lkft/linux-next-master - next-20250714 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault

Date

July 14, 2025, 10:38 a.m.

Environment
e850-96
qemu-arm64
qemu-x86_64

[   79.909051] ==================================================================
[   79.923314] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250
[   79.930690] Read of size 8 at addr ffff000801e0bf78 by task kunit_try_catch/365
[   79.937981] 
[   79.939469] CPU: 5 UID: 0 PID: 365 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250714 #1 PREEMPT 
[   79.939525] Tainted: [B]=BAD_PAGE, [N]=TEST
[   79.939542] Hardware name: WinLink E850-96 board (DT)
[   79.939567] Call trace:
[   79.939581]  show_stack+0x20/0x38 (C)
[   79.939620]  dump_stack_lvl+0x8c/0xd0
[   79.939656]  print_report+0x118/0x5d0
[   79.939686]  kasan_report+0xdc/0x128
[   79.939715]  __asan_report_load8_noabort+0x20/0x30
[   79.939753]  copy_to_kernel_nofault+0x204/0x250
[   79.939789]  copy_to_kernel_nofault_oob+0x158/0x418
[   79.939824]  kunit_try_run_case+0x170/0x3f0
[   79.939864]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   79.939898]  kthread+0x328/0x630
[   79.939930]  ret_from_fork+0x10/0x20
[   79.939969] 
[   80.008727] Allocated by task 365:
[   80.012113]  kasan_save_stack+0x3c/0x68
[   80.015930]  kasan_save_track+0x20/0x40
[   80.019750]  kasan_save_alloc_info+0x40/0x58
[   80.024003]  __kasan_kmalloc+0xd4/0xd8
[   80.027736]  __kmalloc_cache_noprof+0x16c/0x3c0
[   80.032250]  copy_to_kernel_nofault_oob+0xc8/0x418
[   80.037024]  kunit_try_run_case+0x170/0x3f0
[   80.041190]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   80.046659]  kthread+0x328/0x630
[   80.049871]  ret_from_fork+0x10/0x20
[   80.053430] 
[   80.054907] The buggy address belongs to the object at ffff000801e0bf00
[   80.054907]  which belongs to the cache kmalloc-128 of size 128
[   80.067409] The buggy address is located 0 bytes to the right of
[   80.067409]  allocated 120-byte region [ffff000801e0bf00, ffff000801e0bf78)
[   80.080340] 
[   80.081819] The buggy address belongs to the physical page:
[   80.087376] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x881e0a
[   80.095359] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   80.102998] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   80.109941] page_type: f5(slab)
[   80.113078] raw: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000
[   80.120797] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   80.128525] head: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000
[   80.136334] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   80.144147] head: 0bfffe0000000001 fffffdffe0078281 00000000ffffffff 00000000ffffffff
[   80.151960] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   80.159767] page dumped because: kasan: bad access detected
[   80.165321] 
[   80.166798] Memory state around the buggy address:
[   80.171578]  ffff000801e0be00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   80.178779]  ffff000801e0be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   80.185985] >ffff000801e0bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   80.193185]                                                                 ^
[   80.200306]  ffff000801e0bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   80.207512]  ffff000801e0c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   80.214714] ==================================================================
[   80.222149] ==================================================================
[   80.229126] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250
[   80.236413] Write of size 8 at addr ffff000801e0bf78 by task kunit_try_catch/365
[   80.243792] 
[   80.245278] CPU: 5 UID: 0 PID: 365 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250714 #1 PREEMPT 
[   80.245335] Tainted: [B]=BAD_PAGE, [N]=TEST
[   80.245350] Hardware name: WinLink E850-96 board (DT)
[   80.245372] Call trace:
[   80.245387]  show_stack+0x20/0x38 (C)
[   80.245422]  dump_stack_lvl+0x8c/0xd0
[   80.245456]  print_report+0x118/0x5d0
[   80.245486]  kasan_report+0xdc/0x128
[   80.245516]  kasan_check_range+0x100/0x1a8
[   80.245548]  __kasan_check_write+0x20/0x30
[   80.245581]  copy_to_kernel_nofault+0x8c/0x250
[   80.245616]  copy_to_kernel_nofault_oob+0x1bc/0x418
[   80.245650]  kunit_try_run_case+0x170/0x3f0
[   80.245686]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   80.245718]  kthread+0x328/0x630
[   80.245747]  ret_from_fork+0x10/0x20
[   80.245781] 
[   80.317836] Allocated by task 365:
[   80.321223]  kasan_save_stack+0x3c/0x68
[   80.325040]  kasan_save_track+0x20/0x40
[   80.328860]  kasan_save_alloc_info+0x40/0x58
[   80.333113]  __kasan_kmalloc+0xd4/0xd8
[   80.336846]  __kmalloc_cache_noprof+0x16c/0x3c0
[   80.341360]  copy_to_kernel_nofault_oob+0xc8/0x418
[   80.346134]  kunit_try_run_case+0x170/0x3f0
[   80.350301]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   80.355769]  kthread+0x328/0x630
[   80.358981]  ret_from_fork+0x10/0x20
[   80.362540] 
[   80.364017] The buggy address belongs to the object at ffff000801e0bf00
[   80.364017]  which belongs to the cache kmalloc-128 of size 128
[   80.376517] The buggy address is located 0 bytes to the right of
[   80.376517]  allocated 120-byte region [ffff000801e0bf00, ffff000801e0bf78)
[   80.389449] 
[   80.390928] The buggy address belongs to the physical page:
[   80.396485] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x881e0a
[   80.404467] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   80.412106] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   80.419050] page_type: f5(slab)
[   80.422186] raw: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000
[   80.429907] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   80.437633] head: 0bfffe0000000040 ffff000800002a00 dead000000000122 0000000000000000
[   80.445445] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   80.453258] head: 0bfffe0000000001 fffffdffe0078281 00000000ffffffff 00000000ffffffff
[   80.461070] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   80.468877] page dumped because: kasan: bad access detected
[   80.474431] 
[   80.475908] Memory state around the buggy address:
[   80.480686]  ffff000801e0be00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   80.487889]  ffff000801e0be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   80.495094] >ffff000801e0bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   80.502295]                                                                 ^
[   80.509418]  ffff000801e0bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   80.516623]  ffff000801e0c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   80.523822] ==================================================================

Metadata Full log Test run details

[   32.791457] ==================================================================
[   32.791584] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250
[   32.791656] Read of size 8 at addr fff00000c85fce78 by task kunit_try_catch/312
[   32.791708] 
[   32.791942] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250714 #1 PREEMPT 
[   32.792228] Tainted: [B]=BAD_PAGE, [N]=TEST
[   32.792317] Hardware name: linux,dummy-virt (DT)
[   32.792401] Call trace:
[   32.792504]  show_stack+0x20/0x38 (C)
[   32.792585]  dump_stack_lvl+0x8c/0xd0
[   32.792899]  print_report+0x118/0x5d0
[   32.793007]  kasan_report+0xdc/0x128
[   32.793460]  __asan_report_load8_noabort+0x20/0x30
[   32.793594]  copy_to_kernel_nofault+0x204/0x250
[   32.794000]  copy_to_kernel_nofault_oob+0x158/0x418
[   32.794108]  kunit_try_run_case+0x170/0x3f0
[   32.794246]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.794389]  kthread+0x328/0x630
[   32.794498]  ret_from_fork+0x10/0x20
[   32.794566] 
[   32.794587] Allocated by task 312:
[   32.794890]  kasan_save_stack+0x3c/0x68
[   32.794958]  kasan_save_track+0x20/0x40
[   32.795085]  kasan_save_alloc_info+0x40/0x58
[   32.795184]  __kasan_kmalloc+0xd4/0xd8
[   32.795380]  __kmalloc_cache_noprof+0x16c/0x3c0
[   32.795462]  copy_to_kernel_nofault_oob+0xc8/0x418
[   32.795660]  kunit_try_run_case+0x170/0x3f0
[   32.795965]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.796038]  kthread+0x328/0x630
[   32.796813]  ret_from_fork+0x10/0x20
[   32.796945] 
[   32.797021] The buggy address belongs to the object at fff00000c85fce00
[   32.797021]  which belongs to the cache kmalloc-128 of size 128
[   32.797219] The buggy address is located 0 bytes to the right of
[   32.797219]  allocated 120-byte region [fff00000c85fce00, fff00000c85fce78)
[   32.797310] 
[   32.797334] The buggy address belongs to the physical page:
[   32.797394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1085fc
[   32.797750] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   32.797973] page_type: f5(slab)
[   32.798154] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   32.798259] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   32.798375] page dumped because: kasan: bad access detected
[   32.798658] 
[   32.798774] Memory state around the buggy address:
[   32.798916]  fff00000c85fcd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   32.799077]  fff00000c85fcd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.799183] >fff00000c85fce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   32.799307]                                                                 ^
[   32.799378]  fff00000c85fce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.799475]  fff00000c85fcf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.799904] ==================================================================
[   32.801680] ==================================================================
[   32.802385] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250
[   32.802474] Write of size 8 at addr fff00000c85fce78 by task kunit_try_catch/312
[   32.802531] 
[   32.802567] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250714 #1 PREEMPT 
[   32.802770] Tainted: [B]=BAD_PAGE, [N]=TEST
[   32.802837] Hardware name: linux,dummy-virt (DT)
[   32.802881] Call trace:
[   32.803000]  show_stack+0x20/0x38 (C)
[   32.803393]  dump_stack_lvl+0x8c/0xd0
[   32.803475]  print_report+0x118/0x5d0
[   32.803522]  kasan_report+0xdc/0x128
[   32.803752]  kasan_check_range+0x100/0x1a8
[   32.803810]  __kasan_check_write+0x20/0x30
[   32.803858]  copy_to_kernel_nofault+0x8c/0x250
[   32.804110]  copy_to_kernel_nofault_oob+0x1bc/0x418
[   32.804416]  kunit_try_run_case+0x170/0x3f0
[   32.804565]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.804749]  kthread+0x328/0x630
[   32.804886]  ret_from_fork+0x10/0x20
[   32.805093] 
[   32.805161] Allocated by task 312:
[   32.805262]  kasan_save_stack+0x3c/0x68
[   32.805311]  kasan_save_track+0x20/0x40
[   32.805373]  kasan_save_alloc_info+0x40/0x58
[   32.805544]  __kasan_kmalloc+0xd4/0xd8
[   32.805766]  __kmalloc_cache_noprof+0x16c/0x3c0
[   32.805952]  copy_to_kernel_nofault_oob+0xc8/0x418
[   32.806013]  kunit_try_run_case+0x170/0x3f0
[   32.806473]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   32.806568]  kthread+0x328/0x630
[   32.806664]  ret_from_fork+0x10/0x20
[   32.806734] 
[   32.806998] The buggy address belongs to the object at fff00000c85fce00
[   32.806998]  which belongs to the cache kmalloc-128 of size 128
[   32.807131] The buggy address is located 0 bytes to the right of
[   32.807131]  allocated 120-byte region [fff00000c85fce00, fff00000c85fce78)
[   32.807434] 
[   32.807568] The buggy address belongs to the physical page:
[   32.807646] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1085fc
[   32.807814] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   32.807894] page_type: f5(slab)
[   32.807945] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   32.808008] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   32.808063] page dumped because: kasan: bad access detected
[   32.808097] 
[   32.808130] Memory state around the buggy address:
[   32.808191]  fff00000c85fcd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   32.808239]  fff00000c85fcd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.808654] >fff00000c85fce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   32.808743]                                                                 ^
[   32.809260]  fff00000c85fce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.809325]  fff00000c85fcf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   32.809534] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zrVzYzOpEW4XHiYds9jEwikFK7

job_id

TEST:linaro@lkft#2zrW4gkgpPvPvyu1JhrLI5SfZ9n

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zrW4gkgpPvPvyu1JhrLI5SfZ9n

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zrW17i5CHwMjQFrMEumC4tgHQD/Image.gz
sha256sum	f1b1de68ab66795221ea7af2c885166039edc905709ae2b868dbc429ffb32d0d

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zrW17i5CHwMjQFrMEumC4tgHQD/modules.tar.xz
sha256sum	94a5b5b8edfcc1ec8f65ff9d692207a782ba849df77dd9baa05c20bf5972d8f6

durations

tests

boot	0
kunit	174.68

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   28.290834] ==================================================================
[   28.292803] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260
[   28.294016] Read of size 8 at addr ffff888105919d78 by task kunit_try_catch/330
[   28.294670] 
[   28.294903] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc6-next-20250714 #1 PREEMPT(voluntary) 
[   28.294967] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   28.294992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   28.295020] Call Trace:
[   28.295040]  <TASK>
[   28.295063]  dump_stack_lvl+0x73/0xb0
[   28.295107]  print_report+0xd1/0x610
[   28.295135]  ? __virt_addr_valid+0x1db/0x2d0
[   28.295163]  ? copy_to_kernel_nofault+0x225/0x260
[   28.295188]  ? kasan_complete_mode_report_info+0x2a/0x200
[   28.295215]  ? copy_to_kernel_nofault+0x225/0x260
[   28.295239]  kasan_report+0x141/0x180
[   28.295262]  ? copy_to_kernel_nofault+0x225/0x260
[   28.295290]  __asan_report_load8_noabort+0x18/0x20
[   28.295315]  copy_to_kernel_nofault+0x225/0x260
[   28.295340]  copy_to_kernel_nofault_oob+0x1ed/0x560
[   28.295364]  ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10
[   28.295391]  ? finish_task_switch.isra.0+0x153/0x700
[   28.295416]  ? __schedule+0x10cc/0x2b60
[   28.295440]  ? trace_hardirqs_on+0x37/0xe0
[   28.295472]  ? __pfx_read_tsc+0x10/0x10
[   28.295496]  ? ktime_get_ts64+0x86/0x230
[   28.295524]  kunit_try_run_case+0x1a5/0x480
[   28.295550]  ? __pfx_kunit_try_run_case+0x10/0x10
[   28.295572]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   28.295596]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   28.295620]  ? __kthread_parkme+0x82/0x180
[   28.295642]  ? preempt_count_sub+0x50/0x80
[   28.295677]  ? __pfx_kunit_try_run_case+0x10/0x10
[   28.295699]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   28.295725]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   28.295751]  kthread+0x337/0x6f0
[   28.295772]  ? trace_preempt_on+0x20/0xc0
[   28.295797]  ? __pfx_kthread+0x10/0x10
[   28.295819]  ? _raw_spin_unlock_irq+0x47/0x80
[   28.295880]  ? calculate_sigpending+0x7b/0xa0
[   28.295906]  ? __pfx_kthread+0x10/0x10
[   28.295929]  ret_from_fork+0x116/0x1d0
[   28.295951]  ? __pfx_kthread+0x10/0x10
[   28.295972]  ret_from_fork_asm+0x1a/0x30
[   28.296006]  </TASK>
[   28.296020] 
[   28.310054] Allocated by task 330:
[   28.310492]  kasan_save_stack+0x45/0x70
[   28.310840]  kasan_save_track+0x18/0x40
[   28.310972]  kasan_save_alloc_info+0x3b/0x50
[   28.311129]  __kasan_kmalloc+0xb7/0xc0
[   28.311256]  __kmalloc_cache_noprof+0x189/0x420
[   28.311402]  copy_to_kernel_nofault_oob+0x12f/0x560
[   28.311588]  kunit_try_run_case+0x1a5/0x480
[   28.311918]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   28.312411]  kthread+0x337/0x6f0
[   28.312805]  ret_from_fork+0x116/0x1d0
[   28.313215]  ret_from_fork_asm+0x1a/0x30
[   28.313731] 
[   28.313901] The buggy address belongs to the object at ffff888105919d00
[   28.313901]  which belongs to the cache kmalloc-128 of size 128
[   28.315113] The buggy address is located 0 bytes to the right of
[   28.315113]  allocated 120-byte region [ffff888105919d00, ffff888105919d78)
[   28.316282] 
[   28.316453] The buggy address belongs to the physical page:
[   28.317013] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105919
[   28.317440] flags: 0x200000000000000(node=0|zone=2)
[   28.317603] page_type: f5(slab)
[   28.317748] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   28.318317] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   28.319089] page dumped because: kasan: bad access detected
[   28.319675] 
[   28.319854] Memory state around the buggy address:
[   28.320117]  ffff888105919c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   28.320702]  ffff888105919c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.321416] >ffff888105919d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   28.321724]                                                                 ^
[   28.321942]  ffff888105919d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.322153]  ffff888105919e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.322355] ==================================================================
[   28.323492] ==================================================================
[   28.323787] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260
[   28.324117] Write of size 8 at addr ffff888105919d78 by task kunit_try_catch/330
[   28.324419] 
[   28.324515] CPU: 1 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G    B   W        N  6.16.0-rc6-next-20250714 #1 PREEMPT(voluntary) 
[   28.324571] Tainted: [B]=BAD_PAGE, [W]=WARN, [N]=TEST
[   28.324587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   28.324614] Call Trace:
[   28.324629]  <TASK>
[   28.324650]  dump_stack_lvl+0x73/0xb0
[   28.324694]  print_report+0xd1/0x610
[   28.324719]  ? __virt_addr_valid+0x1db/0x2d0
[   28.324743]  ? copy_to_kernel_nofault+0x99/0x260
[   28.324766]  ? kasan_complete_mode_report_info+0x2a/0x200
[   28.324793]  ? copy_to_kernel_nofault+0x99/0x260
[   28.324817]  kasan_report+0x141/0x180
[   28.324840]  ? copy_to_kernel_nofault+0x99/0x260
[   28.324868]  kasan_check_range+0x10c/0x1c0
[   28.324893]  __kasan_check_write+0x18/0x20
[   28.324916]  copy_to_kernel_nofault+0x99/0x260
[   28.324941]  copy_to_kernel_nofault_oob+0x288/0x560
[   28.324979]  ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10
[   28.325003]  ? finish_task_switch.isra.0+0x153/0x700
[   28.325027]  ? __schedule+0x10cc/0x2b60
[   28.325051]  ? trace_hardirqs_on+0x37/0xe0
[   28.325082]  ? __pfx_read_tsc+0x10/0x10
[   28.325105]  ? ktime_get_ts64+0x86/0x230
[   28.325130]  kunit_try_run_case+0x1a5/0x480
[   28.325154]  ? __pfx_kunit_try_run_case+0x10/0x10
[   28.325175]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   28.325199]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   28.325223]  ? __kthread_parkme+0x82/0x180
[   28.325245]  ? preempt_count_sub+0x50/0x80
[   28.325269]  ? __pfx_kunit_try_run_case+0x10/0x10
[   28.325293]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   28.325319]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   28.325346]  kthread+0x337/0x6f0
[   28.325367]  ? trace_preempt_on+0x20/0xc0
[   28.325390]  ? __pfx_kthread+0x10/0x10
[   28.325411]  ? _raw_spin_unlock_irq+0x47/0x80
[   28.325434]  ? calculate_sigpending+0x7b/0xa0
[   28.325461]  ? __pfx_kthread+0x10/0x10
[   28.325483]  ret_from_fork+0x116/0x1d0
[   28.325503]  ? __pfx_kthread+0x10/0x10
[   28.325525]  ret_from_fork_asm+0x1a/0x30
[   28.325558]  </TASK>
[   28.325569] 
[   28.333519] Allocated by task 330:
[   28.333708]  kasan_save_stack+0x45/0x70
[   28.333908]  kasan_save_track+0x18/0x40
[   28.334196]  kasan_save_alloc_info+0x3b/0x50
[   28.334373]  __kasan_kmalloc+0xb7/0xc0
[   28.334500]  __kmalloc_cache_noprof+0x189/0x420
[   28.334662]  copy_to_kernel_nofault_oob+0x12f/0x560
[   28.335081]  kunit_try_run_case+0x1a5/0x480
[   28.335268]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   28.335488]  kthread+0x337/0x6f0
[   28.335669]  ret_from_fork+0x116/0x1d0
[   28.335889]  ret_from_fork_asm+0x1a/0x30
[   28.336057] 
[   28.336156] The buggy address belongs to the object at ffff888105919d00
[   28.336156]  which belongs to the cache kmalloc-128 of size 128
[   28.336535] The buggy address is located 0 bytes to the right of
[   28.336535]  allocated 120-byte region [ffff888105919d00, ffff888105919d78)
[   28.337239] 
[   28.337308] The buggy address belongs to the physical page:
[   28.337715] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105919
[   28.338088] flags: 0x200000000000000(node=0|zone=2)
[   28.338409] page_type: f5(slab)
[   28.338579] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   28.338817] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   28.339036] page dumped because: kasan: bad access detected
[   28.339202] 
[   28.339264] Memory state around the buggy address:
[   28.339414]  ffff888105919c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   28.339707]  ffff888105919c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.340025] >ffff888105919d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   28.340334]                                                                 ^
[   28.340644]  ffff888105919d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.341003]  ffff888105919e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   28.341370] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zrVzYzOpEW4XHiYds9jEwikFK7

job_id

TEST:linaro@lkft#2zrW5XeyUzOSFr9BpBP7b7OYkHS

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zrW5XeyUzOSFr9BpBP7b7OYkHS

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zrW2SH9xrBCbgawOpHg8puHqCe/bzImage
sha256sum	4565f21e261caec61f0904b87ff9eab2fa750b37970854db3ef378370e96c96a

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zrW2SH9xrBCbgawOpHg8puHqCe/modules.tar.xz
sha256sum	25191cedf68988510c88d39b245d9f83740d3133c412cf5e2b129a6de7adb415

durations

tests

boot	0
kunit	230.83

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - e850-96 - gcc-13-lkftconfig-kunit

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit