lkft/linux-mainline-master - v6.16-rc4-123-g4c06e63b9203 - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob

Date

July 3, 2025, 11:10 p.m.

Environment
qemu-arm64

[   23.545623] ==================================================================
[   23.546183] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0
[   23.546600] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/269
[   23.546796] 
[   23.546955] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   23.547434] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.547588] Hardware name: linux,dummy-virt (DT)
[   23.547689] Call trace:
[   23.547810]  show_stack+0x20/0x38 (C)
[   23.548267]  dump_stack_lvl+0x8c/0xd0
[   23.548415]  print_report+0x310/0x608
[   23.548536]  kasan_report+0xdc/0x128
[   23.548789]  __asan_report_load1_noabort+0x20/0x30
[   23.548948]  vmalloc_oob+0x578/0x5d0
[   23.549113]  kunit_try_run_case+0x170/0x3f0
[   23.549249]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.549414]  kthread+0x328/0x630
[   23.549522]  ret_from_fork+0x10/0x20
[   23.549666] 
[   23.549747] The buggy address belongs to the virtual mapping at
[   23.549747]  [ffff8000800fe000, ffff800080100000) created by:
[   23.549747]  vmalloc_oob+0x98/0x5d0
[   23.549928] 
[   23.549997] The buggy address belongs to the physical page:
[   23.550234] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105630
[   23.550444] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   23.550614] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   23.550742] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   23.550844] page dumped because: kasan: bad access detected
[   23.550942] 
[   23.550993] Memory state around the buggy address:
[   23.551117]  ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.551242]  ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.551345] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   23.551419]                                                              ^
[   23.551510]  ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   23.551987]  ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   23.552179] ==================================================================
[   23.554705] ==================================================================
[   23.554845] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0
[   23.555094] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/269
[   23.555445] 
[   23.555709] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   23.555936] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.556007] Hardware name: linux,dummy-virt (DT)
[   23.556102] Call trace:
[   23.556160]  show_stack+0x20/0x38 (C)
[   23.556281]  dump_stack_lvl+0x8c/0xd0
[   23.556385]  print_report+0x310/0x608
[   23.556508]  kasan_report+0xdc/0x128
[   23.556633]  __asan_report_load1_noabort+0x20/0x30
[   23.556765]  vmalloc_oob+0x51c/0x5d0
[   23.556944]  kunit_try_run_case+0x170/0x3f0
[   23.557363]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.557660]  kthread+0x328/0x630
[   23.557791]  ret_from_fork+0x10/0x20
[   23.558114] 
[   23.558313] The buggy address belongs to the virtual mapping at
[   23.558313]  [ffff8000800fe000, ffff800080100000) created by:
[   23.558313]  vmalloc_oob+0x98/0x5d0
[   23.558598] 
[   23.558656] The buggy address belongs to the physical page:
[   23.559060] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105630
[   23.559270] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   23.559493] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   23.559793] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   23.559900] page dumped because: kasan: bad access detected
[   23.560068] 
[   23.560192] Memory state around the buggy address:
[   23.560278]  ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.560398]  ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.560720] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   23.560886]                                                                 ^
[   23.561214]  ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   23.561322]  ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   23.561416] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zNv5yvBPQPFs0AlDSVKFmCWGjk

job_id

TEST:linaro@lkft#2zNvAH2g4ermDeisaxH4EvgiTxa

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zNvAH2g4ermDeisaxH4EvgiTxa

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zNv76IuwowkYB4Sjr8DEDXB6KX/Image.gz
sha256sum	90ec95b90bf87b5324c2dbcf89d31393975c6b7e5ec37927e4403529f8acf5c3

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zNv76IuwowkYB4Sjr8DEDXB6KX/modules.tar.xz
sha256sum	f86904e93834acd0f5a270dfcf178475dde11d8026543e037dd3a943f3bfae11

durations

tests

boot	0
kunit	273.15

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit