================================================================
[   81.502708] ==================================================================
[   81.509686] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250
[   81.516971] Write of size 8 at addr ffff000800de6578 by task kunit_try_catch/365
[   81.524349] 
[   81.525835] CPU: 7 UID: 0 PID: 365 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250711 #1 PREEMPT 
[   81.525891] Tainted: [B]=BAD_PAGE, [N]=TEST
[   81.525911] Hardware name: WinLink E850-96 board (DT)
[   81.525934] Call trace:
[   81.525948]  show_stack+0x20/0x38 (C)
[   81.525983]  dump_stack_lvl+0x8c/0xd0
[   81.526016]  print_report+0x118/0x5d0
[   81.526049]  kasan_report+0xdc/0x128
[   81.526077]  kasan_check_range+0x100/0x1a8
[   81.526110]  __kasan_check_write+0x20/0x30
[   81.526143]  copy_to_kernel_nofault+0x8c/0x250
[   81.526179]  copy_to_kernel_nofault_oob+0x1bc/0x418
[   81.526217]  kunit_try_run_case+0x170/0x3f0
[   81.526253]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   81.526288]  kthread+0x328/0x630
[   81.526320]  ret_from_fork+0x10/0x20
[   81.526355] 
[   81.598393] Allocated by task 365:
[   81.601781]  kasan_save_stack+0x3c/0x68
[   81.605599]  kasan_save_track+0x20/0x40
[   81.609417]  kasan_save_alloc_info+0x40/0x58
[   81.613671]  __kasan_kmalloc+0xd4/0xd8
[   81.617403]  __kmalloc_cache_noprof+0x16c/0x3c0
[   81.621917]  copy_to_kernel_nofault_oob+0xc8/0x418
[   81.626691]  kunit_try_run_case+0x170/0x3f0
[   81.630858]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   81.636326]  kthread+0x328/0x630
[   81.639538]  ret_from_fork+0x10/0x20
[   81.643097] 
[   81.644574] The buggy address belongs to the object at ffff000800de6500
[   81.644574]  which belongs to the cache kmalloc-128 of size 128
[   81.657074] The buggy address is located 0 bytes to the right of
[   81.657074]  allocated 120-byte region [ffff000800de6500, ffff000800de6578)
[   81.670007] 
[   81.671485] The buggy address belongs to the physical page:
[   81.677042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x880de6
[   81.685025] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   81.692664] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   81.699606] page_type: f5(slab)
[   81.702743] raw: 0bfffe0000000040 ffff000800002a00 dead000000000100 dead000000000122
[   81.710464] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   81.718191] head: 0bfffe0000000040 ffff000800002a00 dead000000000100 dead000000000122
[   81.726002] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   81.733815] head: 0bfffe0000000001 fffffdffe0037981 00000000ffffffff 00000000ffffffff
[   81.741626] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   81.749434] page dumped because: kasan: bad access detected
[   81.754988] 
[   81.756463] Memory state around the buggy address:
[   81.761241]  ffff000800de6400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   81.768446]  ffff000800de6480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   81.775652] >ffff000800de6500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   81.782852]                                                                 ^
[   81.789973]  ffff000800de6580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   81.797180]  ffff000800de6600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   81.804379] ==================================================================

Metadata Full log Test run details

[   33.416820] ==================================================================
[   33.416882] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250
[   33.417875] Write of size 8 at addr fff00000c91a7578 by task kunit_try_catch/312
[   33.417968] 
[   33.418320] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250711 #1 PREEMPT 
[   33.418809] Tainted: [B]=BAD_PAGE, [N]=TEST
[   33.418894] Hardware name: linux,dummy-virt (DT)
[   33.419172] Call trace:
[   33.419252]  show_stack+0x20/0x38 (C)
[   33.419373]  dump_stack_lvl+0x8c/0xd0
[   33.419478]  print_report+0x118/0x5d0
[   33.419565]  kasan_report+0xdc/0x128
[   33.419680]  kasan_check_range+0x100/0x1a8
[   33.419755]  __kasan_check_write+0x20/0x30
[   33.420061]  copy_to_kernel_nofault+0x8c/0x250
[   33.420399]  copy_to_kernel_nofault_oob+0x1bc/0x418
[   33.420519]  kunit_try_run_case+0x170/0x3f0
[   33.420625]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   33.420787]  kthread+0x328/0x630
[   33.420903]  ret_from_fork+0x10/0x20
[   33.420990] 
[   33.421079] Allocated by task 312:
[   33.421150]  kasan_save_stack+0x3c/0x68
[   33.421268]  kasan_save_track+0x20/0x40
[   33.421334]  kasan_save_alloc_info+0x40/0x58
[   33.421374]  __kasan_kmalloc+0xd4/0xd8
[   33.421573]  __kmalloc_cache_noprof+0x16c/0x3c0
[   33.421824]  copy_to_kernel_nofault_oob+0xc8/0x418
[   33.421898]  kunit_try_run_case+0x170/0x3f0
[   33.421950]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   33.422162]  kthread+0x328/0x630
[   33.422363]  ret_from_fork+0x10/0x20
[   33.422505] 
[   33.422575] The buggy address belongs to the object at fff00000c91a7500
[   33.422575]  which belongs to the cache kmalloc-128 of size 128
[   33.422886] The buggy address is located 0 bytes to the right of
[   33.422886]  allocated 120-byte region [fff00000c91a7500, fff00000c91a7578)
[   33.422997] 
[   33.423349] The buggy address belongs to the physical page:
[   33.423483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1091a7
[   33.423588] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   33.423799] page_type: f5(slab)
[   33.424004] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   33.424207] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   33.424337] page dumped because: kasan: bad access detected
[   33.424475] 
[   33.424851] Memory state around the buggy address:
[   33.424944]  fff00000c91a7400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   33.425013]  fff00000c91a7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.425276] >fff00000c91a7500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   33.425467]                                                                 ^
[   33.425519]  fff00000c91a7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.425750]  fff00000c91a7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.425841] ==================================================================
[   33.408048] ==================================================================
[   33.408131] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250
[   33.408286] Read of size 8 at addr fff00000c91a7578 by task kunit_try_catch/312
[   33.408367] 
[   33.408437] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250711 #1 PREEMPT 
[   33.408583] Tainted: [B]=BAD_PAGE, [N]=TEST
[   33.408612] Hardware name: linux,dummy-virt (DT)
[   33.408666] Call trace:
[   33.408704]  show_stack+0x20/0x38 (C)
[   33.409068]  dump_stack_lvl+0x8c/0xd0
[   33.409147]  print_report+0x118/0x5d0
[   33.409290]  kasan_report+0xdc/0x128
[   33.409386]  __asan_report_load8_noabort+0x20/0x30
[   33.409637]  copy_to_kernel_nofault+0x204/0x250
[   33.409693]  copy_to_kernel_nofault_oob+0x158/0x418
[   33.409745]  kunit_try_run_case+0x170/0x3f0
[   33.410199]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   33.410358]  kthread+0x328/0x630
[   33.410414]  ret_from_fork+0x10/0x20
[   33.410499] 
[   33.410851] Allocated by task 312:
[   33.410952]  kasan_save_stack+0x3c/0x68
[   33.411046]  kasan_save_track+0x20/0x40
[   33.411180]  kasan_save_alloc_info+0x40/0x58
[   33.411269]  __kasan_kmalloc+0xd4/0xd8
[   33.411344]  __kmalloc_cache_noprof+0x16c/0x3c0
[   33.411544]  copy_to_kernel_nofault_oob+0xc8/0x418
[   33.411752]  kunit_try_run_case+0x170/0x3f0
[   33.411840]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   33.411984]  kthread+0x328/0x630
[   33.412061]  ret_from_fork+0x10/0x20
[   33.412142] 
[   33.412349] The buggy address belongs to the object at fff00000c91a7500
[   33.412349]  which belongs to the cache kmalloc-128 of size 128
[   33.412529] The buggy address is located 0 bytes to the right of
[   33.412529]  allocated 120-byte region [fff00000c91a7500, fff00000c91a7578)
[   33.412688] 
[   33.412770] The buggy address belongs to the physical page:
[   33.412915] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1091a7
[   33.413018] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   33.413372] page_type: f5(slab)
[   33.413468] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   33.413577] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   33.413715] page dumped because: kasan: bad access detected
[   33.413777] 
[   33.413954] Memory state around the buggy address:
[   33.414142]  fff00000c91a7400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   33.414227]  fff00000c91a7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.414431] >fff00000c91a7500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   33.414510]                                                                 ^
[   33.414674]  fff00000c91a7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.414748]  fff00000c91a7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.414891] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zizK5DpLdiSo5JTRmUPvSCnGxG

job_id

TEST:linaro@lkft#2zizOeD8Jm6gvF6WEX3HpY0Yiv3

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zizOeD8Jm6gvF6WEX3HpY0Yiv3

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zizLHXy0YY4Eb3Uvf7RBZBjPJe/Image.gz
sha256sum	37d9d8f3bf88d1e931fe46cf36571593b5a433a5d7333af6ff92cab414d2ee0c

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zizLHXy0YY4Eb3Uvf7RBZBjPJe/modules.tar.xz
sha256sum	f716ec16fb4ddf54116cb1eb73ee916ed3bd359ff95e4d969af9a161c3cb0a9f

durations

tests

boot	0
kunit	172.65

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   27.939681] ==================================================================
[   27.940036] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260
[   27.940381] Write of size 8 at addr ffff88810622c178 by task kunit_try_catch/331
[   27.940720] 
[   27.940837] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250711 #1 PREEMPT(voluntary) 
[   27.940887] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.940901] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.940924] Call Trace:
[   27.940941]  <TASK>
[   27.940959]  dump_stack_lvl+0x73/0xb0
[   27.940989]  print_report+0xd1/0x610
[   27.941012]  ? __virt_addr_valid+0x1db/0x2d0
[   27.941037]  ? copy_to_kernel_nofault+0x99/0x260
[   27.941062]  ? kasan_complete_mode_report_info+0x2a/0x200
[   27.941097]  ? copy_to_kernel_nofault+0x99/0x260
[   27.941121]  kasan_report+0x141/0x180
[   27.941145]  ? copy_to_kernel_nofault+0x99/0x260
[   27.941174]  kasan_check_range+0x10c/0x1c0
[   27.941199]  __kasan_check_write+0x18/0x20
[   27.941223]  copy_to_kernel_nofault+0x99/0x260
[   27.941248]  copy_to_kernel_nofault_oob+0x288/0x560
[   27.941274]  ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10
[   27.941298]  ? finish_task_switch.isra.0+0x153/0x700
[   27.941336]  ? __schedule+0x10cc/0x2b60
[   27.941361]  ? trace_hardirqs_on+0x37/0xe0
[   27.941392]  ? __pfx_read_tsc+0x10/0x10
[   27.941428]  ? ktime_get_ts64+0x86/0x230
[   27.941454]  kunit_try_run_case+0x1a5/0x480
[   27.941478]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.941499]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   27.941523]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.941548]  ? __kthread_parkme+0x82/0x180
[   27.941569]  ? preempt_count_sub+0x50/0x80
[   27.941593]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.941615]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.941641]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.941668]  kthread+0x337/0x6f0
[   27.941689]  ? trace_preempt_on+0x20/0xc0
[   27.941712]  ? __pfx_kthread+0x10/0x10
[   27.941743]  ? _raw_spin_unlock_irq+0x47/0x80
[   27.941767]  ? calculate_sigpending+0x7b/0xa0
[   27.941792]  ? __pfx_kthread+0x10/0x10
[   27.941814]  ret_from_fork+0x116/0x1d0
[   27.941835]  ? __pfx_kthread+0x10/0x10
[   27.941857]  ret_from_fork_asm+0x1a/0x30
[   27.941889]  </TASK>
[   27.941900] 
[   27.950549] Allocated by task 331:
[   27.950669]  kasan_save_stack+0x45/0x70
[   27.950815]  kasan_save_track+0x18/0x40
[   27.950946]  kasan_save_alloc_info+0x3b/0x50
[   27.951087]  __kasan_kmalloc+0xb7/0xc0
[   27.951213]  __kmalloc_cache_noprof+0x189/0x420
[   27.951362]  copy_to_kernel_nofault_oob+0x12f/0x560
[   27.951692]  kunit_try_run_case+0x1a5/0x480
[   27.951897]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.952145]  kthread+0x337/0x6f0
[   27.952375]  ret_from_fork+0x116/0x1d0
[   27.952527]  ret_from_fork_asm+0x1a/0x30
[   27.952661] 
[   27.952726] The buggy address belongs to the object at ffff88810622c100
[   27.952726]  which belongs to the cache kmalloc-128 of size 128
[   27.953267] The buggy address is located 0 bytes to the right of
[   27.953267]  allocated 120-byte region [ffff88810622c100, ffff88810622c178)
[   27.953800] 
[   27.953871] The buggy address belongs to the physical page:
[   27.954038] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10622c
[   27.954315] flags: 0x200000000000000(node=0|zone=2)
[   27.954546] page_type: f5(slab)
[   27.954710] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   27.955397] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   27.955854] page dumped because: kasan: bad access detected
[   27.956072] 
[   27.956136] Memory state around the buggy address:
[   27.956285]  ffff88810622c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   27.956505]  ffff88810622c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.956765] >ffff88810622c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   27.957404]                                                                 ^
[   27.957725]  ffff88810622c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.957952]  ffff88810622c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.958160] ==================================================================
[   27.920697] ==================================================================
[   27.921359] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260
[   27.921770] Read of size 8 at addr ffff88810622c178 by task kunit_try_catch/331
[   27.922105] 
[   27.922285] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5-next-20250711 #1 PREEMPT(voluntary) 
[   27.922344] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.922358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.922383] Call Trace:
[   27.922398]  <TASK>
[   27.922422]  dump_stack_lvl+0x73/0xb0
[   27.922459]  print_report+0xd1/0x610
[   27.922486]  ? __virt_addr_valid+0x1db/0x2d0
[   27.922514]  ? copy_to_kernel_nofault+0x225/0x260
[   27.922539]  ? kasan_complete_mode_report_info+0x2a/0x200
[   27.922567]  ? copy_to_kernel_nofault+0x225/0x260
[   27.922591]  kasan_report+0x141/0x180
[   27.922614]  ? copy_to_kernel_nofault+0x225/0x260
[   27.922644]  __asan_report_load8_noabort+0x18/0x20
[   27.922684]  copy_to_kernel_nofault+0x225/0x260
[   27.922710]  copy_to_kernel_nofault_oob+0x1ed/0x560
[   27.922746]  ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10
[   27.922770]  ? finish_task_switch.isra.0+0x153/0x700
[   27.922795]  ? __schedule+0x10cc/0x2b60
[   27.922820]  ? trace_hardirqs_on+0x37/0xe0
[   27.922854]  ? __pfx_read_tsc+0x10/0x10
[   27.922878]  ? ktime_get_ts64+0x86/0x230
[   27.922906]  kunit_try_run_case+0x1a5/0x480
[   27.922932]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.922955]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   27.922979]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.923003]  ? __kthread_parkme+0x82/0x180
[   27.923026]  ? preempt_count_sub+0x50/0x80
[   27.923049]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.923072]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.923098]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.923125]  kthread+0x337/0x6f0
[   27.923146]  ? trace_preempt_on+0x20/0xc0
[   27.923169]  ? __pfx_kthread+0x10/0x10
[   27.923191]  ? _raw_spin_unlock_irq+0x47/0x80
[   27.923214]  ? calculate_sigpending+0x7b/0xa0
[   27.923240]  ? __pfx_kthread+0x10/0x10
[   27.923263]  ret_from_fork+0x116/0x1d0
[   27.923283]  ? __pfx_kthread+0x10/0x10
[   27.923305]  ret_from_fork_asm+0x1a/0x30
[   27.923338]  </TASK>
[   27.923352] 
[   27.931377] Allocated by task 331:
[   27.931532]  kasan_save_stack+0x45/0x70
[   27.931673]  kasan_save_track+0x18/0x40
[   27.931920]  kasan_save_alloc_info+0x3b/0x50
[   27.932141]  __kasan_kmalloc+0xb7/0xc0
[   27.932364]  __kmalloc_cache_noprof+0x189/0x420
[   27.932750]  copy_to_kernel_nofault_oob+0x12f/0x560
[   27.932912]  kunit_try_run_case+0x1a5/0x480
[   27.933067]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.933322]  kthread+0x337/0x6f0
[   27.933548]  ret_from_fork+0x116/0x1d0
[   27.933800]  ret_from_fork_asm+0x1a/0x30
[   27.933944] 
[   27.934082] The buggy address belongs to the object at ffff88810622c100
[   27.934082]  which belongs to the cache kmalloc-128 of size 128
[   27.934533] The buggy address is located 0 bytes to the right of
[   27.934533]  allocated 120-byte region [ffff88810622c100, ffff88810622c178)
[   27.935073] 
[   27.935157] The buggy address belongs to the physical page:
[   27.935380] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10622c
[   27.935902] flags: 0x200000000000000(node=0|zone=2)
[   27.936062] page_type: f5(slab)
[   27.936179] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   27.936407] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   27.936626] page dumped because: kasan: bad access detected
[   27.936944] 
[   27.937113] Memory state around the buggy address:
[   27.937607]  ffff88810622c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   27.937937]  ffff88810622c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.938237] >ffff88810622c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   27.938576]                                                                 ^
[   27.938832]  ffff88810622c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.939040]  ffff88810622c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.939247] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zizK5DpLdiSo5JTRmUPvSCnGxG

job_id

TEST:linaro@lkft#2zizPosnQ5rY23goGLqjSSGUMDT

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zizPosnQ5rY23goGLqjSSGUMDT

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zizMF2TFo5wqp9ExxxKcu7DMgd/bzImage
sha256sum	0b86f8183e71d185ecf48e91daf338a38748221ed84c99d5fcc0aff2fb4fe4d2

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zizMF2TFo5wqp9ExxxKcu7DMgd/modules.tar.xz
sha256sum	1cecf8a22d53cbe6f1135ddb095fc53e6fe8ebbda902547c47910320c1d5aa61

durations

tests

boot	0
kunit	220.78

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - e850-96 - gcc-13-lkftconfig-kunit

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit