lkft/linux-mainline-master - v6.15-rc3-8-ga33b5a08cbbd - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob

Date

April 22, 2025, 11:09 a.m.

Environment
qemu-arm64
rk3399-rock-pi-4b

[   21.408474] ==================================================================
[   21.408609] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0
[   21.408718] Read of size 1 at addr ffff80008010b7f8 by task kunit_try_catch/271
[   21.408837] 
[   21.408922] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   21.409121] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.409185] Hardware name: linux,dummy-virt (DT)
[   21.409259] Call trace:
[   21.409317]  show_stack+0x20/0x38 (C)
[   21.409442]  dump_stack_lvl+0x8c/0xd0
[   21.409582]  print_report+0x310/0x608
[   21.409671]  kasan_report+0xdc/0x128
[   21.409770]  __asan_report_load1_noabort+0x20/0x30
[   21.409893]  vmalloc_oob+0x51c/0x5d0
[   21.410040]  kunit_try_run_case+0x170/0x3f0
[   21.410146]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.410253]  kthread+0x328/0x630
[   21.410357]  ret_from_fork+0x10/0x20
[   21.410521] 
[   21.410625] The buggy address belongs to the virtual mapping at
[   21.410625]  [ffff80008010b000, ffff80008010d000) created by:
[   21.410625]  vmalloc_oob+0x98/0x5d0
[   21.410876] 
[   21.410952] The buggy address belongs to the physical page:
[   21.411057] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10630d
[   21.411172] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   21.411338] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   21.411474] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   21.411577] page dumped because: kasan: bad access detected
[   21.411653] 
[   21.411708] Memory state around the buggy address:
[   21.411782]  ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.411876]  ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.411974] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   21.412084]                                                                 ^
[   21.412221]  ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   21.412354]  ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   21.412455] ==================================================================
[   21.396523] ==================================================================
[   21.396695] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0
[   21.397820] Read of size 1 at addr ffff80008010b7f3 by task kunit_try_catch/271
[   21.398151] 
[   21.398297] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   21.398843] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.398924] Hardware name: linux,dummy-virt (DT)
[   21.398999] Call trace:
[   21.399055]  show_stack+0x20/0x38 (C)
[   21.399175]  dump_stack_lvl+0x8c/0xd0
[   21.399564]  print_report+0x310/0x608
[   21.400274]  kasan_report+0xdc/0x128
[   21.400387]  __asan_report_load1_noabort+0x20/0x30
[   21.400943]  vmalloc_oob+0x578/0x5d0
[   21.401082]  kunit_try_run_case+0x170/0x3f0
[   21.401409]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.401730]  kthread+0x328/0x630
[   21.401898]  ret_from_fork+0x10/0x20
[   21.402008] 
[   21.402426] The buggy address belongs to the virtual mapping at
[   21.402426]  [ffff80008010b000, ffff80008010d000) created by:
[   21.402426]  vmalloc_oob+0x98/0x5d0
[   21.402624] 
[   21.402678] The buggy address belongs to the physical page:
[   21.402752] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10630d
[   21.403119] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   21.403695] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   21.404088] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   21.404351] page dumped because: kasan: bad access detected
[   21.404884] 
[   21.405114] Memory state around the buggy address:
[   21.405219]  ffff80008010b680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.405543]  ffff80008010b700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.405763] >ffff80008010b780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   21.406029]                                                              ^
[   21.406129]  ffff80008010b800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   21.406450]  ffff80008010b880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   21.406756] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2w58bPRPTycbz1vmAdBLBc0aa6B

job_id

TEST:linaro@lkft#2w58fxq4bKj9vp73CIYpItcyxn6

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2w58fxq4bKj9vp73CIYpItcyxn6

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2w58cme5gejaHmq4RPVvp3S5u7p/Image.gz
sha256sum	4b4388c6f3ff4d9d5f37e24b5dd96bcea12d5773962644bca64d76518d1261ab

rootfs

url	https://storage.tuxboot.com/debian/trixie/arm64/rootfs.ext4.xz
sha256sum	6e7d093e93027c909f889e69aec109c9a1b0ec1ca5f1beffa4bce78be31bff20

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2w58cme5gejaHmq4RPVvp3S5u7p/modules.tar.xz
sha256sum	ea868b19cf381ec631b74a7beed07667a57ebf8839290b6192a6a06165583a43

durations

tests

boot	0
kunit	115.30

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:9.2.2+ds-1+b2

[   23.965501] ==================================================================
[   23.966174] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0
[   23.966817] Read of size 1 at addr ffff800087e9c7f8 by task kunit_try_catch/327
[   23.967496] 
[   23.967661] CPU: 0 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   23.967713] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.967728] Hardware name: Radxa ROCK Pi 4B (DT)
[   23.967745] Call trace:
[   23.967758]  show_stack+0x20/0x38 (C)
[   23.967790]  dump_stack_lvl+0x8c/0xd0
[   23.967822]  print_report+0x310/0x608
[   23.967852]  kasan_report+0xdc/0x128
[   23.967882]  __asan_report_load1_noabort+0x20/0x30
[   23.967917]  vmalloc_oob+0x51c/0x5d0
[   23.967950]  kunit_try_run_case+0x170/0x3f0
[   23.967986]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.968026]  kthread+0x328/0x630
[   23.968063]  ret_from_fork+0x10/0x20
[   23.968096] 
[   23.973633] The buggy address belongs to the virtual mapping at
[   23.973633]  [ffff800087e9c000, ffff800087e9e000) created by:
[   23.973633]  vmalloc_oob+0x98/0x5d0
[   23.975011] 
[   23.975166] The buggy address belongs to the physical page:
[   23.975685] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10c0c
[   23.976418] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff)
[   23.977041] raw: 03fffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   23.977758] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   23.978468] page dumped because: kasan: bad access detected
[   23.978983] 
[   23.979137] Memory state around the buggy address:
[   23.979586]  ffff800087e9c680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.980253]  ffff800087e9c700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.980920] >ffff800087e9c780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   23.981583]                                                                 ^
[   23.982242]  ffff800087e9c800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   23.982909]  ffff800087e9c880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   23.983572] ==================================================================
[   23.945889] ==================================================================
[   23.947296] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0
[   23.947939] Read of size 1 at addr ffff800087e9c7f3 by task kunit_try_catch/327
[   23.948619] 
[   23.948784] CPU: 0 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G    B            N  6.15.0-rc3 #1 PREEMPT 
[   23.948834] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.948849] Hardware name: Radxa ROCK Pi 4B (DT)
[   23.948867] Call trace:
[   23.948881]  show_stack+0x20/0x38 (C)
[   23.948914]  dump_stack_lvl+0x8c/0xd0
[   23.948946]  print_report+0x310/0x608
[   23.948977]  kasan_report+0xdc/0x128
[   23.949007]  __asan_report_load1_noabort+0x20/0x30
[   23.949042]  vmalloc_oob+0x578/0x5d0
[   23.949074]  kunit_try_run_case+0x170/0x3f0
[   23.949111]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.949152]  kthread+0x328/0x630
[   23.949186]  ret_from_fork+0x10/0x20
[   23.949220] 
[   23.954756] The buggy address belongs to the virtual mapping at
[   23.954756]  [ffff800087e9c000, ffff800087e9e000) created by:
[   23.954756]  vmalloc_oob+0x98/0x5d0
[   23.956135] 
[   23.956291] The buggy address belongs to the physical page:
[   23.956808] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10c0c
[   23.957541] flags: 0x3fffe0000000000(node=0|zone=0|lastcpupid=0x1ffff)
[   23.958168] raw: 03fffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   23.958883] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   23.959592] page dumped because: kasan: bad access detected
[   23.960109] 
[   23.960263] Memory state around the buggy address:
[   23.960714]  ffff800087e9c680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.961382]  ffff800087e9c700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.962050] >ffff800087e9c780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   23.962713]                                                              ^
[   23.963348]  ffff800087e9c800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   23.964015]  ffff800087e9c880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   23.964679] ==================================================================

Metadata Full log Test run details

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - rk3399-rock-pi-4b - gcc-13-lkftconfig-kunit