lkft/linux-mainline-master - v6.16-rc4-13-g66701750d556 - log-parser-boot/kfence-bug-kfence-use-after-free-write-in-__memset

Date

July 1, 2025, 11:08 a.m.

Environment
qemu-arm64

[   18.497996] ==================================================================
[   18.498168] BUG: KFENCE: use-after-free write in __memset+0xc/0x20
[   18.498168] 
[   18.498424] Use-after-free write at 0x00000000f886693e (in kfence-#62):
[   18.498717]  __memset+0xc/0x20
[   18.498796]  kmalloc_uaf_memset+0x170/0x310
[   18.498869]  kunit_try_run_case+0x170/0x3f0
[   18.498920]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.498992]  kthread+0x328/0x630
[   18.499079]  ret_from_fork+0x10/0x20
[   18.499146] 
[   18.499220] kfence-#62: 0x00000000f886693e-0x0000000097398d73, size=33, cache=kmalloc-64
[   18.499220] 
[   18.499375] allocated by task 187 on cpu 1 at 18.496273s (0.003057s ago):
[   18.499511]  kmalloc_uaf_memset+0xb8/0x310
[   18.499552]  kunit_try_run_case+0x170/0x3f0
[   18.499595]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.499938]  kthread+0x328/0x630
[   18.500010]  ret_from_fork+0x10/0x20
[   18.500107] 
[   18.500154] freed by task 187 on cpu 1 at 18.496371s (0.003779s ago):
[   18.500254]  kmalloc_uaf_memset+0x11c/0x310
[   18.500317]  kunit_try_run_case+0x170/0x3f0
[   18.500491]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   18.500712]  kthread+0x328/0x630
[   18.500841]  ret_from_fork+0x10/0x20
[   18.500912] 
[   18.501028] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc4 #1 PREEMPT 
[   18.501209] Tainted: [B]=BAD_PAGE, [N]=TEST
[   18.501314] Hardware name: linux,dummy-virt (DT)
[   18.501362] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zGr6Ce6Ri2B5pZnaXSzRDbxhyc

job_id

TEST:linaro@lkft#2zGrALjnpHgW8eWeNu7OhsmdqQI

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zGrALjnpHgW8eWeNu7OhsmdqQI

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zGr7BGRYbYig5LdRleNR5RdPjT/Image.gz
sha256sum	5a02784fbab48390be9171d4f1e523abdd150bc80f088fc7c2fb05b24554e195

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zGr7BGRYbYig5LdRleNR5RdPjT/modules.tar.xz
sha256sum	213360982ceced70a8982889efd2a9532dbadabc32c48aa9381566c7566bb32e

durations

tests

boot	0
kunit	203.39

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit