lkft/linux-next-master - next-20250715 - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault

Date

July 15, 2025, 11:35 a.m.

Environment
e850-96
qemu-arm64
qemu-x86_64

[   81.158794] ==================================================================
[   81.172996] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250
[   81.180370] Read of size 8 at addr ffff000800de4878 by task kunit_try_catch/362
[   81.187661] 
[   81.189146] CPU: 6 UID: 0 PID: 362 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250715 #1 PREEMPT 
[   81.189205] Tainted: [B]=BAD_PAGE, [N]=TEST
[   81.189223] Hardware name: WinLink E850-96 board (DT)
[   81.189250] Call trace:
[   81.189265]  show_stack+0x20/0x38 (C)
[   81.189303]  dump_stack_lvl+0x8c/0xd0
[   81.189340]  print_report+0x118/0x5d0
[   81.189371]  kasan_report+0xdc/0x128
[   81.189400]  __asan_report_load8_noabort+0x20/0x30
[   81.189435]  copy_to_kernel_nofault+0x204/0x250
[   81.189472]  copy_to_kernel_nofault_oob+0x158/0x418
[   81.189509]  kunit_try_run_case+0x170/0x3f0
[   81.189541]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   81.189579]  kthread+0x328/0x630
[   81.189609]  ret_from_fork+0x10/0x20
[   81.189643] 
[   81.258406] Allocated by task 362:
[   81.261793]  kasan_save_stack+0x3c/0x68
[   81.265610]  kasan_save_track+0x20/0x40
[   81.269429]  kasan_save_alloc_info+0x40/0x58
[   81.273683]  __kasan_kmalloc+0xd4/0xd8
[   81.277415]  __kmalloc_cache_noprof+0x16c/0x3c0
[   81.281929]  copy_to_kernel_nofault_oob+0xc8/0x418
[   81.286704]  kunit_try_run_case+0x170/0x3f0
[   81.290870]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   81.296340]  kthread+0x328/0x630
[   81.299550]  ret_from_fork+0x10/0x20
[   81.303109] 
[   81.304587] The buggy address belongs to the object at ffff000800de4800
[   81.304587]  which belongs to the cache kmalloc-128 of size 128
[   81.317089] The buggy address is located 0 bytes to the right of
[   81.317089]  allocated 120-byte region [ffff000800de4800, ffff000800de4878)
[   81.330019] 
[   81.331498] The buggy address belongs to the physical page:
[   81.337056] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x880de4
[   81.345038] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   81.352676] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   81.359620] page_type: f5(slab)
[   81.362757] raw: 0bfffe0000000040 ffff000800002a00 dead000000000100 dead000000000122
[   81.370476] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   81.378206] head: 0bfffe0000000040 ffff000800002a00 dead000000000100 dead000000000122
[   81.386014] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   81.393827] head: 0bfffe0000000001 fffffdffe0037901 00000000ffffffff 00000000ffffffff
[   81.401639] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   81.409446] page dumped because: kasan: bad access detected
[   81.415000] 
[   81.416476] Memory state around the buggy address:
[   81.421257]  ffff000800de4700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   81.428460]  ffff000800de4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   81.435666] >ffff000800de4800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   81.442864]                                                                 ^
[   81.449986]  ffff000800de4880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   81.457191]  ffff000800de4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   81.464392] ==================================================================
[   81.471836] ==================================================================
[   81.478804] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250
[   81.486095] Write of size 8 at addr ffff000800de4878 by task kunit_try_catch/362
[   81.493471] 
[   81.494956] CPU: 6 UID: 0 PID: 362 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250715 #1 PREEMPT 
[   81.495016] Tainted: [B]=BAD_PAGE, [N]=TEST
[   81.495034] Hardware name: WinLink E850-96 board (DT)
[   81.495053] Call trace:
[   81.495063]  show_stack+0x20/0x38 (C)
[   81.495097]  dump_stack_lvl+0x8c/0xd0
[   81.495133]  print_report+0x118/0x5d0
[   81.495164]  kasan_report+0xdc/0x128
[   81.495189]  kasan_check_range+0x100/0x1a8
[   81.495220]  __kasan_check_write+0x20/0x30
[   81.495252]  copy_to_kernel_nofault+0x8c/0x250
[   81.495287]  copy_to_kernel_nofault_oob+0x1bc/0x418
[   81.495323]  kunit_try_run_case+0x170/0x3f0
[   81.495356]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   81.495391]  kthread+0x328/0x630
[   81.495420]  ret_from_fork+0x10/0x20
[   81.495455] 
[   81.567515] Allocated by task 362:
[   81.570903]  kasan_save_stack+0x3c/0x68
[   81.574720]  kasan_save_track+0x20/0x40
[   81.578539]  kasan_save_alloc_info+0x40/0x58
[   81.582793]  __kasan_kmalloc+0xd4/0xd8
[   81.586526]  __kmalloc_cache_noprof+0x16c/0x3c0
[   81.591039]  copy_to_kernel_nofault_oob+0xc8/0x418
[   81.595814]  kunit_try_run_case+0x170/0x3f0
[   81.599980]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   81.605450]  kthread+0x328/0x630
[   81.608660]  ret_from_fork+0x10/0x20
[   81.612220] 
[   81.613697] The buggy address belongs to the object at ffff000800de4800
[   81.613697]  which belongs to the cache kmalloc-128 of size 128
[   81.626195] The buggy address is located 0 bytes to the right of
[   81.626195]  allocated 120-byte region [ffff000800de4800, ffff000800de4878)
[   81.639128] 
[   81.640608] The buggy address belongs to the physical page:
[   81.646164] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x880de4
[   81.654147] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   81.661788] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   81.668729] page_type: f5(slab)
[   81.671866] raw: 0bfffe0000000040 ffff000800002a00 dead000000000100 dead000000000122
[   81.679586] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   81.687313] head: 0bfffe0000000040 ffff000800002a00 dead000000000100 dead000000000122
[   81.695124] head: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000
[   81.702937] head: 0bfffe0000000001 fffffdffe0037901 00000000ffffffff 00000000ffffffff
[   81.710749] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[   81.718554] page dumped because: kasan: bad access detected
[   81.724111] 
[   81.725585] Memory state around the buggy address:
[   81.730367]  ffff000800de4700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   81.737570]  ffff000800de4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   81.744773] >ffff000800de4800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   81.751974]                                                                 ^
[   81.759096]  ffff000800de4880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   81.766301]  ffff000800de4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   81.773502] ==================================================================

Metadata Full log Test run details

[   33.635239] ==================================================================
[   33.635297] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x8c/0x250
[   33.635352] Write of size 8 at addr fff00000c64f9578 by task kunit_try_catch/313
[   33.635404] 
[   33.637859] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250715 #1 PREEMPT 
[   33.637965] Tainted: [B]=BAD_PAGE, [N]=TEST
[   33.637993] Hardware name: linux,dummy-virt (DT)
[   33.638027] Call trace:
[   33.638051]  show_stack+0x20/0x38 (C)
[   33.638109]  dump_stack_lvl+0x8c/0xd0
[   33.638161]  print_report+0x118/0x5d0
[   33.638206]  kasan_report+0xdc/0x128
[   33.638253]  kasan_check_range+0x100/0x1a8
[   33.638301]  __kasan_check_write+0x20/0x30
[   33.638351]  copy_to_kernel_nofault+0x8c/0x250
[   33.638405]  copy_to_kernel_nofault_oob+0x1bc/0x418
[   33.638927]  kunit_try_run_case+0x170/0x3f0
[   33.639306]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   33.639487]  kthread+0x328/0x630
[   33.639538]  ret_from_fork+0x10/0x20
[   33.639998] 
[   33.640031] Allocated by task 313:
[   33.640246]  kasan_save_stack+0x3c/0x68
[   33.640499]  kasan_save_track+0x20/0x40
[   33.640710]  kasan_save_alloc_info+0x40/0x58
[   33.640763]  __kasan_kmalloc+0xd4/0xd8
[   33.640812]  __kmalloc_cache_noprof+0x16c/0x3c0
[   33.640856]  copy_to_kernel_nofault_oob+0xc8/0x418
[   33.640900]  kunit_try_run_case+0x170/0x3f0
[   33.640939]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   33.640983]  kthread+0x328/0x630
[   33.641414]  ret_from_fork+0x10/0x20
[   33.641793] 
[   33.641828] The buggy address belongs to the object at fff00000c64f9500
[   33.641828]  which belongs to the cache kmalloc-128 of size 128
[   33.641923] The buggy address is located 0 bytes to the right of
[   33.641923]  allocated 120-byte region [fff00000c64f9500, fff00000c64f9578)
[   33.641989] 
[   33.642206] The buggy address belongs to the physical page:
[   33.642266] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064f9
[   33.642323] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   33.642736] page_type: f5(slab)
[   33.642849] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   33.642982] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   33.643323] page dumped because: kasan: bad access detected
[   33.643528] 
[   33.643608] Memory state around the buggy address:
[   33.643826]  fff00000c64f9400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   33.643915]  fff00000c64f9480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.644183] >fff00000c64f9500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   33.644409]                                                                 ^
[   33.644470]  fff00000c64f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.644516]  fff00000c64f9600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.644557] ==================================================================
[   33.622977] ==================================================================
[   33.623047] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x204/0x250
[   33.623127] Read of size 8 at addr fff00000c64f9578 by task kunit_try_catch/313
[   33.623179] 
[   33.623221] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250715 #1 PREEMPT 
[   33.623312] Tainted: [B]=BAD_PAGE, [N]=TEST
[   33.623340] Hardware name: linux,dummy-virt (DT)
[   33.623375] Call trace:
[   33.623401]  show_stack+0x20/0x38 (C)
[   33.623586]  dump_stack_lvl+0x8c/0xd0
[   33.623758]  print_report+0x118/0x5d0
[   33.624307]  kasan_report+0xdc/0x128
[   33.624377]  __asan_report_load8_noabort+0x20/0x30
[   33.624928]  copy_to_kernel_nofault+0x204/0x250
[   33.625000]  copy_to_kernel_nofault_oob+0x158/0x418
[   33.625055]  kunit_try_run_case+0x170/0x3f0
[   33.625632]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   33.625840]  kthread+0x328/0x630
[   33.625938]  ret_from_fork+0x10/0x20
[   33.626000] 
[   33.626029] Allocated by task 313:
[   33.626063]  kasan_save_stack+0x3c/0x68
[   33.626132]  kasan_save_track+0x20/0x40
[   33.626175]  kasan_save_alloc_info+0x40/0x58
[   33.626216]  __kasan_kmalloc+0xd4/0xd8
[   33.626256]  __kmalloc_cache_noprof+0x16c/0x3c0
[   33.626621]  copy_to_kernel_nofault_oob+0xc8/0x418
[   33.626668]  kunit_try_run_case+0x170/0x3f0
[   33.626715]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   33.626904]  kthread+0x328/0x630
[   33.626945]  ret_from_fork+0x10/0x20
[   33.626994] 
[   33.627334] The buggy address belongs to the object at fff00000c64f9500
[   33.627334]  which belongs to the cache kmalloc-128 of size 128
[   33.627743] The buggy address is located 0 bytes to the right of
[   33.627743]  allocated 120-byte region [fff00000c64f9500, fff00000c64f9578)
[   33.627891] 
[   33.628132] The buggy address belongs to the physical page:
[   33.628634] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1064f9
[   33.629056] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   33.629699] page_type: f5(slab)
[   33.629854] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   33.629911] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   33.630356] page dumped because: kasan: bad access detected
[   33.630927] 
[   33.631105] Memory state around the buggy address:
[   33.631506]  fff00000c64f9400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   33.631556]  fff00000c64f9480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.632145] >fff00000c64f9500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   33.632543]                                                                 ^
[   33.632780]  fff00000c64f9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.633276]  fff00000c64f9600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   33.633580] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zuS6DosVUhzL9DaDmqO9nLybFJ

job_id

TEST:linaro@lkft#2zuSB6ZD0TprNwndx8osoZfzNbs

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zuSB6ZD0TprNwndx8osoZfzNbs

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zuS7fFjob8Lq2iSUNxlIF41bYW/Image.gz
sha256sum	118b4ece9a238a43bf808c098cf2bf253d887d33e129eb81e3c965d23e20b8c5

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zuS7fFjob8Lq2iSUNxlIF41bYW/modules.tar.xz
sha256sum	01435f1d178968cd8186d4f9b9cf47e1273301cd5c54bfdff2cd2593d26e1adb

durations

tests

boot	0
kunit	165.28

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   27.967751] ==================================================================
[   27.968481] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260
[   27.968999] Write of size 8 at addr ffff8881060ab278 by task kunit_try_catch/329
[   27.969508] 
[   27.969676] CPU: 1 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250715 #1 PREEMPT(voluntary) 
[   27.969812] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.969827] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.969848] Call Trace:
[   27.969862]  <TASK>
[   27.969878]  dump_stack_lvl+0x73/0xb0
[   27.969908]  print_report+0xd1/0x610
[   27.969932]  ? __virt_addr_valid+0x1db/0x2d0
[   27.969955]  ? copy_to_kernel_nofault+0x99/0x260
[   27.969979]  ? kasan_complete_mode_report_info+0x2a/0x200
[   27.970007]  ? copy_to_kernel_nofault+0x99/0x260
[   27.970032]  kasan_report+0x141/0x180
[   27.970056]  ? copy_to_kernel_nofault+0x99/0x260
[   27.970085]  kasan_check_range+0x10c/0x1c0
[   27.970110]  __kasan_check_write+0x18/0x20
[   27.970135]  copy_to_kernel_nofault+0x99/0x260
[   27.970162]  copy_to_kernel_nofault_oob+0x288/0x560
[   27.970187]  ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10
[   27.970210]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   27.970235]  ? trace_hardirqs_on+0x37/0xe0
[   27.970267]  ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10
[   27.970296]  kunit_try_run_case+0x1a5/0x480
[   27.970320]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.970343]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   27.970366]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.970390]  ? __kthread_parkme+0x82/0x180
[   27.970411]  ? preempt_count_sub+0x50/0x80
[   27.970435]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.970459]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.970495]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.970523]  kthread+0x337/0x6f0
[   27.970556]  ? trace_preempt_on+0x20/0xc0
[   27.970588]  ? __pfx_kthread+0x10/0x10
[   27.970610]  ? _raw_spin_unlock_irq+0x47/0x80
[   27.970644]  ? calculate_sigpending+0x7b/0xa0
[   27.970668]  ? __pfx_kthread+0x10/0x10
[   27.970691]  ret_from_fork+0x116/0x1d0
[   27.970711]  ? __pfx_kthread+0x10/0x10
[   27.970732]  ret_from_fork_asm+0x1a/0x30
[   27.970766]  </TASK>
[   27.970777] 
[   27.979195] Allocated by task 329:
[   27.979325]  kasan_save_stack+0x45/0x70
[   27.979467]  kasan_save_track+0x18/0x40
[   27.981144]  kasan_save_alloc_info+0x3b/0x50
[   27.982361]  __kasan_kmalloc+0xb7/0xc0
[   27.982866]  __kmalloc_cache_noprof+0x189/0x420
[   27.983572]  copy_to_kernel_nofault_oob+0x12f/0x560
[   27.984375]  kunit_try_run_case+0x1a5/0x480
[   27.984983]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.985269]  kthread+0x337/0x6f0
[   27.985444]  ret_from_fork+0x116/0x1d0
[   27.985627]  ret_from_fork_asm+0x1a/0x30
[   27.985796] 
[   27.985895] The buggy address belongs to the object at ffff8881060ab200
[   27.985895]  which belongs to the cache kmalloc-128 of size 128
[   27.986411] The buggy address is located 0 bytes to the right of
[   27.986411]  allocated 120-byte region [ffff8881060ab200, ffff8881060ab278)
[   27.986950] 
[   27.987066] The buggy address belongs to the physical page:
[   27.987312] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060ab
[   27.987713] flags: 0x200000000000000(node=0|zone=2)
[   27.987899] page_type: f5(slab)
[   27.988058] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   27.988353] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   27.988586] page dumped because: kasan: bad access detected
[   27.989139] 
[   27.989228] Memory state around the buggy address:
[   27.989474]  ffff8881060ab100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   27.989904]  ffff8881060ab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.990188] >ffff8881060ab200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   27.990484]                                                                 ^
[   27.991399]  ffff8881060ab280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.991808]  ffff8881060ab300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.992212] ==================================================================
[   27.943916] ==================================================================
[   27.944713] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260
[   27.945067] Read of size 8 at addr ffff8881060ab278 by task kunit_try_catch/329
[   27.945463] 
[   27.945575] CPU: 1 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc6-next-20250715 #1 PREEMPT(voluntary) 
[   27.945631] Tainted: [B]=BAD_PAGE, [N]=TEST
[   27.945646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   27.945669] Call Trace:
[   27.945683]  <TASK>
[   27.945703]  dump_stack_lvl+0x73/0xb0
[   27.945736]  print_report+0xd1/0x610
[   27.945761]  ? __virt_addr_valid+0x1db/0x2d0
[   27.945786]  ? copy_to_kernel_nofault+0x225/0x260
[   27.945810]  ? kasan_complete_mode_report_info+0x2a/0x200
[   27.945838]  ? copy_to_kernel_nofault+0x225/0x260
[   27.945862]  kasan_report+0x141/0x180
[   27.945886]  ? copy_to_kernel_nofault+0x225/0x260
[   27.945917]  __asan_report_load8_noabort+0x18/0x20
[   27.945942]  copy_to_kernel_nofault+0x225/0x260
[   27.945969]  copy_to_kernel_nofault_oob+0x1ed/0x560
[   27.945994]  ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10
[   27.946018]  ? sysvec_apic_timer_interrupt+0x50/0x90
[   27.946044]  ? trace_hardirqs_on+0x37/0xe0
[   27.946077]  ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10
[   27.946105]  kunit_try_run_case+0x1a5/0x480
[   27.946131]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.946153]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   27.946177]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   27.946200]  ? __kthread_parkme+0x82/0x180
[   27.946221]  ? preempt_count_sub+0x50/0x80
[   27.946247]  ? __pfx_kunit_try_run_case+0x10/0x10
[   27.946271]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.946299]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   27.946326]  kthread+0x337/0x6f0
[   27.946346]  ? trace_preempt_on+0x20/0xc0
[   27.946370]  ? __pfx_kthread+0x10/0x10
[   27.946391]  ? _raw_spin_unlock_irq+0x47/0x80
[   27.946417]  ? calculate_sigpending+0x7b/0xa0
[   27.946442]  ? __pfx_kthread+0x10/0x10
[   27.946464]  ret_from_fork+0x116/0x1d0
[   27.946491]  ? __pfx_kthread+0x10/0x10
[   27.946514]  ret_from_fork_asm+0x1a/0x30
[   27.946558]  </TASK>
[   27.946770] 
[   27.956668] Allocated by task 329:
[   27.956833]  kasan_save_stack+0x45/0x70
[   27.956978]  kasan_save_track+0x18/0x40
[   27.957501]  kasan_save_alloc_info+0x3b/0x50
[   27.957785]  __kasan_kmalloc+0xb7/0xc0
[   27.957964]  __kmalloc_cache_noprof+0x189/0x420
[   27.958314]  copy_to_kernel_nofault_oob+0x12f/0x560
[   27.958554]  kunit_try_run_case+0x1a5/0x480
[   27.959015]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   27.959238]  kthread+0x337/0x6f0
[   27.959522]  ret_from_fork+0x116/0x1d0
[   27.959748]  ret_from_fork_asm+0x1a/0x30
[   27.960039] 
[   27.960114] The buggy address belongs to the object at ffff8881060ab200
[   27.960114]  which belongs to the cache kmalloc-128 of size 128
[   27.960612] The buggy address is located 0 bytes to the right of
[   27.960612]  allocated 120-byte region [ffff8881060ab200, ffff8881060ab278)
[   27.961424] 
[   27.961613] The buggy address belongs to the physical page:
[   27.961836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1060ab
[   27.962357] flags: 0x200000000000000(node=0|zone=2)
[   27.962696] page_type: f5(slab)
[   27.962865] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   27.963328] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   27.963777] page dumped because: kasan: bad access detected
[   27.963966] 
[   27.964062] Memory state around the buggy address:
[   27.964385]  ffff8881060ab100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   27.964930]  ffff8881060ab180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.965354] >ffff8881060ab200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc
[   27.965660]                                                                 ^
[   27.966063]  ffff8881060ab280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.966471]  ffff8881060ab300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   27.966867] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zuS6DosVUhzL9DaDmqO9nLybFJ

job_id

TEST:linaro@lkft#2zuSCDmb4DEQtYONUdNKA0gDr4g

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zuSCDmb4DEQtYONUdNKA0gDr4g

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zuS8r35xHBxsDmYxAGYTykGzuO/bzImage
sha256sum	c1e74129e828139d1503e1b2906d7bf3cc50987150c7e120efde5dc3ba3dece2

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zuS8r35xHBxsDmYxAGYTykGzuO/modules.tar.xz
sha256sum	c033def305798e90a1dd43392f34d6ac3a5642caf58a41fa7d2b499626275ec8

durations

tests

boot	0
kunit	244.42

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - e850-96 - gcc-13-lkftconfig-kunit

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit