lkft/linux-mainline-master - v6.16-rc5-224-g379f604cc3dc - log-parser-boot/kasan-bug-kasan-vmalloc-out-of-bounds-in-vmalloc_oob

Date

July 12, 2025, 11:09 a.m.

Environment
qemu-arm64

[   23.346014] ==================================================================
[   23.347748] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x578/0x5d0
[   23.347996] Read of size 1 at addr ffff8000800fe7f3 by task kunit_try_catch/270
[   23.348117] 
[   23.348206] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   23.348425] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.348493] Hardware name: linux,dummy-virt (DT)
[   23.348580] Call trace:
[   23.348640]  show_stack+0x20/0x38 (C)
[   23.348808]  dump_stack_lvl+0x8c/0xd0
[   23.350357]  print_report+0x310/0x608
[   23.350892]  kasan_report+0xdc/0x128
[   23.351452]  __asan_report_load1_noabort+0x20/0x30
[   23.352405]  vmalloc_oob+0x578/0x5d0
[   23.352610]  kunit_try_run_case+0x170/0x3f0
[   23.352877]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.353175]  kthread+0x328/0x630
[   23.353647]  ret_from_fork+0x10/0x20
[   23.354196] 
[   23.354326] The buggy address belongs to the virtual mapping at
[   23.354326]  [ffff8000800fe000, ffff800080100000) created by:
[   23.354326]  vmalloc_oob+0x98/0x5d0
[   23.354482] 
[   23.354541] The buggy address belongs to the physical page:
[   23.354616] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595b
[   23.354742] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   23.355342] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   23.356027] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   23.356141] page dumped because: kasan: bad access detected
[   23.356228] 
[   23.356277] Memory state around the buggy address:
[   23.356365]  ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.357216]  ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.357409] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   23.357511]                                                              ^
[   23.357610]  ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   23.357711]  ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   23.357809] ==================================================================
[   23.363267] ==================================================================
[   23.363391] BUG: KASAN: vmalloc-out-of-bounds in vmalloc_oob+0x51c/0x5d0
[   23.363502] Read of size 1 at addr ffff8000800fe7f8 by task kunit_try_catch/270
[   23.363625] 
[   23.363710] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   23.363928] Tainted: [B]=BAD_PAGE, [N]=TEST
[   23.363990] Hardware name: linux,dummy-virt (DT)
[   23.364071] Call trace:
[   23.364126]  show_stack+0x20/0x38 (C)
[   23.364237]  dump_stack_lvl+0x8c/0xd0
[   23.364344]  print_report+0x310/0x608
[   23.364456]  kasan_report+0xdc/0x128
[   23.366491]  __asan_report_load1_noabort+0x20/0x30
[   23.367109]  vmalloc_oob+0x51c/0x5d0
[   23.367397]  kunit_try_run_case+0x170/0x3f0
[   23.367522]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   23.368048]  kthread+0x328/0x630
[   23.368444]  ret_from_fork+0x10/0x20
[   23.368606] 
[   23.368675] The buggy address belongs to the virtual mapping at
[   23.368675]  [ffff8000800fe000, ffff800080100000) created by:
[   23.368675]  vmalloc_oob+0x98/0x5d0
[   23.369100] 
[   23.369587] The buggy address belongs to the physical page:
[   23.369741] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10595b
[   23.369884] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   23.370019] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   23.370134] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   23.370230] page dumped because: kasan: bad access detected
[   23.371283] 
[   23.371367] Memory state around the buggy address:
[   23.372124]  ffff8000800fe680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.372400]  ffff8000800fe700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.372784] >ffff8000800fe780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 f8
[   23.373182]                                                                 ^
[   23.374072]  ffff8000800fe800: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   23.374190]  ffff8000800fe880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[   23.374285] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zlvaLrZSqyxKLgkP1ikhX5yASN

job_id

TEST:linaro@lkft#2zlverRb5fPdptEkZ6zMvlyzm1I

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zlverRb5fPdptEkZ6zMvlyzm1I

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zlvbiPPzjbfulszSj1CbdZDBg5/Image.gz
sha256sum	c9e48236e89d2de4ae2e1bd084878fc8548c676082f395c1121631c860b60412

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zlvbiPPzjbfulszSj1CbdZDBg5/modules.tar.xz
sha256sum	e24d92e515f54e515d26355283c0915768fc78096b724afb30cb660de602c681

durations

tests

boot	0
kunit	290.68

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit